summaryrefslogtreecommitdiffstats
path: root/fs/nilfs2 (follow)
Commit message (Collapse)AuthorAgeFilesLines
* nilfs2: fix buffer head leaks in calls to truncate_inode_pages()Ryusuke Konishi2024-12-194-1/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When block_invalidatepage was converted to block_invalidate_folio, the fallback to block_invalidatepage in folio_invalidate() if the address_space_operations method invalidatepage (currently invalidate_folio) was not set, was removed. Unfortunately, some pseudo-inodes in nilfs2 use empty_aops set by inode_init_always_gfp() as is, or explicitly set it to address_space_operations. Therefore, with this change, block_invalidatepage() is no longer called from folio_invalidate(), and as a result, the buffer_head structures attached to these pages/folios are no longer freed via try_to_free_buffers(). Thus, these buffer heads are now leaked by truncate_inode_pages(), which cleans up the page cache from inode evict(), etc. Three types of caches use empty_aops: gc inode caches and the DAT shadow inode used by GC, and b-tree node caches. Of these, b-tree node caches explicitly call invalidate_mapping_pages() during cleanup, which involves calling try_to_free_buffers(), so the leak was not visible during normal operation but worsened when GC was performed. Fix this issue by using address_space_operations with invalidate_folio set to block_invalidate_folio instead of empty_aops, which will ensure the same behavior as before. Link: https://lkml.kernel.org/r/20241212164556.21338-1-konishi.ryusuke@gmail.com Fixes: 7ba13abbd31e ("fs: Turn block_invalidatepage into block_invalidate_folio") Signed-off-by: Ryusuke Konishi <konishi.ryusuke@gmail.com> Cc: <stable@vger.kernel.org> [5.18+] Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
* nilfs2: prevent use of deleted inodeEdward Adam Davis2024-12-192-1/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | syzbot reported a WARNING in nilfs_rmdir. [1] Because the inode bitmap is corrupted, an inode with an inode number that should exist as a ".nilfs" file was reassigned by nilfs_mkdir for "file0", causing an inode duplication during execution. And this causes an underflow of i_nlink in rmdir operations. The inode is used twice by the same task to unmount and remove directories ".nilfs" and "file0", it trigger warning in nilfs_rmdir. Avoid to this issue, check i_nlink in nilfs_iget(), if it is 0, it means that this inode has been deleted, and iput is executed to reclaim it. [1] WARNING: CPU: 1 PID: 5824 at fs/inode.c:407 drop_nlink+0xc4/0x110 fs/inode.c:407 ... Call Trace: <TASK> nilfs_rmdir+0x1b0/0x250 fs/nilfs2/namei.c:342 vfs_rmdir+0x3a3/0x510 fs/namei.c:4394 do_rmdir+0x3b5/0x580 fs/namei.c:4453 __do_sys_rmdir fs/namei.c:4472 [inline] __se_sys_rmdir fs/namei.c:4470 [inline] __x64_sys_rmdir+0x47/0x50 fs/namei.c:4470 do_syscall_x64 arch/x86/entry/common.c:52 [inline] do_syscall_64+0xf3/0x230 arch/x86/entry/common.c:83 entry_SYSCALL_64_after_hwframe+0x77/0x7f Link: https://lkml.kernel.org/r/20241209065759.6781-1-konishi.ryusuke@gmail.com Fixes: d25006523d0b ("nilfs2: pathname operations") Signed-off-by: Ryusuke Konishi <konishi.ryusuke@gmail.com> Reported-by: syzbot+9260555647a5132edd48@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=9260555647a5132edd48 Tested-by: syzbot+9260555647a5132edd48@syzkaller.appspotmail.com Signed-off-by: Edward Adam Davis <eadavis@qq.com> Cc: <stable@vger.kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
* nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry()Ryusuke Konishi2024-12-061-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Syzbot reported that when searching for records in a directory where the inode's i_size is corrupted and has a large value, memory access outside the folio/page range may occur, or a use-after-free bug may be detected if KASAN is enabled. This is because nilfs_last_byte(), which is called by nilfs_find_entry() and others to calculate the number of valid bytes of directory data in a page from i_size and the page index, loses the upper 32 bits of the 64-bit size information due to an inappropriate type of local variable to which the i_size value is assigned. This caused a large byte offset value due to underflow in the end address calculation in the calling nilfs_find_entry(), resulting in memory access that exceeds the folio/page size. Fix this issue by changing the type of the local variable causing the bit loss from "unsigned int" to "u64". The return value of nilfs_last_byte() is also of type "unsigned int", but it is truncated so as not to exceed PAGE_SIZE and no bit loss occurs, so no change is required. Link: https://lkml.kernel.org/r/20241119172403.9292-1-konishi.ryusuke@gmail.com Fixes: 2ba466d74ed7 ("nilfs2: directory entry operations") Signed-off-by: Ryusuke Konishi <konishi.ryusuke@gmail.com> Reported-by: syzbot+96d5d14c47d97015c624@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=96d5d14c47d97015c624 Tested-by: syzbot+96d5d14c47d97015c624@syzkaller.appspotmail.com Cc: <stable@vger.kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
* Merge tag 'mm-nonmm-stable-2024-11-24-02-05' of ↵Linus Torvalds2024-11-2614-441/+485
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Pull non-MM updates from Andrew Morton: - The series "resource: A couple of cleanups" from Andy Shevchenko performs some cleanups in the resource management code - The series "Improve the copy of task comm" from Yafang Shao addresses possible race-induced overflows in the management of task_struct.comm[] - The series "Remove unnecessary header includes from {tools/}lib/list_sort.c" from Kuan-Wei Chiu adds some cleanups and a small fix to the list_sort library code and to its selftest - The series "Enhance min heap API with non-inline functions and optimizations" also from Kuan-Wei Chiu optimizes and cleans up the min_heap library code - The series "nilfs2: Finish folio conversion" from Ryusuke Konishi finishes off nilfs2's folioification - The series "add detect count for hung tasks" from Lance Yang adds more userspace visibility into the hung-task detector's activity - Apart from that, singelton patches in many places - please see the individual changelogs for details * tag 'mm-nonmm-stable-2024-11-24-02-05' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm: (71 commits) gdb: lx-symbols: do not error out on monolithic build kernel/reboot: replace sprintf() with sysfs_emit() lib: util_macros_kunit: add kunit test for util_macros.h util_macros.h: fix/rework find_closest() macros Improve consistency of '#error' directive messages ocfs2: fix uninitialized value in ocfs2_file_read_iter() hung_task: add docs for hung_task_detect_count hung_task: add detect count for hung tasks dma-buf: use atomic64_inc_return() in dma_buf_getfile() fs/proc/kcore.c: fix coccinelle reported ERROR instances resource: avoid unnecessary resource tree walking in __region_intersects() ocfs2: remove unused errmsg function and table ocfs2: cluster: fix a typo lib/scatterlist: use sg_phys() helper checkpatch: always parse orig_commit in fixes tag nilfs2: convert metadata aops from writepage to writepages nilfs2: convert nilfs_recovery_copy_block() to take a folio nilfs2: convert nilfs_page_count_clean_buffers() to take a folio nilfs2: remove nilfs_writepage nilfs2: convert checkpoint file to be folio-based ...
| * nilfs2: convert metadata aops from writepage to writepagesMatthew Wilcox (Oracle)2024-11-061-4/+15
| | | | | | | | | | | | | | | | | | | | | | | | | | By implementing ->writepages instead of ->writepage, we remove a layer of indirect function calls from the writeback path and the last use of struct page in nilfs2. [konishi.ryusuke@gmail.com: fixed panic by using buffer_migrate_folio_norefs] Link: https://lkml.kernel.org/r/20241002150036.1339475-5-willy@infradead.org Link: https://lkml.kernel.org/r/20241024092602.13395-13-konishi.ryusuke@gmail.com Signed-off-by: Matthew Wilcox (Oracle) <willy@infradead.org> Signed-off-by: Ryusuke Konishi <konishi.ryusuke@gmail.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
| * nilfs2: convert nilfs_recovery_copy_block() to take a folioMatthew Wilcox (Oracle)2024-11-061-10/+7
| | | | | | | | | | | | | | | | | | | | | | | | Use memcpy_to_folio() instead of open-coding it, and use offset_in_folio() in case anybody wants to use nilfs2 on a device with large blocks. [konishi.ryusuke@gmail.com: added label name change] Link: https://lkml.kernel.org/r/20241002150036.1339475-4-willy@infradead.org Link: https://lkml.kernel.org/r/20241024092602.13395-12-konishi.ryusuke@gmail.com Signed-off-by: Matthew Wilcox (Oracle) <willy@infradead.org> Signed-off-by: Ryusuke Konishi <konishi.ryusuke@gmail.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
| * nilfs2: convert nilfs_page_count_clean_buffers() to take a folioMatthew Wilcox (Oracle)2024-11-064-6/+6
| | | | | | | | | | | | | | | | | | | | | | Both callers have a folio, so pass it in and use it directly. [konishi.ryusuke@gmail.com: fixed a checkpatch warning about function declaration] Link: https://lkml.kernel.org/r/20241002150036.1339475-3-willy@infradead.org Link: https://lkml.kernel.org/r/20241024092602.13395-11-konishi.ryusuke@gmail.com Signed-off-by: Matthew Wilcox (Oracle) <willy@infradead.org> Signed-off-by: Ryusuke Konishi <konishi.ryusuke@gmail.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
| * nilfs2: remove nilfs_writepageMatthew Wilcox (Oracle)2024-11-061-32/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | Since nilfs2 has a ->writepages operation already, ->writepage is only called by the migration code. If we add a ->migrate_folio operation, it won't even be used for that and so it can be deleted. [konishi.ryusuke@gmail.com: fixed panic by using buffer_migrate_folio_norefs] Link: https://lkml.kernel.org/r/20241002150036.1339475-2-willy@infradead.org Link: https://lkml.kernel.org/r/20241024092602.13395-10-konishi.ryusuke@gmail.com Signed-off-by: Matthew Wilcox (Oracle) <willy@infradead.org> Signed-off-by: Ryusuke Konishi <konishi.ryusuke@gmail.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
| * nilfs2: convert checkpoint file to be folio-basedRyusuke Konishi2024-11-061-175/+204
| | | | | | | | | | | | | | | | | | | | | | | | | | Regarding the cpfile, a metadata file that manages checkpoints, convert the page-based implementation to a folio-based implementation. This change involves some helper functions to calculate byte offsets on folios and removing a few helper functions that are no longer needed. Link: https://lkml.kernel.org/r/20241024092602.13395-9-konishi.ryusuke@gmail.com Signed-off-by: Ryusuke Konishi <konishi.ryusuke@gmail.com> Cc: Matthew Wilcox (Oracle) <willy@infradead.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
| * nilfs2: remove nilfs_palloc_block_get_entry()Ryusuke Konishi2024-11-062-21/+0
| | | | | | | | | | | | | | | | | | All calls to nilfs_palloc_block_get_entry() are now gone, so remove it. Link: https://lkml.kernel.org/r/20241024092602.13395-8-konishi.ryusuke@gmail.com Signed-off-by: Ryusuke Konishi <konishi.ryusuke@gmail.com> Cc: Matthew Wilcox (Oracle) <willy@infradead.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
| * nilfs2: convert DAT file to be folio-basedRyusuke Konishi2024-11-061-46/+52
| | | | | | | | | | | | | | | | | | | | Regarding the DAT, a metadata file that manages virtual block addresses, convert the page-based implementation to a folio-based implementation. Link: https://lkml.kernel.org/r/20241024092602.13395-7-konishi.ryusuke@gmail.com Signed-off-by: Ryusuke Konishi <konishi.ryusuke@gmail.com> Cc: Matthew Wilcox (Oracle) <willy@infradead.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
| * nilfs2: convert inode file to be folio-basedRyusuke Konishi2024-11-062-7/+7
| | | | | | | | | | | | | | | | | | | | Convert the page-based implementation of ifile, a metadata file that manages inodes, to folio-based. Link: https://lkml.kernel.org/r/20241024092602.13395-6-konishi.ryusuke@gmail.com Signed-off-by: Ryusuke Konishi <konishi.ryusuke@gmail.com> Cc: Matthew Wilcox (Oracle) <willy@infradead.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
| * nilfs2: convert persistent object allocator to be folio-basedRyusuke Konishi2024-11-062-50/+89
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Regarding the persistent oject allocator, a common mechanism for allocating objects in metadata files such as inodes and DAT entries, convert the page-based implementation to a folio-based implementation. In this conversion, helper functions nilfs_palloc_group_desc_offset() and nilfs_palloc_bitmap_offset() are added and used to calculate the byte offset within a folio of a group descriptor structure and bitmap, respectively, to replace kmap_local_page with kmap_local_folio. In addition, a helper function called nilfs_palloc_entry_offset() is provided to facilitate common calculation of the byte offset within a folio of metadata file entries managed in the persistent object allocator format. Link: https://lkml.kernel.org/r/20241024092602.13395-5-konishi.ryusuke@gmail.com Signed-off-by: Ryusuke Konishi <konishi.ryusuke@gmail.com> Cc: Matthew Wilcox (Oracle) <willy@infradead.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
| * nilfs2: convert segment usage file to be folio-basedRyusuke Konishi2024-11-061-78/+82
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | For the sufile, which is a metadata file that holds information about managing segments, convert the page-based implementation to a folio-based implementation. kmap_local_page() is changed to use kmap_local_folio(), and where offsets within a page are calculated using bh_offset(), are replaced with calculations using offset_in_folio() with an additional helper function nilfs_sufile_segment_usage_offset(). Link: https://lkml.kernel.org/r/20241024092602.13395-4-konishi.ryusuke@gmail.com Signed-off-by: Ryusuke Konishi <konishi.ryusuke@gmail.com> Cc: Matthew Wilcox (Oracle) <willy@infradead.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
| * nilfs2: convert common metadata file code to be folio-basedRyusuke Konishi2024-11-063-13/+20
| | | | | | | | | | | | | | | | | | | | | | | | In the common routines for metadata files, nilfs_mdt_insert_new_block(), which inserts a new block buffer into the cache, is still page-based, and there are two places where bh_offset() is used. Convert these to page-based. Link: https://lkml.kernel.org/r/20241024092602.13395-3-konishi.ryusuke@gmail.com Signed-off-by: Ryusuke Konishi <konishi.ryusuke@gmail.com> Cc: Matthew Wilcox (Oracle) <willy@infradead.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
| * nilfs2: convert segment buffer to be folio-basedRyusuke Konishi2024-11-061-7/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Patch series "nilfs2: Finish folio conversion". This series converts all remaining page structure references in nilfs2 to folio-based, except for nilfs_copy_buffer function, which was converted to use folios in advance for cross-fs page flags cleanup. This prioritizes folio conversion, and does not include buffer head reference reduction, nor does it support for block sizes larger than the system page size. The first eight patches in this series mainly convert each of the nilfs2-specific metadata implementations to use folios. The last four patches, by Matthew Wilcox, eliminate aops writepage callbacks and convert the remaining page structure references to folio-based. This part reflects some corrections to the patch series posted by Matthew. This patch (of 12): In the segment buffer (log buffer) implementation, two parts of the block buffer, CRC calculation and bio preparation, are still page-based, so convert them to folio-based. Link: https://lkml.kernel.org/r/20241024092602.13395-1-konishi.ryusuke@gmail.com Link: https://lkml.kernel.org/r/20241024092602.13395-2-konishi.ryusuke@gmail.com Signed-off-by: Ryusuke Konishi <konishi.ryusuke@gmail.com> Cc: Matthew Wilcox (Oracle) <willy@infradead.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
* | Merge tag 'vfs-6.13.pagecache' of ↵Linus Torvalds2024-11-181-11/+11
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs Pull vfs pagecache updates from Christian Brauner: "Cleanup filesystem page flag usage: This continues the work to make the mappedtodisk/owner_2 flag available to filesystems which don't use buffer heads. Further patches remove uses of Private2. This brings us very close to being rid of it entirely" * tag 'vfs-6.13.pagecache' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs: migrate: Remove references to Private2 ceph: Remove call to PagePrivate2() btrfs: Switch from using the private_2 flag to owner_2 mm: Remove PageMappedToDisk nilfs2: Convert nilfs_copy_buffer() to use folios fs: Move clearing of mappedtodisk to buffer.c
| * | nilfs2: Convert nilfs_copy_buffer() to use foliosMatthew Wilcox (Oracle)2024-10-041-11/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | Use folio APIs instead of page APIs. Signed-off-by: Matthew Wilcox (Oracle) <willy@infradead.org> Link: https://lore.kernel.org/r/20241002040111.1023018-3-willy@infradead.org Acked-by: Ryusuke Konishi <konishi.ryusuke@gmail.com> Signed-off-by: Christian Brauner <brauner@kernel.org>
* | | nilfs2: fix null-ptr-deref in block_dirty_buffer tracepointRyusuke Konishi2024-11-124-6/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When using the "block:block_dirty_buffer" tracepoint, mark_buffer_dirty() may cause a NULL pointer dereference, or a general protection fault when KASAN is enabled. This happens because, since the tracepoint was added in mark_buffer_dirty(), it references the dev_t member bh->b_bdev->bd_dev regardless of whether the buffer head has a pointer to a block_device structure. In the current implementation, nilfs_grab_buffer(), which grabs a buffer to read (or create) a block of metadata, including b-tree node blocks, does not set the block device, but instead does so only if the buffer is not in the "uptodate" state for each of its caller block reading functions. However, if the uptodate flag is set on a folio/page, and the buffer heads are detached from it by try_to_free_buffers(), and new buffer heads are then attached by create_empty_buffers(), the uptodate flag may be restored to each buffer without the block device being set to bh->b_bdev, and mark_buffer_dirty() may be called later in that state, resulting in the bug mentioned above. Fix this issue by making nilfs_grab_buffer() always set the block device of the super block structure to the buffer head, regardless of the state of the buffer's uptodate flag. Link: https://lkml.kernel.org/r/20241106160811.3316-3-konishi.ryusuke@gmail.com Fixes: 5305cb830834 ("block: add block_{touch|dirty}_buffer tracepoint") Signed-off-by: Ryusuke Konishi <konishi.ryusuke@gmail.com> Cc: Tejun Heo <tj@kernel.org> Cc: Ubisectech Sirius <bugreport@valiantsec.com> Cc: <stable@vger.kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
* | | nilfs2: fix null-ptr-deref in block_touch_buffer tracepointRyusuke Konishi2024-11-121-1/+0
| |/ |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Patch series "nilfs2: fix null-ptr-deref bugs on block tracepoints". This series fixes null pointer dereference bugs that occur when using nilfs2 and two block-related tracepoints. This patch (of 2): It has been reported that when using "block:block_touch_buffer" tracepoint, touch_buffer() called from __nilfs_get_folio_block() causes a NULL pointer dereference, or a general protection fault when KASAN is enabled. This happens because since the tracepoint was added in touch_buffer(), it references the dev_t member bh->b_bdev->bd_dev regardless of whether the buffer head has a pointer to a block_device structure. In the current implementation, the block_device structure is set after the function returns to the caller. Here, touch_buffer() is used to mark the folio/page that owns the buffer head as accessed, but the common search helper for folio/page used by the caller function was optimized to mark the folio/page as accessed when it was reimplemented a long time ago, eliminating the need to call touch_buffer() here in the first place. So this solves the issue by eliminating the touch_buffer() call itself. Link: https://lkml.kernel.org/r/20241106160811.3316-1-konishi.ryusuke@gmail.com Link: https://lkml.kernel.org/r/20241106160811.3316-2-konishi.ryusuke@gmail.com Fixes: 5305cb830834 ("block: add block_{touch|dirty}_buffer tracepoint") Signed-off-by: Ryusuke Konishi <konishi.ryusuke@gmail.com> Reported-by: Ubisectech Sirius <bugreport@valiantsec.com> Closes: https://lkml.kernel.org/r/86bd3013-887e-4e38-960f-ca45c657f032.bugreport@valiantsec.com Reported-by: syzbot+9982fb8d18eba905abe2@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=9982fb8d18eba905abe2 Tested-by: syzbot+9982fb8d18eba905abe2@syzkaller.appspotmail.com Cc: Tejun Heo <tj@kernel.org> Cc: <stable@vger.kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
* | nilfs2: fix potential deadlock with newly created symlinksRyusuke Konishi2024-10-311-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Syzbot reported that page_symlink(), called by nilfs_symlink(), triggers memory reclamation involving the filesystem layer, which can result in circular lock dependencies among the reader/writer semaphore nilfs->ns_segctor_sem, s_writers percpu_rwsem (intwrite) and the fs_reclaim pseudo lock. This is because after commit 21fc61c73c39 ("don't put symlink bodies in pagecache into highmem"), the gfp flags of the page cache for symbolic links are overwritten to GFP_KERNEL via inode_nohighmem(). This is not a problem for symlinks read from the backing device, because the __GFP_FS flag is dropped after inode_nohighmem() is called. However, when a new symlink is created with nilfs_symlink(), the gfp flags remain overwritten to GFP_KERNEL. Then, memory allocation called from page_symlink() etc. triggers memory reclamation including the FS layer, which may call nilfs_evict_inode() or nilfs_dirty_inode(). And these can cause a deadlock if they are called while nilfs->ns_segctor_sem is held: Fix this issue by dropping the __GFP_FS flag from the page cache GFP flags of newly created symlinks in the same way that nilfs_new_inode() and __nilfs_read_inode() do, as a workaround until we adopt nofs allocation scope consistently or improve the locking constraints. Link: https://lkml.kernel.org/r/20241020050003.4308-1-konishi.ryusuke@gmail.com Fixes: 21fc61c73c39 ("don't put symlink bodies in pagecache into highmem") Signed-off-by: Ryusuke Konishi <konishi.ryusuke@gmail.com> Reported-by: syzbot+9ef37ac20608f4836256@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=9ef37ac20608f4836256 Tested-by: syzbot+9ef37ac20608f4836256@syzkaller.appspotmail.com Cc: <stable@vger.kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
* | nilfs2: fix kernel bug due to missing clearing of checked flagRyusuke Konishi2024-10-291-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Syzbot reported that in directory operations after nilfs2 detects filesystem corruption and degrades to read-only, __block_write_begin_int(), which is called to prepare block writes, may fail the BUG_ON check for accesses exceeding the folio/page size, triggering a kernel bug. This was found to be because the "checked" flag of a page/folio was not cleared when it was discarded by nilfs2's own routine, which causes the sanity check of directory entries to be skipped when the directory page/folio is reloaded. So, fix that. This was necessary when the use of nilfs2's own page discard routine was applied to more than just metadata files. Link: https://lkml.kernel.org/r/20241017193359.5051-1-konishi.ryusuke@gmail.com Fixes: 8c26c4e2694a ("nilfs2: fix issue with flush kernel thread after remount in RO mode because of driver's internal error or metadata corruption") Signed-off-by: Ryusuke Konishi <konishi.ryusuke@gmail.com> Reported-by: syzbot+d6ca2daf692c7a82f959@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=d6ca2daf692c7a82f959 Cc: <stable@vger.kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
* | Merge tag 'vfs-6.12-rc5.fixes' of ↵Linus Torvalds2024-10-211-2/+4
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs Pull vfs fixes from Christian Brauner: "afs: - Fix a lock recursion in afs_wake_up_async_call() on ->notify_lock netfs: - Drop the references to a folio immediately after the folio has been extracted to prevent races with future I/O collection - Fix a documenation build error - Downgrade the i_rwsem for buffered writes to fix a cifs reported performance regression when switching to netfslib vfs: - Explicitly return -E2BIG from openat2() if the specified size is unexpectedly large. This aligns openat2() with other extensible struct based system calls - When copying a mount namespace ensure that we only try to remove the new copy from the mount namespace rbtree if it has already been added to it nilfs: - Clear the buffer delay flag when clearing the buffer state clags when a buffer head is discarded to prevent a kernel OOPs ocfs2: - Fix an unitialized value warning in ocfs2_setattr() proc: - Fix a kernel doc warning" * tag 'vfs-6.12-rc5.fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs: proc: Fix W=1 build kernel-doc warning afs: Fix lock recursion fs: Fix uninitialized value issue in from_kuid and from_kgid fs: don't try and remove empty rbtree node netfs: Downgrade i_rwsem for a buffered write nilfs2: fix kernel bug due to missing clearing of buffer delay flag openat2: explicitly return -E2BIG for (usize > PAGE_SIZE) netfs: fix documentation build error netfs: In readahead, put the folio refs as soon extracted
| * | nilfs2: fix kernel bug due to missing clearing of buffer delay flagRyusuke Konishi2024-10-161-2/+4
| |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Syzbot reported that after nilfs2 reads a corrupted file system image and degrades to read-only, the BUG_ON check for the buffer delay flag in submit_bh_wbc() may fail, causing a kernel bug. This is because the buffer delay flag is not cleared when clearing the buffer state flags to discard a page/folio or a buffer head. So, fix this. This became necessary when the use of nilfs2's own page clear routine was expanded. This state inconsistency does not occur if the buffer is written normally by log writing. Signed-off-by: Ryusuke Konishi <konishi.ryusuke@gmail.com> Link: https://lore.kernel.org/r/20241015213300.7114-1-konishi.ryusuke@gmail.com Fixes: 8c26c4e2694a ("nilfs2: fix issue with flush kernel thread after remount in RO mode because of driver's internal error or metadata corruption") Reported-by: syzbot+985ada84bf055a575c07@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=985ada84bf055a575c07 Cc: stable@vger.kernel.org Signed-off-by: Christian Brauner <brauner@kernel.org>
* / nilfs2: propagate directory read errors from nilfs_find_entry()Ryusuke Konishi2024-10-173-37/+52
|/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Syzbot reported that a task hang occurs in vcs_open() during a fuzzing test for nilfs2. The root cause of this problem is that in nilfs_find_entry(), which searches for directory entries, ignores errors when loading a directory page/folio via nilfs_get_folio() fails. If the filesystem images is corrupted, and the i_size of the directory inode is large, and the directory page/folio is successfully read but fails the sanity check, for example when it is zero-filled, nilfs_check_folio() may continue to spit out error messages in bursts. Fix this issue by propagating the error to the callers when loading a page/folio fails in nilfs_find_entry(). The current interface of nilfs_find_entry() and its callers is outdated and cannot propagate error codes such as -EIO and -ENOMEM returned via nilfs_find_entry(), so fix it together. Link: https://lkml.kernel.org/r/20241004033640.6841-1-konishi.ryusuke@gmail.com Fixes: 2ba466d74ed7 ("nilfs2: directory entry operations") Signed-off-by: Ryusuke Konishi <konishi.ryusuke@gmail.com> Reported-by: Lizhi Xu <lizhi.xu@windriver.com> Closes: https://lkml.kernel.org/r/20240927013806.3577931-1-lizhi.xu@windriver.com Reported-by: syzbot+8a192e8d090fa9a31135@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=8a192e8d090fa9a31135 Cc: <stable@vger.kernel.org> Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
* Merge tag 'mm-nonmm-stable-2024-09-21-07-52' of ↵Linus Torvalds2024-09-2122-325/+463
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm Pull non-MM updates from Andrew Morton: "Many singleton patches - please see the various changelogs for details. Quite a lot of nilfs2 work this time around. Notable patch series in this pull request are: - "mul_u64_u64_div_u64: new implementation" by Nicolas Pitre, with assistance from Uwe Kleine-König. Reimplement mul_u64_u64_div_u64() to provide (much) more accurate results. The current implementation was causing Uwe some issues in the PWM drivers. - "xz: Updates to license, filters, and compression options" from Lasse Collin. Miscellaneous maintenance and kinor feature work to the xz decompressor. - "Fix some GDB command error and add some GDB commands" from Kuan-Ying Lee. Fixes and enhancements to the gdb scripts. - "treewide: add missing MODULE_DESCRIPTION() macros" from Jeff Johnson. Adds lots of MODULE_DESCRIPTIONs, thus fixing lots of warnings about this. - "nilfs2: add support for some common ioctls" from Ryusuke Konishi. Adds various commonly-available ioctls to nilfs2. - "This series fixes a number of formatting issues in kernel doc comments" from Ryusuke Konishi does that. - "nilfs2: prevent unexpected ENOENT propagation" from Ryusuke Konishi. Fix issues where -ENOENT was being unintentionally and inappropriately returned to userspace. - "nilfs2: assorted cleanups" from Huang Xiaojia. - "nilfs2: fix potential issues with empty b-tree nodes" from Ryusuke Konishi fixes some issues which can occur on corrupted nilfs2 filesystems. - "scripts/decode_stacktrace.sh: improve error reporting and usability" from Luca Ceresoli does those things" * tag 'mm-nonmm-stable-2024-09-21-07-52' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm: (103 commits) list: test: increase coverage of list_test_list_replace*() list: test: fix tests for list_cut_position() proc: use __auto_type more treewide: correct the typo 'retun' ocfs2: cleanup return value and mlog in ocfs2_global_read_info() nilfs2: remove duplicate 'unlikely()' usage nilfs2: fix potential oob read in nilfs_btree_check_delete() nilfs2: determine empty node blocks as corrupted nilfs2: fix potential null-ptr-deref in nilfs_btree_insert() user_namespace: use kmemdup_array() instead of kmemdup() for multiple allocation tools/mm: rm thp_swap_allocator_test when make clean squashfs: fix percpu address space issues in decompressor_multi_percpu.c lib: glob.c: added null check for character class nilfs2: refactor nilfs_segctor_thread() nilfs2: use kthread_create and kthread_stop for the log writer thread nilfs2: remove sc_timer_task nilfs2: do not repair reserved inode bitmap in nilfs_new_inode() nilfs2: eliminate the shared counter and spinlock for i_generation nilfs2: separate inode type information from i_state field nilfs2: use the BITS_PER_LONG macro ...
| * nilfs2: remove duplicate 'unlikely()' usageKunwu Chan2024-09-101-1/+1
| | | | | | | | | | | | | | | | | | Nested unlikely() calls, IS_ERR already uses unlikely() internally Link: https://lkml.kernel.org/r/20240904101618.17716-1-konishi.ryusuke@gmail.com Signed-off-by: Kunwu Chan <chentao@kylinos.cn> Signed-off-by: Ryusuke Konishi <konishi.ryusuke@gmail.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
| * nilfs2: fix potential oob read in nilfs_btree_check_delete()Ryusuke Konishi2024-09-101-2/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The function nilfs_btree_check_delete(), which checks whether degeneration to direct mapping occurs before deleting a b-tree entry, causes memory access outside the block buffer when retrieving the maximum key if the root node has no entries. This does not usually happen because b-tree mappings with 0 child nodes are never created by mkfs.nilfs2 or nilfs2 itself. However, it can happen if the b-tree root node read from a device is configured that way, so fix this potential issue by adding a check for that case. Link: https://lkml.kernel.org/r/20240904081401.16682-4-konishi.ryusuke@gmail.com Fixes: 17c76b0104e4 ("nilfs2: B-tree based block mapping") Signed-off-by: Ryusuke Konishi <konishi.ryusuke@gmail.com> Cc: Lizhi Xu <lizhi.xu@windriver.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
| * nilfs2: determine empty node blocks as corruptedRyusuke Konishi2024-09-101-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Due to the nature of b-trees, nilfs2 itself and admin tools such as mkfs.nilfs2 will never create an intermediate b-tree node block with 0 child nodes, nor will they delete (key, pointer)-entries that would result in such a state. However, it is possible that a b-tree node block is corrupted on the backing device and is read with 0 child nodes. Because operation is not guaranteed if the number of child nodes is 0 for intermediate node blocks other than the root node, modify nilfs_btree_node_broken(), which performs sanity checks when reading a b-tree node block, so that such cases will be judged as metadata corruption. Link: https://lkml.kernel.org/r/20240904081401.16682-3-konishi.ryusuke@gmail.com Fixes: 17c76b0104e4 ("nilfs2: B-tree based block mapping") Signed-off-by: Ryusuke Konishi <konishi.ryusuke@gmail.com> Cc: Lizhi Xu <lizhi.xu@windriver.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
| * nilfs2: fix potential null-ptr-deref in nilfs_btree_insert()Ryusuke Konishi2024-09-101-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Patch series "nilfs2: fix potential issues with empty b-tree nodes". This series addresses three potential issues with empty b-tree nodes that can occur with corrupted filesystem images, including one recently discovered by syzbot. This patch (of 3): If a b-tree is broken on the device, and the b-tree height is greater than 2 (the level of the root node is greater than 1) even if the number of child nodes of the b-tree root is 0, a NULL pointer dereference occurs in nilfs_btree_prepare_insert(), which is called from nilfs_btree_insert(). This is because, when the number of child nodes of the b-tree root is 0, nilfs_btree_do_lookup() does not set the block buffer head in any of path[x].bp_bh, leaving it as the initial value of NULL, but if the level of the b-tree root node is greater than 1, nilfs_btree_get_nonroot_node(), which accesses the buffer memory of path[x].bp_bh, is called. Fix this issue by adding a check to nilfs_btree_root_broken(), which performs sanity checks when reading the root node from the device, to detect this inconsistency. Thanks to Lizhi Xu for trying to solve the bug and clarifying the cause early on. Link: https://lkml.kernel.org/r/20240904081401.16682-1-konishi.ryusuke@gmail.com Link: https://lkml.kernel.org/r/20240902084101.138971-1-lizhi.xu@windriver.com Link: https://lkml.kernel.org/r/20240904081401.16682-2-konishi.ryusuke@gmail.com Fixes: 17c76b0104e4 ("nilfs2: B-tree based block mapping") Signed-off-by: Ryusuke Konishi <konishi.ryusuke@gmail.com> Reported-by: syzbot+9bff4c7b992038a7409f@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=9bff4c7b992038a7409f Cc: Lizhi Xu <lizhi.xu@windriver.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
| * nilfs2: refactor nilfs_segctor_thread()Ryusuke Konishi2024-09-021-45/+40
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Simplify nilfs_segctor_thread(), the main loop function of the log writer thread, to make the basic structure easier to understand. In particular, the acquisition and release of the sc_state_lock spinlock was scattered throughout the function, so extract the determination of whether log writing is required into a helper function and make the spinlock lock sections clearer. Link: https://lkml.kernel.org/r/20240826174116.5008-9-konishi.ryusuke@gmail.com Signed-off-by: Ryusuke Konishi <konishi.ryusuke@gmail.com> Cc: Huang Xiaojia <huangxiaojia2@huawei.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
| * nilfs2: use kthread_create and kthread_stop for the log writer threadRyusuke Konishi2024-09-022-54/+31
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | By using kthread_create() and kthread_stop() to start and stop the log writer thread, eliminate custom thread start and stop helpers, as well as the wait queue "sc_wait_task" on the "nilfs_sc_info" struct and NILFS_SEGCTOR_QUIT flag that exist only to implement them. Also, update the kernel doc comments of the changed functions as appropriate. Link: https://lkml.kernel.org/r/20240826174116.5008-8-konishi.ryusuke@gmail.com Signed-off-by: Ryusuke Konishi <konishi.ryusuke@gmail.com> Cc: Huang Xiaojia <huangxiaojia2@huawei.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
| * nilfs2: remove sc_timer_taskRyusuke Konishi2024-09-022-4/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | After commit f5d4e04634c9 ("nilfs2: fix use-after-free of timer for log writer thread") is applied, nilfs_construct_timeout(), which is called by a timer and wakes up the log writer thread, is never called after the log writer thread has terminated. As a result, the member variable "sc_timer_task" of the "nilfs_sc_info" structure, which was added when timer_setup() was adopted to retain a reference to the log writer thread's task even after it had terminated, is no longer needed, as it should be; we can simply use "sc_task" instead, which holds a reference to the log writer thread's task for its lifetime. So, eliminate "sc_timer_task" by this means. Link: https://lkml.kernel.org/r/20240826174116.5008-7-konishi.ryusuke@gmail.com Signed-off-by: Ryusuke Konishi <konishi.ryusuke@gmail.com> Cc: Huang Xiaojia <huangxiaojia2@huawei.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
| * nilfs2: do not repair reserved inode bitmap in nilfs_new_inode()Ryusuke Konishi2024-09-021-13/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | After commit 93aef9eda1ce ("nilfs2: fix incorrect inode allocation from reserved inodes") is applied, the inode number returned by nilfs_ifile_create_inode() is guaranteed to always be greater than or equal to NILFS_USER_INO, so if the inode number is a reserved inode number (less than NILFS_USER_INO), the code to repair the bitmap immediately following it is no longer executed. So, delete it. Link: https://lkml.kernel.org/r/20240826174116.5008-6-konishi.ryusuke@gmail.com Signed-off-by: Ryusuke Konishi <konishi.ryusuke@gmail.com> Cc: Huang Xiaojia <huangxiaojia2@huawei.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
| * nilfs2: eliminate the shared counter and spinlock for i_generationRyusuke Konishi2024-09-023-15/+2
| | | | | | | | | | | | | | | | | | | | | | Use get_random_u32() as the source for inode->i_generation for new inodes, and eliminate the original source, the shared counter ns_next_generation along with its exclusive access spinlock ns_next_gen_lock. Link: https://lkml.kernel.org/r/20240826174116.5008-5-konishi.ryusuke@gmail.com Signed-off-by: Ryusuke Konishi <konishi.ryusuke@gmail.com> Cc: Huang Xiaojia <huangxiaojia2@huawei.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
| * nilfs2: separate inode type information from i_state fieldRyusuke Konishi2024-09-024-46/+28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In nilfs_iget_locked() and nilfs_ilookup(), which are used to find or obtain nilfs2 inodes, the nilfs_iget_args structure used to identify inodes has type information divided into multiple booleans, making type determination complicated. Simplify inode type determination by consolidating inode type information into an unsigned integer represented by a comibination of flags and by separating the type identification information for on-memory inodes from the i_state member in the nilfs_inode_info structure. Link: https://lkml.kernel.org/r/20240826174116.5008-4-konishi.ryusuke@gmail.com Signed-off-by: Ryusuke Konishi <konishi.ryusuke@gmail.com> Cc: Huang Xiaojia <huangxiaojia2@huawei.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
| * nilfs2: use the BITS_PER_LONG macroRyusuke Konishi2024-09-021-3/+2
| | | | | | | | | | | | | | | | | | | | | | The macros NILFS_BMAP_KEY_BIT and NILFS_BMAP_NEW_PTR_INIT calculate, within their definitions, the number of bits in an unsigned long variable. Use the BITS_PER_LONG macro to make them simpler. Link: https://lkml.kernel.org/r/20240826174116.5008-3-konishi.ryusuke@gmail.com Signed-off-by: Ryusuke Konishi <konishi.ryusuke@gmail.com> Cc: Huang Xiaojia <huangxiaojia2@huawei.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
| * nilfs2: use common implementation of file typeHuang Xiaojia2024-09-021-39/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Patch series "nilfs2: assorted cleanups". This is a collection of cleanup patches, with only the last three focused on the log writer thread, the rest are miscellaneous. Patches 1/8, 4/8, and 7/8 adopt common implementations, 2/8 uses a generic macro, 5/8 removes dead code, 6/8 removes an unnecessary reference, and 3/8 and 8/8 each simplify a paticular messy implementation. This patch (of 8): Deduplicate the nilfs2 file type conversion implementation. Link: https://lkml.kernel.org/r/20240826174116.5008-1-konishi.ryusuke@gmail.com Link: https://lkml.kernel.org/r/20240815013442.1220909-1-huangxiaojia2@huawei.com Link: https://lkml.kernel.org/r/20240826174116.5008-2-konishi.ryusuke@gmail.com Signed-off-by: Huang Xiaojia <huangxiaojia2@huawei.com> Signed-off-by: Ryusuke Konishi <konishi.ryusuke@gmail.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
| * nilfs2: do not propagate ENOENT error from nilfs_sufile_mark_dirty()Ryusuke Konishi2024-09-021-1/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | nilfs_sufile_mark_dirty(), which marks a block in the sufile metadata file as dirty in preparation for log writing, returns -ENOENT to the caller if the block containing the segment usage of the specified segment is missing. This internal code can propagate through the log writer to system calls such as fsync. To prevent this, treat this case as a filesystem error and return -EIO instead. Link: https://lkml.kernel.org/r/20240821154627.11848-6-konishi.ryusuke@gmail.com Signed-off-by: Ryusuke Konishi <konishi.ryusuke@gmail.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
| * nilfs2: do not propagate ENOENT error from sufile during GCRyusuke Konishi2024-09-021-8/+56
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | nilfs_sufile_freev(), which is used to free segments in GC, aborts with -ENOENT if the target segment usage is on a hole block. This error only occurs if one of the segment numbers to be freed passed by the GC ioctl is invalid, so return -EINVAL instead. To avoid impairing readability, introduce a wrapper function that encapsulates error handling including the error code conversion (and error message output). Link: https://lkml.kernel.org/r/20240821154627.11848-5-konishi.ryusuke@gmail.com Signed-off-by: Ryusuke Konishi <konishi.ryusuke@gmail.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
| * nilfs2: do not propagate ENOENT error from sufile during recoveryRyusuke Konishi2024-09-021-1/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | nilfs_sufile_free() returns the error code -ENOENT when the block where the segment usage should be placed does not exist (hole block case), but this error should not be propagated upwards to the mount system call. In nilfs_prepare_segment_for_recovery(), one of the recovery steps during mount, nilfs_sufile_free() is used and may return -ENOENT as is, so in that case return -EINVAL instead. Link: https://lkml.kernel.org/r/20240821154627.11848-4-konishi.ryusuke@gmail.com Signed-off-by: Ryusuke Konishi <konishi.ryusuke@gmail.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
| * nilfs2: treat missing cpfile header block as metadata corruptionRyusuke Konishi2024-09-021-10/+12
| | | | | | | | | | | | | | | | | | | | | | | | | | | | The cpfile, a metadata file that holds metadata for checkpoint management, also has statistical information in its first block, and if reading this block fails, it receives the internal code -ENOENT and returns that code to the callers. As with sufile, to prevent this -ENOENT from being propagated to system calls, return -EIO instead when reading the header block fails. Link: https://lkml.kernel.org/r/20240821154627.11848-3-konishi.ryusuke@gmail.com Signed-off-by: Ryusuke Konishi <konishi.ryusuke@gmail.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
| * nilfs2: treat missing sufile header block as metadata corruptionRyusuke Konishi2024-09-021-5/+18
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Patch series "nilfs2: prevent unexpected ENOENT propagation". This series fixes potential issues where the result code -ENOENT, which is returned internally when a metadata file operation encouters a hole block, is exposed to user space without being properly handled. Several issues with the same cause leading to hangs or WARN_ON check failures have been reported by syzbot and fixed each time in the past. This collectively fixes the missing -ENOENT conversions that do not cause stability issues and are not covered by syzbot. This patch (of 5): The sufile, a metadata file that holds metadata for segment management, has statistical information in its first block, but if reading this block fails, it receives the internal code -ENOENT and returns it unchanged to the callers. To prevent this -ENOENT from being propagated to system calls, if reading the header block fails, return -EIO (or -EINVAL depending on the context) instead. Link: https://lkml.kernel.org/r/20240821154627.11848-1-konishi.ryusuke@gmail.com Link: https://lkml.kernel.org/r/20240821154627.11848-2-konishi.ryusuke@gmail.com Signed-off-by: Ryusuke Konishi <konishi.ryusuke@gmail.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
| * nilfs2: fix missing initial short descriptions of kernel-doc commentsRyusuke Konishi2024-09-024-39/+32
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Update some kernel-doc comments that are missing the initial short description and fix the following warnings output by the kernel-doc script: fs/nilfs2/bmap.c:353: warning: missing initial short description on line: * nilfs_bmap_lookup_dirty_buffers - fs/nilfs2/cpfile.c:708: warning: missing initial short description on line: * nilfs_cpfile_delete_checkpoint - fs/nilfs2/cpfile.c:972: warning: missing initial short description on line: * nilfs_cpfile_is_snapshot - fs/nilfs2/dat.c:275: warning: missing initial short description on line: * nilfs_dat_mark_dirty - fs/nilfs2/sufile.c:844: warning: missing initial short description on line: * nilfs_sufile_get_suinfo - Link: https://lkml.kernel.org/r/20240816074319.3253-9-konishi.ryusuke@gmail.com Signed-off-by: Ryusuke Konishi <konishi.ryusuke@gmail.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
| * nilfs2: fix inconsistencies in kernel-doc comments in segment.hRyusuke Konishi2024-09-021-3/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix incorrect or missing variable names in the member variable descriptions in the nilfs_recovery_info and nilfs_sc_info structures, thereby eliminating the following warnings output by the kernel-doc script: fs/nilfs2/segment.h:49: warning: Function parameter or struct member 'ri_cno' not described in 'nilfs_recovery_info' fs/nilfs2/segment.h:49: warning: Function parameter or struct member 'ri_lsegs_start_seq' not described in 'nilfs_recovery_info' fs/nilfs2/segment.h:49: warning: Excess struct member 'ri_ri_cno' description in 'nilfs_recovery_info' fs/nilfs2/segment.h:49: warning: Excess struct member 'ri_lseg_start_seq' description in 'nilfs_recovery_info' fs/nilfs2/segment.h:177: warning: Function parameter or struct member 'sc_seq_accepted' not described in 'nilfs_sc_info' fs/nilfs2/segment.h:177: warning: Function parameter or struct member 'sc_timer_task' not described in 'nilfs_sc_info' fs/nilfs2/segment.h:177: warning: Excess struct member 'sc_seq_accept' description in 'nilfs_sc_info' Link: https://lkml.kernel.org/r/20240816074319.3253-8-konishi.ryusuke@gmail.com Signed-off-by: Ryusuke Konishi <konishi.ryusuke@gmail.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
| * nilfs2: describe the members of nilfs_bmap_operations structureRyusuke Konishi2024-09-021-1/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add missing member variable descriptions in the kernel-doc comments for the nilfs_bmap_operations structure, hiding the internal operations with the "private:" tag. This eliminates the following warnings output by the kernel-doc script: fs/nilfs2/bmap.h:74: warning: Function parameter or struct member 'bop_lookup' not described in 'nilfs_bmap_operations' fs/nilfs2/bmap.h:74: warning: Function parameter or struct member 'bop_lookup_contig' not described in 'nilfs_bmap_operations' ... fs/nilfs2/bmap.h:74: warning: Function parameter or struct member 'bop_gather_data' not described in 'nilfs_bmap_operations' Link: https://lkml.kernel.org/r/20240816074319.3253-7-konishi.ryusuke@gmail.com Signed-off-by: Ryusuke Konishi <konishi.ryusuke@gmail.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
| * nilfs2: add missing description of nilfs_btree_path structureRyusuke Konishi2024-09-021-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | Add missing kernel-doc comment for the 'bp_ctxt' member variable of the nilfs_btree_path structure, and eliminate the following warning output by the kenrel-doc script: fs/nilfs2/btree.h:39: warning: Function parameter or struct member 'bp_ctxt' not described in 'nilfs_btree_path' Link: https://lkml.kernel.org/r/20240816074319.3253-6-konishi.ryusuke@gmail.com Signed-off-by: Ryusuke Konishi <konishi.ryusuke@gmail.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
| * nilfs2: fix incorrect kernel-doc declaration of nilfs_palloc_req structureRyusuke Konishi2024-09-021-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | The "struct" keyword is missing from the kernel-doc comment of the nilfs_palloc_req structure, so add it to eliminate the following warning output by the kernel-doc script: fs/nilfs2/alloc.h:46: warning: cannot understand function prototype: 'struct nilfs_palloc_req ' Link: https://lkml.kernel.org/r/20240816074319.3253-5-konishi.ryusuke@gmail.com Signed-off-by: Ryusuke Konishi <konishi.ryusuke@gmail.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
| * nilfs2: improve kernel-doc comments for b-tree node helpersRyusuke Konishi2024-09-021-9/+54
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Revise kernel-doc comments for helper functions related to changing the search key for b-tree node blocks, and eliminate the following warnings output by the kernel-doc script: fs/nilfs2/btnode.c:175: warning: Function parameter or struct member 'btnc' not described in 'nilfs_btnode_prepare_change_key' fs/nilfs2/btnode.c:175: warning: Function parameter or struct member 'ctxt' not described in 'nilfs_btnode_prepare_change_key' fs/nilfs2/btnode.c:238: warning: Function parameter or struct member 'btnc' not described in 'nilfs_btnode_commit_change_key' fs/nilfs2/btnode.c:238: warning: Function parameter or struct member 'ctxt' not described in 'nilfs_btnode_commit_change_key' fs/nilfs2/btnode.c:278: warning: Function parameter or struct member 'btnc' not described in 'nilfs_btnode_abort_change_key' fs/nilfs2/btnode.c:278: warning: Function parameter or struct member 'ctxt' not described in 'nilfs_btnode_abort_change_key' Link: https://lkml.kernel.org/r/20240816074319.3253-4-konishi.ryusuke@gmail.com Signed-off-by: Ryusuke Konishi <konishi.ryusuke@gmail.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
| * nilfs2: add missing argument descriptions for ioctl-related helpersRyusuke Konishi2024-09-021-2/+15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add missing argument descriptions and return value information to the kernel-doc comments for ioctl helper functions, and eliminate the following warnings output by the kernel-doc script: fs/nilfs2/ioctl.c:120: warning: Function parameter or struct member 'dentry' not described in 'nilfs_fileattr_get' fs/nilfs2/ioctl.c:120: warning: Function parameter or struct member 'fa' not described in 'nilfs_fileattr_get' fs/nilfs2/ioctl.c:133: warning: Function parameter or struct member 'idmap' not described in 'nilfs_fileattr_set' fs/nilfs2/ioctl.c:133: warning: Function parameter or struct member 'dentry' not described in 'nilfs_fileattr_set' fs/nilfs2/ioctl.c:133: warning: Function parameter or struct member 'fa' not described in 'nilfs_fileattr_set' fs/nilfs2/ioctl.c:164: warning: Function parameter or struct member 'inode' not described in 'nilfs_ioctl_getversion' fs/nilfs2/ioctl.c:164: warning: Function parameter or struct member 'argp' not described in 'nilfs_ioctl_getversion' Link: https://lkml.kernel.org/r/20240816074319.3253-3-konishi.ryusuke@gmail.com Signed-off-by: Ryusuke Konishi <konishi.ryusuke@gmail.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org>