• Zhihao Cheng's avatar
    ubifs: Fix space leak when powercut happens in linking tmpfile · b25e6a5f
    Zhihao Cheng authored
    There is a potential space leak problem when powercut happens in linking
    tmpfile, in which case, inode node (with nlink=0) and its' data nodes can
    be found from tnc (on flash), but there are no dentries related to the
    inode, so the file is invisible but takes free space. Detailed process is
    shown as:
     ubifs_tmpfile
      ubifs_jnl_update // Add bud A into log area
       ubifs_add_orphan // Add inode into orphan list
    
         P1             P2
     ubifs_link
      ubifs_delete_orphan // Delete inode from orphan list, then inode won't
    		      // be written into orphan area, there is no chance
    		      // to delete inode by replaying orphan.
                    commit // bud A won't be replayed in next mounting
       >> powercut <<
      ubifs_jnl_update // Link inode to dentry
    
    The root cause is that orphan entry deletion and journal writing(for link)
    are interrupted by commit, which makes the two operations are not atomic.
    Fix it by doing ubifs_delete_orphan under the protection of c->commit_sem
    within ubifs_jnl_update. This is also a preparation to support all creating
    new files by orphan inode.
    
    v1 is https://lore.kernel.org/linux-mtd/20200701093227.674945-1-chengzhihao1@huawei.com/
    
    Fixes: 32fe905c ("ubifs: Fix O_TMPFILE corner case in ubifs_link()")
    Link: https://bugzilla.kernel.org/show_bug.cgi?id=208405Signed-off-by: default avatarZhihao Cheng <chengzhihao1@huawei.com>
    Signed-off-by: default avatarRichard Weinberger <richard@nod.at>
    b25e6a5f
dir.c 44.3 KB