From ee69af8a999f515d699bcd7bfba95a7d104a9648 Mon Sep 17 00:00:00 2001 From: Sasha Levin Date: Wed, 15 Nov 2023 09:37:38 -0500 Subject: [PATCH] Fixes for 6.6 Signed-off-by: Sasha Levin --- ..._logical_ret-parameter-mandatory-for.patch | 107 ++++++++++++++++++ ...r-buffer-sizes-in-the-tree-search-io.patch | 77 +++++++++++++ queue-6.6/series | 2 + 3 files changed, 186 insertions(+) create mode 100644 queue-6.6/btrfs-make-found_logical_ret-parameter-mandatory-for.patch create mode 100644 queue-6.6/btrfs-use-u64-for-buffer-sizes-in-the-tree-search-io.patch diff --git a/queue-6.6/btrfs-make-found_logical_ret-parameter-mandatory-for.patch b/queue-6.6/btrfs-make-found_logical_ret-parameter-mandatory-for.patch new file mode 100644 index 00000000000..f3e75835384 --- /dev/null +++ b/queue-6.6/btrfs-make-found_logical_ret-parameter-mandatory-for.patch @@ -0,0 +1,107 @@ +From 6ad244d326948613e17b00fe43ccf27cff206cce Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Sat, 28 Oct 2023 13:28:45 +1030 +Subject: btrfs: make found_logical_ret parameter mandatory for function + queue_scrub_stripe() +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +From: Qu Wenruo + +[ Upstream commit 47e2b06b7b5cb356a987ba3429550c3a89ea89d6 ] + +[BUG] +There is a compilation warning reported on commit ae76d8e3e135 ("btrfs: +scrub: fix grouping of read IO"), where gcc (14.0.0 20231022 experimental) +is reporting the following uninitialized variable: + + fs/btrfs/scrub.c: In function ‘scrub_simple_mirror.isra’: + fs/btrfs/scrub.c:2075:29: error: ‘found_logical’ may be used uninitialized [-Werror=maybe-uninitialized[https://gcc.gnu.org/onlinedocs/gcc/Warning-Options.html#index-Wmaybe-uninitialized]] + 2075 | cur_logical = found_logical + BTRFS_STRIPE_LEN; + fs/btrfs/scrub.c:2040:21: note: ‘found_logical’ was declared here + 2040 | u64 found_logical; + | ^~~~~~~~~~~~~ + +[CAUSE] +This is a false alert, as @found_logical is passed as parameter +@found_logical_ret of function queue_scrub_stripe(). + +As long as queue_scrub_stripe() returned 0, we would update +@found_logical_ret. And if queue_scrub_stripe() returned >0 or <0, the +caller would not utilized @found_logical, thus there should be nothing +wrong. + +Although the triggering gcc is still experimental, it looks like the +extra check on "if (found_logical_ret)" can sometimes confuse the +compiler. + +Meanwhile the only caller of queue_scrub_stripe() is always passing a +valid pointer, there is no need for such check at all. + +[FIX] +Although the report itself is a false alert, we can still make it more +explicit by: + +- Replace the check for @found_logical_ret with ASSERT() + +- Initialize @found_logical to U64_MAX + +- Add one extra ASSERT() to make sure @found_logical got updated + +Link: https://lore.kernel.org/linux-btrfs/87fs1x1p93.fsf@gentoo.org/ +Fixes: ae76d8e3e135 ("btrfs: scrub: fix grouping of read IO") +Reviewed-by: Anand Jain +Signed-off-by: Qu Wenruo +Reviewed-by: David Sterba +Signed-off-by: David Sterba +Signed-off-by: Sasha Levin +--- + fs/btrfs/scrub.c | 10 +++++++--- + 1 file changed, 7 insertions(+), 3 deletions(-) + +diff --git a/fs/btrfs/scrub.c b/fs/btrfs/scrub.c +index b877203f1dc5a..4445a52a07076 100644 +--- a/fs/btrfs/scrub.c ++++ b/fs/btrfs/scrub.c +@@ -1798,6 +1798,9 @@ static int queue_scrub_stripe(struct scrub_ctx *sctx, struct btrfs_block_group * + */ + ASSERT(sctx->cur_stripe < SCRUB_TOTAL_STRIPES); + ++ /* @found_logical_ret must be specified. */ ++ ASSERT(found_logical_ret); ++ + stripe = &sctx->stripes[sctx->cur_stripe]; + scrub_reset_stripe(stripe); + ret = scrub_find_fill_first_stripe(bg, &sctx->extent_path, +@@ -1806,8 +1809,7 @@ static int queue_scrub_stripe(struct scrub_ctx *sctx, struct btrfs_block_group * + /* Either >0 as no more extents or <0 for error. */ + if (ret) + return ret; +- if (found_logical_ret) +- *found_logical_ret = stripe->logical; ++ *found_logical_ret = stripe->logical; + sctx->cur_stripe++; + + /* We filled one group, submit it. */ +@@ -2010,7 +2012,7 @@ static int scrub_simple_mirror(struct scrub_ctx *sctx, + + /* Go through each extent items inside the logical range */ + while (cur_logical < logical_end) { +- u64 found_logical; ++ u64 found_logical = U64_MAX; + u64 cur_physical = physical + cur_logical - logical_start; + + /* Canceled? */ +@@ -2045,6 +2047,8 @@ static int scrub_simple_mirror(struct scrub_ctx *sctx, + if (ret < 0) + break; + ++ /* queue_scrub_stripe() returned 0, @found_logical must be updated. */ ++ ASSERT(found_logical != U64_MAX); + cur_logical = found_logical + BTRFS_STRIPE_LEN; + + /* Don't hold CPU for too long time */ +-- +2.42.0 + diff --git a/queue-6.6/btrfs-use-u64-for-buffer-sizes-in-the-tree-search-io.patch b/queue-6.6/btrfs-use-u64-for-buffer-sizes-in-the-tree-search-io.patch new file mode 100644 index 00000000000..052af3af49f --- /dev/null +++ b/queue-6.6/btrfs-use-u64-for-buffer-sizes-in-the-tree-search-io.patch @@ -0,0 +1,77 @@ +From 977f5a8b918e6dc72ca753e070f9721e22c7c4ab Mon Sep 17 00:00:00 2001 +From: Sasha Levin +Date: Fri, 13 Oct 2023 10:05:48 +0100 +Subject: btrfs: use u64 for buffer sizes in the tree search ioctls + +From: Filipe Manana + +[ Upstream commit dec96fc2dcb59723e041416b8dc53e011b4bfc2e ] + +In the tree search v2 ioctl we use the type size_t, which is an unsigned +long, to track the buffer size in the local variable 'buf_size'. An +unsigned long is 32 bits wide on a 32 bits architecture. The buffer size +defined in struct btrfs_ioctl_search_args_v2 is a u64, so when we later +try to copy the local variable 'buf_size' to the argument struct, when +the search returns -EOVERFLOW, we copy only 32 bits which will be a +problem on big endian systems. + +Fix this by using a u64 type for the buffer sizes, not only at +btrfs_ioctl_tree_search_v2(), but also everywhere down the call chain +so that we can use the u64 at btrfs_ioctl_tree_search_v2(). + +Fixes: cc68a8a5a433 ("btrfs: new ioctl TREE_SEARCH_V2") +Reported-by: Dan Carpenter +Link: https://lore.kernel.org/linux-btrfs/ce6f4bd6-9453-4ffe-ba00-cee35495e10f@moroto.mountain/ +Signed-off-by: Filipe Manana +Reviewed-by: David Sterba +Signed-off-by: David Sterba +Signed-off-by: Sasha Levin +--- + fs/btrfs/ioctl.c | 10 +++++----- + 1 file changed, 5 insertions(+), 5 deletions(-) + +diff --git a/fs/btrfs/ioctl.c b/fs/btrfs/ioctl.c +index 8e7d03bc1b565..200dd780bc06f 100644 +--- a/fs/btrfs/ioctl.c ++++ b/fs/btrfs/ioctl.c +@@ -1528,7 +1528,7 @@ static noinline int key_in_sk(struct btrfs_key *key, + static noinline int copy_to_sk(struct btrfs_path *path, + struct btrfs_key *key, + struct btrfs_ioctl_search_key *sk, +- size_t *buf_size, ++ u64 *buf_size, + char __user *ubuf, + unsigned long *sk_offset, + int *num_found) +@@ -1660,7 +1660,7 @@ static noinline int copy_to_sk(struct btrfs_path *path, + + static noinline int search_ioctl(struct inode *inode, + struct btrfs_ioctl_search_key *sk, +- size_t *buf_size, ++ u64 *buf_size, + char __user *ubuf) + { + struct btrfs_fs_info *info = btrfs_sb(inode->i_sb); +@@ -1733,7 +1733,7 @@ static noinline int btrfs_ioctl_tree_search(struct inode *inode, + struct btrfs_ioctl_search_args __user *uargs = argp; + struct btrfs_ioctl_search_key sk; + int ret; +- size_t buf_size; ++ u64 buf_size; + + if (!capable(CAP_SYS_ADMIN)) + return -EPERM; +@@ -1763,8 +1763,8 @@ static noinline int btrfs_ioctl_tree_search_v2(struct inode *inode, + struct btrfs_ioctl_search_args_v2 __user *uarg = argp; + struct btrfs_ioctl_search_args_v2 args; + int ret; +- size_t buf_size; +- const size_t buf_limit = SZ_16M; ++ u64 buf_size; ++ const u64 buf_limit = SZ_16M; + + if (!capable(CAP_SYS_ADMIN)) + return -EPERM; +-- +2.42.0 + diff --git a/queue-6.6/series b/queue-6.6/series index c09698a19eb..ec7b108b10f 100644 --- a/queue-6.6/series +++ b/queue-6.6/series @@ -595,3 +595,5 @@ tracing-kprobes-fix-the-order-of-argument-descriptio.patch eventfs-check-for-null-ef-in-eventfs_set_attr.patch selftests-mptcp-run-userspace-pm-tests-slower.patch selftests-mptcp-fix-wait_rm_addr-sf-parameters.patch +btrfs-use-u64-for-buffer-sizes-in-the-tree-search-io.patch +btrfs-make-found_logical_ret-parameter-mandatory-for.patch -- 2.47.3