From: Greg Kroah-Hartman Date: Thu, 13 Oct 2022 09:16:04 +0000 (+0200) Subject: 5.15-stable patches X-Git-Tag: v5.4.218~49 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=21427c939f555e9480f6dd74ca23b68d504f63f2;p=thirdparty%2Fkernel%2Fstable-queue.git 5.15-stable patches added patches: ceph-don-t-truncate-file-in-atomic_open.patch f2fs-invalidate-meta_mapping-before-ipu-dio-write.patch --- diff --git a/queue-5.15/ceph-don-t-truncate-file-in-atomic_open.patch b/queue-5.15/ceph-don-t-truncate-file-in-atomic_open.patch new file mode 100644 index 00000000000..e329a4d0139 --- /dev/null +++ b/queue-5.15/ceph-don-t-truncate-file-in-atomic_open.patch @@ -0,0 +1,52 @@ +From 7cb9994754f8a36ae9e5ec4597c5c4c2d6c03832 Mon Sep 17 00:00:00 2001 +From: Hu Weiwen +Date: Fri, 1 Jul 2022 10:52:27 +0800 +Subject: ceph: don't truncate file in atomic_open + +From: Hu Weiwen + +commit 7cb9994754f8a36ae9e5ec4597c5c4c2d6c03832 upstream. + +Clear O_TRUNC from the flags sent in the MDS create request. + +`atomic_open' is called before permission check. We should not do any +modification to the file here. The caller will do the truncation +afterward. + +Fixes: 124e68e74099 ("ceph: file operations") +Signed-off-by: Hu Weiwen +Reviewed-by: Xiubo Li +Signed-off-by: Ilya Dryomov +[Xiubo: fixed a trivial conflict for 5.19 backport] +Signed-off-by: Xiubo Li +Signed-off-by: Greg Kroah-Hartman +--- + fs/ceph/file.c | 10 +++++++--- + 1 file changed, 7 insertions(+), 3 deletions(-) + +--- a/fs/ceph/file.c ++++ b/fs/ceph/file.c +@@ -703,6 +703,12 @@ int ceph_atomic_open(struct inode *dir, + if (dentry->d_name.len > NAME_MAX) + return -ENAMETOOLONG; + ++ /* ++ * Do not truncate the file, since atomic_open is called before the ++ * permission check. The caller will do the truncation afterward. ++ */ ++ flags &= ~O_TRUNC; ++ + if (flags & O_CREAT) { + if (ceph_quota_is_max_files_exceeded(dir)) + return -EDQUOT; +@@ -770,9 +776,7 @@ retry: + } + + set_bit(CEPH_MDS_R_PARENT_LOCKED, &req->r_req_flags); +- err = ceph_mdsc_do_request(mdsc, +- (flags & (O_CREAT|O_TRUNC)) ? dir : NULL, +- req); ++ err = ceph_mdsc_do_request(mdsc, (flags & O_CREAT) ? dir : NULL, req); + if (err == -ENOENT) { + dentry = ceph_handle_snapdir(req, dentry); + if (IS_ERR(dentry)) { diff --git a/queue-5.15/f2fs-invalidate-meta_mapping-before-ipu-dio-write.patch b/queue-5.15/f2fs-invalidate-meta_mapping-before-ipu-dio-write.patch new file mode 100644 index 00000000000..2befb8c3379 --- /dev/null +++ b/queue-5.15/f2fs-invalidate-meta_mapping-before-ipu-dio-write.patch @@ -0,0 +1,74 @@ +From e3b49ea36802053f312013fd4ccb6e59920a9f76 Mon Sep 17 00:00:00 2001 +From: Hyeong-Jun Kim +Date: Tue, 2 Nov 2021 16:10:02 +0900 +Subject: f2fs: invalidate META_MAPPING before IPU/DIO write + +From: Hyeong-Jun Kim + +commit e3b49ea36802053f312013fd4ccb6e59920a9f76 upstream. + +Encrypted pages during GC are read and cached in META_MAPPING. +However, due to cached pages in META_MAPPING, there is an issue where +newly written pages are lost by IPU or DIO writes. + +Thread A - f2fs_gc() Thread B +/* phase 3 */ +down_write(i_gc_rwsem) +ra_data_block() ---- (a) +up_write(i_gc_rwsem) + f2fs_direct_IO() : + - down_read(i_gc_rwsem) + - __blockdev_direct_io() + - get_data_block_dio_write() + - f2fs_dio_submit_bio() ---- (b) + - up_read(i_gc_rwsem) +/* phase 4 */ +down_write(i_gc_rwsem) +move_data_block() ---- (c) +up_write(i_gc_rwsem) + +(a) In phase 3 of f2fs_gc(), up-to-date page is read from storage and + cached in META_MAPPING. +(b) In thread B, writing new data by IPU or DIO write on same blkaddr as + read in (a). cached page in META_MAPPING become out-dated. +(c) In phase 4 of f2fs_gc(), out-dated page in META_MAPPING is copied to + new blkaddr. In conclusion, the newly written data in (b) is lost. + +To address this issue, invalidating pages in META_MAPPING before IPU or +DIO write. + +Fixes: 6aa58d8ad20a ("f2fs: readahead encrypted block during GC") +Signed-off-by: Hyeong-Jun Kim +Reviewed-by: Chao Yu +Signed-off-by: Jaegeuk Kim a +Signed-off-by: Chao Yu +Signed-off-by: lvgaofei +Signed-off-by: Greg Kroah-Hartman +--- + fs/f2fs/data.c | 2 ++ + fs/f2fs/segment.c | 3 +++ + 2 files changed, 5 insertions(+) + +--- a/fs/f2fs/data.c ++++ b/fs/f2fs/data.c +@@ -1677,6 +1677,8 @@ sync_out: + if (flag == F2FS_GET_BLOCK_DIO && map->m_flags & F2FS_MAP_MAPPED) + f2fs_wait_on_block_writeback_range(inode, + map->m_pblk, map->m_len); ++ invalidate_mapping_pages(META_MAPPING(sbi), ++ map->m_pblk, map->m_pblk); + + if (flag == F2FS_GET_BLOCK_PRECACHE) { + if (map->m_flags & F2FS_MAP_MAPPED) { +--- a/fs/f2fs/segment.c ++++ b/fs/f2fs/segment.c +@@ -3614,6 +3614,9 @@ int f2fs_inplace_write_data(struct f2fs_ + goto drop_bio; + } + ++ invalidate_mapping_pages(META_MAPPING(sbi), ++ fio->new_blkaddr, fio->new_blkaddr); ++ + stat_inc_inplace_blocks(fio->sbi); + + if (fio->bio && !(SM_I(sbi)->ipu_policy & (1 << F2FS_IPU_NOCACHE))) diff --git a/queue-5.15/series b/queue-5.15/series index 2ca2890811d..a7e2bab4b8a 100644 --- a/queue-5.15/series +++ b/queue-5.15/series @@ -2,3 +2,5 @@ nilfs2-fix-null-pointer-dereference-at-nilfs_bmap_lookup_at_level.patch nilfs2-fix-use-after-free-bug-of-struct-nilfs_root.patch nilfs2-fix-leak-of-nilfs_root-in-case-of-writer-thread-creation-failure.patch nilfs2-replace-warn_ons-by-nilfs_error-for-checkpoint-acquisition-failure.patch +f2fs-invalidate-meta_mapping-before-ipu-dio-write.patch +ceph-don-t-truncate-file-in-atomic_open.patch