diff mbox series

[2/2] ext4: use raw i_version value for ea_inode

Message ID 20180426112027.11258-3-guaneryu@gmail.com
State Accepted, archived
Headers show
Series random ext4 ea_inode fixes | expand

Commit Message

Eryu Guan April 26, 2018, 11:20 a.m. UTC 
Currently, creating large xattr (e.g. 2k) in ea_inode would cause
ea_inode refcount corruption, e.g.

  Pass 4: Checking reference counts
  Extended attribute inode 13 ref count is 0, should be 1. Fix? no

This is because that we save the lower 32bit of refcount in
inode->i_version and store it in raw_inode->i_disk_version on disk.
But since commit ee73f9a52a34 ("ext4: convert to new i_version
API"), we load/store modified i_disk_version from/to disk instead of
raw value, which causes on-disk ea_inode refcount corruption.

Fix it by loading/storing raw i_version/i_disk_version, because it's
a self-managed value in this case.

Fixes: ee73f9a52a34 ("ext4: convert to new i_version API")
Cc: Tahsin Erdogan <tahsin@google.com>
Signed-off-by: Eryu Guan <guaneryu@gmail.com>
---
 fs/ext4/inode.c | 24 ++++++++++++++++++++++--
 1 file changed, 22 insertions(+), 2 deletions(-)

Comments

Theodore Ts'o May 10, 2018, 3:56 p.m. UTC | #1 
On Thu, Apr 26, 2018 at 07:20:27PM +0800, Eryu Guan wrote:
> Currently, creating large xattr (e.g. 2k) in ea_inode would cause
> ea_inode refcount corruption, e.g.
> 
>   Pass 4: Checking reference counts
>   Extended attribute inode 13 ref count is 0, should be 1. Fix? no
> 
> This is because that we save the lower 32bit of refcount in
> inode->i_version and store it in raw_inode->i_disk_version on disk.
> But since commit ee73f9a52a34 ("ext4: convert to new i_version
> API"), we load/store modified i_disk_version from/to disk instead of
> raw value, which causes on-disk ea_inode refcount corruption.
> 
> Fix it by loading/storing raw i_version/i_disk_version, because it's
> a self-managed value in this case.
> 
> Fixes: ee73f9a52a34 ("ext4: convert to new i_version API")
> Cc: Tahsin Erdogan <tahsin@google.com>
> Signed-off-by: Eryu Guan <guaneryu@gmail.com>

Applied, thanks.

						- Ted
diff mbox series

Patch

diff --git a/fs/ext4/inode.c b/fs/ext4/inode.c
index 1e50c5efae67..0eb64e8f9602 100644
--- a/fs/ext4/inode.c
+++ b/fs/ext4/inode.c
@@ -4724,6 +4724,26 @@  int ext4_get_projid(struct inode *inode, kprojid_t *projid)
 	return 0;
 }
 
+/*
+ * ext4 has self-managed i_version for ea inodes, it stores the lower 32bit of
+ * refcount in i_version, so use raw values if inode has EXT4_EA_INODE_FL flag
+ * set.
+ */
+static inline void ext4_inode_set_iversion_queried(struct inode *inode, u64 val)
+{
+	if (unlikely(EXT4_I(inode)->i_flags & EXT4_EA_INODE_FL))
+		inode_set_iversion_raw(inode, val);
+	else
+		inode_set_iversion_queried(inode, val);
+}
+static inline u64 ext4_inode_peek_iversion(const struct inode *inode)
+{
+	if (unlikely(EXT4_I(inode)->i_flags & EXT4_EA_INODE_FL))
+		return inode_peek_iversion_raw(inode);
+	else
+		return inode_peek_iversion(inode);
+}
+
 struct inode *ext4_iget(struct super_block *sb, unsigned long ino)
 {
 	struct ext4_iloc iloc;
@@ -4910,7 +4930,7 @@  struct inode *ext4_iget(struct super_block *sb, unsigned long ino)
 				ivers |=
 		    (__u64)(le32_to_cpu(raw_inode->i_version_hi)) << 32;
 		}
-		inode_set_iversion_queried(inode, ivers);
+		ext4_inode_set_iversion_queried(inode, ivers);
 	}
 
 	ret = 0;
@@ -5196,7 +5216,7 @@  static int ext4_do_update_inode(handle_t *handle,
 	}
 
 	if (likely(!test_opt2(inode->i_sb, HURD_COMPAT))) {
-		u64 ivers = inode_peek_iversion(inode);
+		u64 ivers = ext4_inode_peek_iversion(inode);
 
 		raw_inode->i_disk_version = cpu_to_le32(ivers);
 		if (ei->i_extra_isize) {