LU-9384 ldiskfs: extra patch for changing extra isize

[fs/lustre-release.git] / ldiskfs / kernel_patches / patches / rhel7 / ext4-fix-xattr-shifting-when-expanding-inodes.patch

From d0141191a20289f8955c1e03dad08e42e6f71ca9 Mon Sep 17 00:00:00 2001
From: Jan Kara <jack@suse.cz>
Date: Thu, 11 Aug 2016 11:50:30 -0400
Subject: [PATCH] ext4: fix xattr shifting when expanding inodes

The code in ext4_expand_extra_isize_ea() treated new_extra_isize
argument sometimes as the desired target i_extra_isize and sometimes as
the amount by which we need to grow current i_extra_isize. These happen
to coincide when i_extra_isize is 0 which used to be the common case and
so nobody noticed this until recently when we added i_projid to the
inode and so i_extra_isize now needs to grow from 28 to 32 bytes.

The result of these bugs was that we sometimes unnecessarily decided to
move xattrs out of inode even if there was enough space and we often
ended up corrupting in-inode xattrs because arguments to
ext4_xattr_shift_entries() were just wrong. This could demonstrate
itself as BUG_ON in ext4_xattr_shift_entries() triggering.

Fix the problem by introducing new isize_diff variable and use it where
appropriate.

CC: stable@vger.kernel.org   # 4.4.x
Reported-by: Dave Chinner <david@fromorbit.com>
Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
---
 fs/ext4/xattr.c | 27 ++++++++++++++-------------
 1 file changed, 14 insertions(+), 13 deletions(-)

diff --git a/fs/ext4/xattr.c b/fs/ext4/xattr.c
index 39e9cfb..cb1d7b4 100644
--- a/fs/ext4/xattr.c
+++ b/fs/ext4/xattr.c
@@ -1353,15 +1353,17 @@ int ext4_expand_extra_isize_ea(struct inode *inode, int new_extra_isize,
        size_t min_offs, free;
        int total_ino;
        void *base, *start, *end;
-       int extra_isize = 0, error = 0, tried_min_extra_isize = 0;
+       int error = 0, tried_min_extra_isize = 0;
        int s_min_extra_isize = le16_to_cpu(EXT4_SB(inode->i_sb)->s_es->s_min_extra_isize);
+       int isize_diff; /* How much do we need to grow i_extra_isize */
 
        down_write(&EXT4_I(inode)->xattr_sem);
        /*
         * Set EXT4_STATE_NO_EXPAND to avoid recursion when marking inode dirty
         */
        ext4_set_inode_state(inode, EXT4_STATE_NO_EXPAND);
 retry:
+       isize_diff = new_extra_isize - EXT4_I(inode)->i_extra_isize;
        if (EXT4_I(inode)->i_extra_isize >= new_extra_isize)
                goto out;

@@ -1382,7 +1384,7 @@ int ext4_expand_extra_isize_ea(struct inode *inode, int new_extra_isize,
                goto cleanup;
 
        free = ext4_xattr_free_space(last, &min_offs, base, &total_ino);
-       if (free >= new_extra_isize) {
+       if (free >= isize_diff) {
                entry = IFIRST(header);
                ext4_xattr_shift_entries(entry, EXT4_I(inode)->i_extra_isize
                                - new_extra_isize, (void *)raw_inode +
@@ -1414,7 +1416,7 @@ int ext4_expand_extra_isize_ea(struct inode *inode, int new_extra_isize,
                end = bh->b_data + bh->b_size;
                min_offs = end - base;
                free = ext4_xattr_free_space(first, &min_offs, base, NULL);
-               if (free < new_extra_isize) {
+               if (free < isize_diff) {
                        if (!tried_min_extra_isize && s_min_extra_isize) {
                                tried_min_extra_isize++;
                                new_extra_isize = s_min_extra_isize;
@@ -1428,7 +1430,7 @@ int ext4_expand_extra_isize_ea(struct inode *inode, int new_extra_isize,
                free = inode->i_sb->s_blocksize;
        }
 
-       while (new_extra_isize > 0) {
+       while (isize_diff > 0) {
                size_t offs, size, entry_size;
                struct ext4_xattr_entry *small_entry = NULL;
                struct ext4_xattr_info i = {
@@ -1459,7 +1461,7 @@ int ext4_expand_extra_isize_ea(struct inode *inode, int new_extra_isize,
                        EXT4_XATTR_SIZE(le32_to_cpu(last->e_value_size)) +
                                        EXT4_XATTR_LEN(last->e_name_len);
                        if (total_size <= free && total_size < min_total_size) {
-                               if (total_size < new_extra_isize) {
+                               if (total_size < isize_diff) {
                                        small_entry = last;
                                } else {
                                        entry = last;
@@ -1516,20 +1518,19 @@ int ext4_expand_extra_isize_ea(struct inode *inode, int new_extra_isize,
                        goto cleanup;
 
                entry = IFIRST(header);
-               if (entry_size + EXT4_XATTR_SIZE(size) >= new_extra_isize)
-                       shift_bytes = new_extra_isize;
+               if (entry_size + EXT4_XATTR_SIZE(size) >= isize_diff)
+                       shift_bytes = isize_diff;
                else
                        shift_bytes = entry_size + size;
                /* Adjust the offsets and shift the remaining entries ahead */
-               ext4_xattr_shift_entries(entry, EXT4_I(inode)->i_extra_isize -
-                       shift_bytes, (void *)raw_inode +
-                       EXT4_GOOD_OLD_INODE_SIZE + extra_isize + shift_bytes,
+               ext4_xattr_shift_entries(entry, -shift_bytes,
+                       (void *)raw_inode + EXT4_GOOD_OLD_INODE_SIZE +
+                       EXT4_I(inode)->i_extra_isize + shift_bytes,
                        (void *)header, total_ino - entry_size,
                        inode->i_sb->s_blocksize);
 
-               extra_isize += shift_bytes;
-               new_extra_isize -= shift_bytes;
-               EXT4_I(inode)->i_extra_isize = extra_isize;
+               isize_diff -= shift_bytes;
+               EXT4_I(inode)->i_extra_isize += shift_bytes;
 
                i.name = b_entry_name;
                i.value = buffer;
-- 
2.9.3

From 418c12d08dc64a45107c467ec1ba29b5e69b0715 Mon Sep 17 00:00:00 2001
From: Jan Kara <jack@suse.cz>
Date: Thu, 11 Aug 2016 11:58:32 -0400
Subject: [PATCH] ext4: fix xattr shifting when expanding inodes part 2

When multiple xattrs need to be moved out of inode, we did not properly
recompute total size of xattr headers in the inode and the new header
position. Thus when moving the second and further xattr we asked
ext4_xattr_shift_entries() to move too much and from the wrong place,
resulting in possible xattr value corruption or general memory
corruption.

CC: stable@vger.kernel.org  # 4.4.x
Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
---
 fs/ext4/xattr.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/fs/ext4/xattr.c b/fs/ext4/xattr.c
index cb1d7b4..b18b1ff 100644
--- a/fs/ext4/xattr.c
+++ b/fs/ext4/xattr.c
@@ -1516,6 +1516,7 @@ int ext4_expand_extra_isize_ea(struct inode *inode, int new_extra_isize,
                error = ext4_xattr_ibody_set(handle, inode, &i, is);
                if (error)
                        goto cleanup;
+               total_ino -= entry_size;
 
                entry = IFIRST(header);
                if (entry_size + EXT4_XATTR_SIZE(size) >= isize_diff)
@@ -1526,11 +1527,11 @@ int ext4_expand_extra_isize_ea(struct inode *inode, int new_extra_isize,
                ext4_xattr_shift_entries(entry, -shift_bytes,
                        (void *)raw_inode + EXT4_GOOD_OLD_INODE_SIZE +
                        EXT4_I(inode)->i_extra_isize + shift_bytes,
-                       (void *)header, total_ino - entry_size,
-                       inode->i_sb->s_blocksize);
+                       (void *)header, total_ino, inode->i_sb->s_blocksize);
 
                isize_diff -= shift_bytes;
                EXT4_I(inode)->i_extra_isize += shift_bytes;
+               header = IHDR(inode, raw_inode);
 
                i.name = b_entry_name;
                i.value = buffer;
-- 
2.9.3

From 443a8c41cd49de66a3fda45b32b9860ea0292b84 Mon Sep 17 00:00:00 2001
From: Jan Kara <jack@suse.cz>
Date: Thu, 11 Aug 2016 12:00:01 -0400
Subject: [PATCH] ext4: properly align shifted xattrs when expanding inodes

We did not count with the padding of xattr value when computing desired
shift of xattrs in the inode when expanding i_extra_isize. As a result
we could create unaligned start of inline xattrs. Account for alignment
properly.

CC: stable@vger.kernel.org  # 4.4.x-
Signed-off-by: Jan Kara <jack@suse.cz>
---
 fs/ext4/xattr.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/fs/ext4/xattr.c b/fs/ext4/xattr.c
index b18b1ff..c893f00 100644
--- a/fs/ext4/xattr.c
+++ b/fs/ext4/xattr.c
@@ -1522,7 +1522,7 @@ int ext4_expand_extra_isize_ea(struct inode *inode, int new_extra_isize,
                if (entry_size + EXT4_XATTR_SIZE(size) >= isize_diff)
                        shift_bytes = isize_diff;
                else
-                       shift_bytes = entry_size + size;
+                       shift_bytes = entry_size + EXT4_XATTR_SIZE(size);
                /* Adjust the offsets and shift the remaining entries ahead */
                ext4_xattr_shift_entries(entry, -shift_bytes,
                        (void *)raw_inode + EXT4_GOOD_OLD_INODE_SIZE +
-- 
2.9.3

From e3014d14a81edde488d9a6758eea8afc41752d2d Mon Sep 17 00:00:00 2001
From: Jan Kara <jack@suse.cz>
Date: Mon, 29 Aug 2016 15:38:11 -0400
Subject: [PATCH] ext4: fixup free space calculations when expanding inodes

Conditions checking whether there is enough free space in an xattr block
and when xattr is large enough to make enough space in the inode forgot
to account for the fact that inode need not be completely filled up with
xattrs. Thus we could move unnecessarily many xattrs out of inode or
even falsely claim there is not enough space to expand the inode. We
also forgot to update the amount of free space in xattr block when moving
more xattrs and thus could decide to move too big xattr resulting in
unexpected failure.

Fix these problems by properly updating free space in the inode and
xattr block as we move xattrs. To simplify the math, avoid shifting
xattrs after removing each one xattr and instead just shift xattrs only
once there is enough free space in the inode.

Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
---
 fs/ext4/xattr.c | 58 ++++++++++++++++++++++++---------------------------------
 1 file changed, 24 insertions(+), 34 deletions(-)

diff --git a/fs/ext4/xattr.c b/fs/ext4/xattr.c
index 2eb935c..22d2ebc 100644
--- a/fs/ext4/xattr.c
+++ b/fs/ext4/xattr.c
@@ -1350,7 +1350,8 @@ int ext4_expand_extra_isize_ea(struct inode *inode, int new_extra_isize,
        struct ext4_xattr_ibody_find *is = NULL;
        struct ext4_xattr_block_find *bs = NULL;
        char *buffer = NULL, *b_entry_name = NULL;
-       size_t min_offs, free;
+       size_t min_offs;
+       size_t ifree, bfree;
        int total_ino;
        void *base, *start, *end;
        int error = 0, tried_min_extra_isize = 0;
@@ -1385,17 +1386,9 @@ int ext4_expand_extra_isize_ea(struct inode *inode, int new_extra_isize,
        if (error)
                goto cleanup;
 
-       free = ext4_xattr_free_space(last, &min_offs, base, &total_ino);
-       if (free >= isize_diff) {
-               entry = IFIRST(header);
-               ext4_xattr_shift_entries(entry, EXT4_I(inode)->i_extra_isize
-                               - new_extra_isize, (void *)raw_inode +
-                               EXT4_GOOD_OLD_INODE_SIZE + new_extra_isize,
-                               (void *)header, total_ino,
-                               inode->i_sb->s_blocksize);
-               EXT4_I(inode)->i_extra_isize = new_extra_isize;
-               goto out;
-       }
+       ifree = ext4_xattr_free_space(last, &min_offs, base, &total_ino);
+       if (ifree >= isize_diff)
+               goto shift;
 
        /*
         * Enough free space isn't available in the inode, check if
@@ -1416,8 +1409,8 @@ int ext4_expand_extra_isize_ea(struct inode *inode, int new_extra_isize,
                first = BFIRST(bh);
                end = bh->b_data + bh->b_size;
                min_offs = end - base;
-               free = ext4_xattr_free_space(first, &min_offs, base, NULL);
-               if (free < isize_diff) {
+               bfree = ext4_xattr_free_space(first, &min_offs, base, NULL);
+               if (bfree + ifree < isize_diff) {
                        if (!tried_min_extra_isize && s_min_extra_isize) {
                                tried_min_extra_isize++;
                                new_extra_isize = s_min_extra_isize;
@@ -1428,10 +1421,10 @@ int ext4_expand_extra_isize_ea(struct inode *inode, int new_extra_isize,
                        goto cleanup;
                }
        } else {
-               free = inode->i_sb->s_blocksize;
+               bfree = inode->i_sb->s_blocksize;
        }
 
-       while (isize_diff > 0) {
+       while (isize_diff > ifree) {
                size_t offs, size, entry_size;
                struct ext4_xattr_entry *small_entry = NULL;
                struct ext4_xattr_info i = {
@@ -1439,7 +1432,6 @@ int ext4_expand_extra_isize_ea(struct inode *inode, int new_extra_isize,
                        .value_len = 0,
                };
                unsigned int total_size;  /* EA entry size + value size */
-               unsigned int shift_bytes; /* No. of bytes to shift EAs by? */
                unsigned int min_total_size = ~0U;
 
                is = kzalloc(sizeof(struct ext4_xattr_ibody_find), GFP_NOFS);
@@ -1461,8 +1453,9 @@ int ext4_expand_extra_isize_ea(struct inode *inode, int new_extra_isize,
                        total_size =
                        EXT4_XATTR_SIZE(le32_to_cpu(last->e_value_size)) +
                                        EXT4_XATTR_LEN(last->e_name_len);
-                       if (total_size <= free && total_size < min_total_size) {
-                               if (total_size < isize_diff) {
+                       if (total_size <= bfree &&
+                           total_size < min_total_size) {
+                               if (total_size + ifree < isize_diff) {
                                        small_entry = last;
                                } else {
                                        entry = last;
@@ -1491,6 +1484,7 @@ int ext4_expand_extra_isize_ea(struct inode *inode, int new_extra_isize,
                offs = le16_to_cpu(entry->e_value_offs);
                size = le32_to_cpu(entry->e_value_size);
                entry_size = EXT4_XATTR_LEN(entry->e_name_len);
+               total_size = entry_size + EXT4_XATTR_SIZE(size);
                i.name_index = entry->e_name_index,
                buffer = kmalloc(EXT4_XATTR_SIZE(size), GFP_NOFS);
                b_entry_name = kmalloc(entry->e_name_len + 1, GFP_NOFS);
@@ -1518,21 +1512,8 @@ int ext4_expand_extra_isize_ea(struct inode *inode, int new_extra_isize,
                if (error)
                        goto cleanup;
                total_ino -= entry_size;
-
-               entry = IFIRST(header);
-               if (entry_size + EXT4_XATTR_SIZE(size) >= isize_diff)
-                       shift_bytes = isize_diff;
-               else
-                       shift_bytes = entry_size + EXT4_XATTR_SIZE(size);
-               /* Adjust the offsets and shift the remaining entries ahead */
-               ext4_xattr_shift_entries(entry, -shift_bytes,
-                       (void *)raw_inode + EXT4_GOOD_OLD_INODE_SIZE +
-                       EXT4_I(inode)->i_extra_isize + shift_bytes,
-                       (void *)header, total_ino, inode->i_sb->s_blocksize);
-
-               isize_diff -= shift_bytes;
-               EXT4_I(inode)->i_extra_isize += shift_bytes;
-               header = IHDR(inode, raw_inode);
+               ifree += total_size;
+               bfree -= total_size;
 
                i.name = b_entry_name;
                i.value = buffer;
@@ -1553,6 +1534,15 @@ int ext4_expand_extra_isize_ea(struct inode *inode, int new_extra_isize,
                kfree(is);
                kfree(bs);
        }
+
+shift:
+       /* Adjust the offsets and shift the remaining entries ahead */
+       entry = IFIRST(header);
+       ext4_xattr_shift_entries(entry, EXT4_I(inode)->i_extra_isize
+                       - new_extra_isize, (void *)raw_inode +
+                       EXT4_GOOD_OLD_INODE_SIZE + new_extra_isize,
+                       (void *)header, total_ino, inode->i_sb->s_blocksize);
+       EXT4_I(inode)->i_extra_isize = new_extra_isize;
        brelse(bh);
 out:
        ext4_clear_inode_state(inode, EXT4_STATE_NO_EXPAND);
-- 
2.9.3

From 94405713889d4a9d341b4ad92956e4e2ec8ec2c2 Mon Sep 17 00:00:00 2001
From: Jan Kara <jack@suse.cz>
Date: Mon, 29 Aug 2016 15:41:11 -0400
Subject: [PATCH] ext4: replace bogus assertion in ext4_xattr_shift_entries()

We were checking whether computed offsets do not exceed end of block in
ext4_xattr_shift_entries(). However this does not make sense since we
always only decrease offsets. So replace that assertion with a check
whether we really decrease xattrs value offsets.

Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
---
 fs/ext4/xattr.c | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/fs/ext4/xattr.c b/fs/ext4/xattr.c
index 1447860..82b025c 100644
--- a/fs/ext4/xattr.c
+++ b/fs/ext4/xattr.c
@@ -1319,18 +1319,19 @@ ext4_xattr_set(struct inode *inode, int name_index, const char *name,
  */
 static void ext4_xattr_shift_entries(struct ext4_xattr_entry *entry,
                                     int value_offs_shift, void *to,
-                                    void *from, size_t n, int blocksize)
+                                    void *from, size_t n)
 {
        struct ext4_xattr_entry *last = entry;
        int new_offs;
 
+       /* We always shift xattr headers further thus offsets get lower */
+       BUG_ON(value_offs_shift > 0);
+
        /* Adjust the value offsets of the entries */
        for (; !IS_LAST_ENTRY(last); last = EXT4_XATTR_NEXT(last)) {
                if (!last->e_value_inum && last->e_value_size) {
                        new_offs = le16_to_cpu(last->e_value_offs) +
                                                        value_offs_shift;
-                       BUG_ON(new_offs + le32_to_cpu(last->e_value_size)
-                                > blocksize);
                        last->e_value_offs = cpu_to_le16(new_offs);
                }
        }
@@ -1542,7 +1543,7 @@ int ext4_expand_extra_isize_ea(struct inode *inode, int new_extra_isize,
        ext4_xattr_shift_entries(entry, EXT4_I(inode)->i_extra_isize
                        - new_extra_isize, (void *)raw_inode +
                        EXT4_GOOD_OLD_INODE_SIZE + new_extra_isize,
-                       (void *)header, total_ino, inode->i_sb->s_blocksize);
+                       (void *)header, total_ino);
        EXT4_I(inode)->i_extra_isize = new_extra_isize;
        brelse(bh);
 out:
-- 
2.9.3

From 887a9730614727c4fff7cb756711b190593fc1df Mon Sep 17 00:00:00 2001
From: Konstantin Khlebnikov <khlebnikov@yandex-team.ru>
Date: Sun, 21 May 2017 22:36:23 -0400
Subject: [PATCH] ext4: keep existing extra fields when inode expands

ext4_expand_extra_isize() should clear only space between old and new
size.

Fixes: 6dd4ee7cab7e # v2.6.23
Cc: stable@vger.kernel.org
Signed-off-by: Konstantin Khlebnikov <khlebnikov@yandex-team.ru>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
---
 fs/ext4/inode.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/fs/ext4/inode.c b/fs/ext4/inode.c
index 1bd0bfa..7cd99de 100644
--- a/fs/ext4/inode.c
+++ b/fs/ext4/inode.c
@@ -5637,8 +5637,9 @@ static int ext4_expand_extra_isize(struct inode *inode,
        /* No extended attributes present */
        if (!ext4_test_inode_state(inode, EXT4_STATE_XATTR) ||
            header->h_magic != cpu_to_le32(EXT4_XATTR_MAGIC)) {
-               memset((void *)raw_inode + EXT4_GOOD_OLD_INODE_SIZE, 0,
-                       new_extra_isize);
+               memset((void *)raw_inode + EXT4_GOOD_OLD_INODE_SIZE +
+                      EXT4_I(inode)->i_extra_isize, 0,
+                      new_extra_isize - EXT4_I(inode)->i_extra_isize);
                EXT4_I(inode)->i_extra_isize = new_extra_isize;
                return 0;
        }
-- 
2.9.3