UbiquitousOS
/
OpenCloudOS-Kernel
mirror of https://gitee.com/OpenCloudOS/OpenCloudOS-Kernel.git
11
0
Fork 0
Code Issues Projects Releases Wiki Activity

ext4: don't set up encryption key during jbd2 transaction 

Commit a80f7fcf18 ("ext4: fixup ext4_fc_track_* functions' signature")
extended the scope of the transaction in ext4_unlink() too far, making
it include the call to ext4_find_entry().  However, ext4_find_entry()
can deadlock when called from within a transaction because it may need
to set up the directory's encryption key.

Fix this by restoring the transaction to its original scope.

Reported-by: syzbot+1a748d0007eeac3ab079@syzkaller.appspotmail.com
Fixes: a80f7fcf18 ("ext4: fixup ext4_fc_track_* functions' signature")
Cc: <stable@vger.kernel.org> # v5.10+
Signed-off-by: Eric Biggers <ebiggers@google.com>
Link: https://lore.kernel.org/r/20221106224841.279231-3-ebiggers@kernel.org
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
This commit is contained in:
Eric Biggers 2022-11-06 14:48:36 -08:00 committed by Theodore Ts'o
parent 0fbcb5251f
commit 4c0d577838
3 changed files with 27 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
fs/ext4/ext4.h
View File

@ -3620,8 +3620,8 @@ extern void ext4_initialize_dirent_tail(struct buffer_head *bh,
unsigned int blocksize); unsigned int blocksize);
extern int ext4_handle_dirty_dirblock(handle_t *handle, struct inode *inode, extern int ext4_handle_dirty_dirblock(handle_t *handle, struct inode *inode,
struct buffer_head *bh); struct buffer_head *bh);
extern int __ext4_unlink(handle_t *handle, struct inode *dir, const struct qstr *d_name, extern int __ext4_unlink(struct inode *dir, const struct qstr *d_name,
struct inode *inode); struct inode *inode, struct dentry *dentry);
extern int __ext4_link(struct inode *dir, struct inode *inode, extern int __ext4_link(struct inode *dir, struct inode *inode,
struct dentry *dentry); struct dentry *dentry);

2
fs/ext4/fast_commit.c
View File

@ -1397,7 +1397,7 @@ static int ext4_fc_replay_unlink(struct super_block *sb, struct ext4_fc_tl *tl,
return 0; return 0;
} }
ret = __ext4_unlink(NULL, old_parent, &entry, inode); ret = __ext4_unlink(old_parent, &entry, inode, NULL);
/* -ENOENT ok coz it might not exist anymore. */ /* -ENOENT ok coz it might not exist anymore. */
if (ret == -ENOENT) if (ret == -ENOENT)
ret = 0; ret = 0;

44
fs/ext4/namei.c
View File

@ -3204,14 +3204,20 @@ end_rmdir:
return retval; return retval;
} }
int __ext4_unlink(handle_t *handle, struct inode *dir, const struct qstr *d_name, int __ext4_unlink(struct inode *dir, const struct qstr *d_name,
struct inode *inode) struct inode *inode,
struct dentry *dentry /* NULL during fast_commit recovery */)
{ {
int retval = -ENOENT; int retval = -ENOENT;
struct buffer_head *bh; struct buffer_head *bh;
struct ext4_dir_entry_2 *de; struct ext4_dir_entry_2 *de;
handle_t *handle;
int skip_remove_dentry = 0; int skip_remove_dentry = 0;
/*
* Keep this outside the transaction; it may have to set up the
* directory's encryption key, which isn't GFP_NOFS-safe.
*/
bh = ext4_find_entry(dir, d_name, &de, NULL); bh = ext4_find_entry(dir, d_name, &de, NULL);
if (IS_ERR(bh)) if (IS_ERR(bh))
return PTR_ERR(bh); return PTR_ERR(bh);
@ -3228,7 +3234,14 @@ int __ext4_unlink(handle_t *handle, struct inode *dir, const struct qstr *d_name
if (EXT4_SB(inode->i_sb)->s_mount_state & EXT4_FC_REPLAY) if (EXT4_SB(inode->i_sb)->s_mount_state & EXT4_FC_REPLAY)
skip_remove_dentry = 1; skip_remove_dentry = 1;
else else
goto out; goto out_bh;
}
handle = ext4_journal_start(dir, EXT4_HT_DIR,
EXT4_DATA_TRANS_BLOCKS(dir->i_sb));
if (IS_ERR(handle)) {
retval = PTR_ERR(handle);
goto out_bh;
} }
if (IS_DIRSYNC(dir)) if (IS_DIRSYNC(dir))
@ -3237,12 +3250,12 @@ int __ext4_unlink(handle_t *handle, struct inode *dir, const struct qstr *d_name
if (!skip_remove_dentry) { if (!skip_remove_dentry) {
retval = ext4_delete_entry(handle, dir, de, bh); retval = ext4_delete_entry(handle, dir, de, bh);
if (retval) if (retval)
goto out; goto out_handle;
dir->i_ctime = dir->i_mtime = current_time(dir); dir->i_ctime = dir->i_mtime = current_time(dir);
ext4_update_dx_flag(dir); ext4_update_dx_flag(dir);
retval = ext4_mark_inode_dirty(handle, dir); retval = ext4_mark_inode_dirty(handle, dir);
if (retval) if (retval)
goto out; goto out_handle;
} else { } else {
retval = 0; retval = 0;
} }
@ -3255,15 +3268,17 @@ int __ext4_unlink(handle_t *handle, struct inode *dir, const struct qstr *d_name
ext4_orphan_add(handle, inode); ext4_orphan_add(handle, inode);
inode->i_ctime = current_time(inode); inode->i_ctime = current_time(inode);
retval = ext4_mark_inode_dirty(handle, inode); retval = ext4_mark_inode_dirty(handle, inode);
if (dentry && !retval)
out: ext4_fc_track_unlink(handle, dentry);
out_handle:
ext4_journal_stop(handle);
out_bh:
brelse(bh); brelse(bh);
return retval; return retval;
} }
static int ext4_unlink(struct inode *dir, struct dentry *dentry) static int ext4_unlink(struct inode *dir, struct dentry *dentry)
{ {
handle_t *handle;
int retval; int retval;
if (unlikely(ext4_forced_shutdown(EXT4_SB(dir->i_sb)))) if (unlikely(ext4_forced_shutdown(EXT4_SB(dir->i_sb))))
@ -3281,16 +3296,7 @@ static int ext4_unlink(struct inode *dir, struct dentry *dentry)
if (retval) if (retval)
goto out_trace; goto out_trace;
handle = ext4_journal_start(dir, EXT4_HT_DIR, retval = __ext4_unlink(dir, &dentry->d_name, d_inode(dentry), dentry);
EXT4_DATA_TRANS_BLOCKS(dir->i_sb));
if (IS_ERR(handle)) {
retval = PTR_ERR(handle);
goto out_trace;
}
retval = __ext4_unlink(handle, dir, &dentry->d_name, d_inode(dentry));
if (!retval)
ext4_fc_track_unlink(handle, dentry);
#if IS_ENABLED(CONFIG_UNICODE) #if IS_ENABLED(CONFIG_UNICODE)
/* VFS negative dentries are incompatible with Encoding and /* VFS negative dentries are incompatible with Encoding and
* Case-insensitiveness. Eventually we'll want avoid * Case-insensitiveness. Eventually we'll want avoid
@ -3301,8 +3307,6 @@ static int ext4_unlink(struct inode *dir, struct dentry *dentry)
if (IS_CASEFOLDED(dir)) if (IS_CASEFOLDED(dir))
d_invalidate(dentry); d_invalidate(dentry);
#endif #endif
if (handle)
ext4_journal_stop(handle);
out_trace: out_trace:
trace_ext4_unlink_exit(dentry, retval); trace_ext4_unlink_exit(dentry, retval);