1. 23 Mar, 2016 4 commits
    • Jan Kara's avatar
      ext4: fix races of writeback with punch hole and zero range · f2b13259
      Jan Kara authored
      When doing delayed allocation, update of on-disk inode size is postponed
      until IO submission time. However hole punch or zero range fallocate
      calls can end up discarding the tail page cache page and thus on-disk
      inode size would never be properly updated.
      
      Make sure the on-disk inode size is updated before truncating page
      cache.
      Signed-off-by: default avatarJan Kara <jack@suse.com>
      Signed-off-by: default avatarTheodore Ts'o <tytso@mit.edu>
      Reviewed-by: default avatarMingming Cao <mingming.cao@oracle.com>
      Signed-off-by: default avatarSasha Levin <sasha.levin@oracle.com>
      f2b13259
    • Jan Kara's avatar
      ext4: fix races between buffered IO and collapse / insert range · 181aaebd
      Jan Kara authored
      Current code implementing FALLOC_FL_COLLAPSE_RANGE and
      FALLOC_FL_INSERT_RANGE is prone to races with buffered writes and page
      faults. If buffered write or write via mmap manages to squeeze between
      filemap_write_and_wait_range() and truncate_pagecache() in the fallocate
      implementations, the written data is simply discarded by
      truncate_pagecache() although it should have been shifted.
      
      Fix the problem by moving filemap_write_and_wait_range() call inside
      i_mutex and i_mmap_sem. That way we are protected against races with
      both buffered writes and page faults.
      Signed-off-by: default avatarJan Kara <jack@suse.com>
      Signed-off-by: default avatarTheodore Ts'o <tytso@mit.edu>
      Reviewed-by: default avatarMingming Cao <mingming.cao@oracle.com>
      Signed-off-by: default avatarSasha Levin <sasha.levin@oracle.com>
      181aaebd
    • Jan Kara's avatar
      ext4: move unlocked dio protection from ext4_alloc_file_blocks() · 9621787d
      Jan Kara authored
      Currently ext4_alloc_file_blocks() was handling protection against
      unlocked DIO. However we now need to sometimes call it under i_mmap_sem
      and sometimes not and DIO protection ranks above it (although strictly
      speaking this cannot currently create any deadlocks). Also
      ext4_zero_range() was actually getting & releasing unlocked DIO
      protection twice in some cases. Luckily it didn't introduce any real bug
      but it was a land mine waiting to be stepped on.  So move DIO protection
      out from ext4_alloc_file_blocks() into the two callsites.
      Signed-off-by: default avatarJan Kara <jack@suse.com>
      Signed-off-by: default avatarTheodore Ts'o <tytso@mit.edu>
      Reviewed-by: default avatarMingming Cao <mingming.cao@oracle.com>
      Signed-off-by: default avatarSasha Levin <sasha.levin@oracle.com>
      9621787d
    • Jan Kara's avatar
      ext4: fix races between page faults and hole punching · 248766f0
      Jan Kara authored
      Currently, page faults and hole punching are completely unsynchronized.
      This can result in page fault faulting in a page into a range that we
      are punching after truncate_pagecache_range() has been called and thus
      we can end up with a page mapped to disk blocks that will be shortly
      freed. Filesystem corruption will shortly follow. Note that the same
      race is avoided for truncate by checking page fault offset against
      i_size but there isn't similar mechanism available for punching holes.
      
      Fix the problem by creating new rw semaphore i_mmap_sem in inode and
      grab it for writing over truncate, hole punching, and other functions
      removing blocks from extent tree and for read over page faults. We
      cannot easily use i_data_sem for this since that ranks below transaction
      start and we need something ranking above it so that it can be held over
      the whole truncate / hole punching operation. Also remove various
      workarounds we had in the code to reduce race window when page fault
      could have created pages with stale mapping information.
      Signed-off-by: default avatarJan Kara <jack@suse.com>
      Signed-off-by: default avatarTheodore Ts'o <tytso@mit.edu>
      Reviewed-by: default avatarMingming Cao <mingming.cao@oracle.com>
      Signed-off-by: default avatarSasha Levin <sasha.levin@oracle.com>
      248766f0
  2. 22 Mar, 2016 26 commits
  3. 18 Mar, 2016 10 commits