From patchwork Sat Jun 24 00:37:21 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Ernesto_A=2E_Fern=C3=A1ndez?= X-Patchwork-Id: 780319 Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 3wvbxk5GCGz9s87 for ; Sat, 24 Jun 2017 10:37:30 +1000 (AEST) Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.b="Fn+TILZC"; dkim-atps=neutral Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754336AbdFXAh2 (ORCPT ); Fri, 23 Jun 2017 20:37:28 -0400 Received: from mail-qk0-f195.google.com ([209.85.220.195]:34090 "EHLO mail-qk0-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1754075AbdFXAh0 (ORCPT ); Fri, 23 Jun 2017 20:37:26 -0400 Received: by mail-qk0-f195.google.com with SMTP id 91so2377768qkq.1 for ; Fri, 23 Jun 2017 17:37:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=date:from:to:subject:message-id:mime-version:content-disposition :content-transfer-encoding; bh=ChdxkSL9UHBTUeK2kzklCFvhuVCRxEQBdoNWvLrOy4M=; b=Fn+TILZCyvX9CqRsdjbaEZLI764hqx3fAw3xuqotHDFo1soRWkOXNhI4sfRFjsy2qJ tl0+9q0ctEzTStlGMiRDXTmaksLliLjFnq69fRycWyPXwJSjqeMm1Qpv48jppZeIj3EV xA6ohM94wcGqpvXJ/Mwx25ZHPpKY3ddRxWJl0LQVi491EWKJOUZEfYhMNznHj1eKbncb 3JnBu36PVgTrCpx4FWw7Aid1NDRfobRJp1V2yA1evRhkWoEvXC14Qhy0Eam2/+nz5FEY IhRHoHYqEVSnuXrxMpcm53hUBWZBG2AoicNm/cDV/MwiVPThGjpM12rzM7GtegIL+Stg sEJQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:subject:message-id:mime-version :content-disposition:content-transfer-encoding; bh=ChdxkSL9UHBTUeK2kzklCFvhuVCRxEQBdoNWvLrOy4M=; b=kVrskuXW1jk1pZJCNixjxLIthIDHDWPO8jYI134Ya2gSmSVuDgCoJ6YZAeaEQFxSze pedKUl7gun/lh+A6JtkRocmyXUo956oFLRXmQPq7i/k4dlg5RBTB06s0SWlTW1r+0FLy mEfL69g1D1q4HCx+C7+tKVB+o5lNmUUpZj/wLW+dh3RRU7cvm4X8kx+ul/yGqaQxz8DI SXNs2RxSeatwqEkHe0dvA/+sAWbUiedZEoTzMyuTOAbiJT1Nv8JkM0aQG0kTErs+Qjts 7xZEAm5yZOsRrYLU81S/HSJ0ajTCHxsdx0Z/rHtAJ1sG9YjtzMHEwrvEZr14wN7f5sxR kc9Q== X-Gm-Message-State: AKS2vOxcSiKAy22DFPcwbRBItBx7/JzOiC19SbojEIFvouT8EW8Eqw58 b57iwRdxjIeL1eVDXGU= X-Received: by 10.55.95.194 with SMTP id t185mr11949887qkb.119.1498264645190; Fri, 23 Jun 2017 17:37:25 -0700 (PDT) Received: from debian.home ([181.47.57.141]) by smtp.gmail.com with ESMTPSA id q27sm4694558qtq.58.2017.06.23.17.37.24 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 23 Jun 2017 17:37:25 -0700 (PDT) Date: Fri, 23 Jun 2017 21:37:21 -0300 From: Ernesto =?utf-8?Q?A=2E_Fern=C3=A1ndez?= To: jack@suse.com, linux-ext4@vger.kernel.org Subject: [PATCH] ext2: Fix memory leak when truncate races ext2_get_blocks Message-ID: <20170624003719.GA5670@debian.home> MIME-Version: 1.0 Content-Disposition: inline Sender: linux-ext4-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-ext4@vger.kernel.org Buffer heads referencing indirect blocks may not be released if the file is truncated at the right time. This happens because ext2_get_branch() returns NULL when it finds the whole chain of indirect blocks already set, and when truncate alters the chain this value of NULL is treated as the address of the last head to be released. Handle this in the same way as it's done after the got_it label. Signed-off-by: Ernesto A. Fernández --- Despite trying I haven't actually managed to trigger this race. I tested the patch by inducing regular failures in verify_chain(). fs/ext2/inode.c | 1 + 1 file changed, 1 insertion(+) diff --git a/fs/ext2/inode.c b/fs/ext2/inode.c index 2dcbd56..30163d0 100644 --- a/fs/ext2/inode.c +++ b/fs/ext2/inode.c @@ -659,6 +659,7 @@ static int ext2_get_blocks(struct inode *inode, */ err = -EAGAIN; count = 0; + partial = chain + depth - 1; break; } blk = le32_to_cpu(*(chain[depth-1].p + count));