From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Mon, 16 Dec 2019 14:30:12 +0000 (+0100)
Subject: 5.4-stable patches
X-Git-Tag: v5.4.4~23
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=8b2da39462877f8584b37f97c9ff1af33930cacd;p=thirdparty%2Fkernel%2Fstable-queue.git

5.4-stable patches

added patches:
	ext4-fix-leak-of-quota-reservations.patch
---

diff --git a/queue-5.4/ext4-fix-leak-of-quota-reservations.patch b/queue-5.4/ext4-fix-leak-of-quota-reservations.patch
new file mode 100644
index 00000000000..983a39b37ac
--- /dev/null
+++ b/queue-5.4/ext4-fix-leak-of-quota-reservations.patch
@@ -0,0 +1,60 @@
+From f4c2d372b89a1e504ebb7b7eb3e29b8306479366 Mon Sep 17 00:00:00 2001
+From: Jan Kara <jack@suse.cz>
+Date: Fri, 8 Nov 2019 12:45:11 +0100
+Subject: ext4: fix leak of quota reservations
+
+From: Jan Kara <jack@suse.cz>
+
+commit f4c2d372b89a1e504ebb7b7eb3e29b8306479366 upstream.
+
+Commit 8fcc3a580651 ("ext4: rework reserved cluster accounting when
+invalidating pages") moved freeing of delayed allocation reservations
+from dirty page invalidation time to time when we evict corresponding
+status extent from extent status tree. For inodes which don't have any
+blocks allocated this may actually happen only in ext4_clear_blocks()
+which is after we've dropped references to quota structures from the
+inode. Thus reservation of quota leaked. Fix the problem by clearing
+quota information from the inode only after evicting extent status tree
+in ext4_clear_inode().
+
+Link: https://lore.kernel.org/r/20191108115420.GI20863@quack2.suse.cz
+Reported-by: Konstantin Khlebnikov <khlebnikov@yandex-team.ru>
+Fixes: 8fcc3a580651 ("ext4: rework reserved cluster accounting when invalidating pages")
+Signed-off-by: Jan Kara <jack@suse.cz>
+Signed-off-by: Theodore Ts'o <tytso@mit.edu>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+
+---
+ fs/ext4/ialloc.c |    5 -----
+ fs/ext4/super.c  |    2 +-
+ 2 files changed, 1 insertion(+), 6 deletions(-)
+
+--- a/fs/ext4/ialloc.c
++++ b/fs/ext4/ialloc.c
+@@ -265,13 +265,8 @@ void ext4_free_inode(handle_t *handle, s
+ 	ext4_debug("freeing inode %lu\n", ino);
+ 	trace_ext4_free_inode(inode);
+ 
+-	/*
+-	 * Note: we must free any quota before locking the superblock,
+-	 * as writing the quota to disk may need the lock as well.
+-	 */
+ 	dquot_initialize(inode);
+ 	dquot_free_inode(inode);
+-	dquot_drop(inode);
+ 
+ 	is_directory = S_ISDIR(inode->i_mode);
+ 
+--- a/fs/ext4/super.c
++++ b/fs/ext4/super.c
+@@ -1172,9 +1172,9 @@ void ext4_clear_inode(struct inode *inod
+ {
+ 	invalidate_inode_buffers(inode);
+ 	clear_inode(inode);
+-	dquot_drop(inode);
+ 	ext4_discard_preallocations(inode);
+ 	ext4_es_remove_extent(inode, 0, EXT_MAX_BLOCKS);
++	dquot_drop(inode);
+ 	if (EXT4_I(inode)->jinode) {
+ 		jbd2_journal_release_jbd_inode(EXT4_JOURNAL(inode),
+ 					       EXT4_I(inode)->jinode);
diff --git a/queue-5.4/series b/queue-5.4/series
index f0c2156114b..49e468453ad 100644
--- a/queue-5.4/series
+++ b/queue-5.4/series
@@ -175,3 +175,4 @@ usb-dummy-hcd-increase-max-number-of-devices-to-32.patch
 rtc-disable-uie-before-setting-time-and-enable-after.patch
 splice-only-read-in-as-much-information-as-there-is-pipe-buffer-space.patch
 ext4-fix-a-bug-in-ext4_wait_for_tail_page_commit.patch
+ext4-fix-leak-of-quota-reservations.patch