OpenCloudOS-Kernel/fs
Liu Bo 02a3307aa9 btrfs: fix reading stale metadata blocks after degraded raid1 mounts
If a btree block, aka. extent buffer, is not available in the extent
buffer cache, it'll be read out from the disk instead, i.e.

btrfs_search_slot()
  read_block_for_search()  # hold parent and its lock, go to read child
    btrfs_release_path()
    read_tree_block()  # read child

Unfortunately, the parent lock got released before reading child, so
commit 5bdd3536cb ("Btrfs: Fix block generation verification race") had
used 0 as parent transid to read the child block.  It forces
read_tree_block() not to check if parent transid is different with the
generation id of the child that it reads out from disk.

A simple PoC is included in btrfs/124,

0. A two-disk raid1 btrfs,

1. Right after mkfs.btrfs, block A is allocated to be device tree's root.

2. Mount this filesystem and put it in use, after a while, device tree's
   root got COW but block A hasn't been allocated/overwritten yet.

3. Umount it and reload the btrfs module to remove both disks from the
   global @fs_devices list.

4. mount -odegraded dev1 and write some data, so now block A is allocated
   to be a leaf in checksum tree.  Note that only dev1 has the latest
   metadata of this filesystem.

5. Umount it and mount it again normally (with both disks), since raid1
   can pick up one disk by the writer task's pid, if btrfs_search_slot()
   needs to read block A, dev2 which does NOT have the latest metadata
   might be read for block A, then we got a stale block A.

6. As parent transid is not checked, block A is marked as uptodate and
   put into the extent buffer cache, so the future search won't bother
   to read disk again, which means it'll make changes on this stale
   one and make it dirty and flush it onto disk.

To avoid the problem, parent transid needs to be passed to
read_tree_block().

In order to get a valid parent transid, we need to hold the parent's
lock until finishing reading child.

This patch needs to be slightly adapted for stable kernels, the
&first_key parameter added to read_tree_block() is from 4.16+
(581c176041). The fix is to replace 0 by 'gen'.

Fixes: 5bdd3536cb ("Btrfs: Fix block generation verification race")
CC: stable@vger.kernel.org # 4.4+
Signed-off-by: Liu Bo <bo.liu@linux.alibaba.com>
Reviewed-by: Filipe Manana <fdmanana@suse.com>
Reviewed-by: Qu Wenruo <wqu@suse.com>
[ update changelog ]
Signed-off-by: David Sterba <dsterba@suse.com>
2018-05-17 14:18:25 +02:00
..
9p fs/*/Kconfig: drop links to 404-compliant http://acl.bestbits.at 2018-01-01 12:45:37 -07:00
adfs Rename superblock flags (MS_xyz -> SB_xyz) 2017-11-27 13:05:09 -08:00
affs iversion: Rename make inode_cmp_iversion{+raw} to inode_eq_iversion{+raw} 2018-02-01 08:15:25 -05:00
afs afs: Support the AFS dynamic root 2018-02-06 14:43:37 +00:00
autofs4 Merge branch 'userns-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace 2018-01-30 14:43:12 -08:00
befs befs: Define usercopy region in befs_inode_cache slab cache 2018-01-15 12:07:54 -08:00
bfs License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
btrfs btrfs: fix reading stale metadata blocks after degraded raid1 mounts 2018-05-17 14:18:25 +02:00
cachefiles vfs: do bulk POLL* -> EPOLL* replacement 2018-02-11 14:34:03 -08:00
ceph ceph: fix potential memory leak in init_caches() 2018-03-01 16:39:47 +01:00
cifs Add missing structs and defines from recent SMB3.1.1 documentation 2018-02-07 09:36:46 -06:00
coda vfs: do bulk POLL* -> EPOLL* replacement 2018-02-11 14:34:03 -08:00
configfs configfs: make ci_type field, some pointers and function arguments const 2017-10-19 16:15:16 +02:00
cramfs cramfs: better MTD dependency expression 2018-02-08 11:37:31 -08:00
crypto fscrypt: fix build with pre-4.6 gcc versions 2018-02-01 10:51:18 -05:00
debugfs vfs: do bulk POLL* -> EPOLL* replacement 2018-02-11 14:34:03 -08:00
devpts devpts: fix error handling in devpts_mntget() 2018-01-31 08:48:37 -08:00
dlm vfs: do bulk POLL* -> EPOLL* replacement 2018-02-11 14:34:03 -08:00
ecryptfs vfs: do bulk POLL* -> EPOLL* replacement 2018-02-11 14:34:03 -08:00
efivarfs efivarfs: Limit the rate for non-root to read files 2018-02-22 10:21:02 -08:00
efs Rename superblock flags (MS_xyz -> SB_xyz) 2017-11-27 13:05:09 -08:00
exofs iversion.h related cleanup for v4.16 2018-02-07 14:25:22 -08:00
exportfs
ext2 iversion.h related cleanup for v4.16 2018-02-07 14:25:22 -08:00
ext4 iversion.h related cleanup for v4.16 2018-02-07 14:25:22 -08:00
f2fs Refactor support for encrypted symlinks to move common code to fscrypt. 2018-02-04 10:43:12 -08:00
fat iversion: Rename make inode_cmp_iversion{+raw} to inode_eq_iversion{+raw} 2018-02-01 08:15:25 -05:00
freevxfs vxfs: Define usercopy region in vxfs_inode slab cache 2018-01-15 12:07:57 -08:00
fscache AFS development 2017-11-16 11:41:22 -08:00
fuse vfs: do bulk POLL* -> EPOLL* replacement 2018-02-11 14:34:03 -08:00
gfs2 gfs2: Fixes to "Implement iomap for block_map" (2) 2018-03-07 11:40:38 -07:00
hfs Rename superblock flags (MS_xyz -> SB_xyz) 2017-11-27 13:05:09 -08:00
hfsplus hfsplus: honor setgid flag on directories 2018-02-06 18:32:45 -08:00
hostfs License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
hpfs hpfs: don't bother with the i_version counter or f_version 2017-12-10 12:58:18 -08:00
hugetlbfs hugetlbfs: check for pgoff value overflow 2018-03-22 17:07:01 -07:00
isofs Rename superblock flags (MS_xyz -> SB_xyz) 2017-11-27 13:05:09 -08:00
jbd2 jbd2: fix sphinx kernel-doc build warnings 2018-01-10 00:27:29 -05:00
jffs2 Documentation updates for 4.16. New stuff includes refcount_t 2018-01-31 19:25:25 -08:00
jfs Currently, hardened usercopy performs dynamic bounds checking on slab 2018-02-03 16:25:42 -08:00
kernfs vfs: do bulk POLL* -> EPOLL* replacement 2018-02-11 14:34:03 -08:00
lockd lockd: Fix server refcounting 2018-01-24 17:33:57 -05:00
minix Rename superblock flags (MS_xyz -> SB_xyz) 2017-11-27 13:05:09 -08:00
nfs Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2018-03-15 18:57:14 -07:00
nfs_common lockd: fix "list_add double add" caused by legacy signal interface 2017-11-27 16:45:11 -05:00
nfsd nfsd: remove blocked locks on client teardown 2018-03-19 16:37:21 -04:00
nilfs2 nilfs2: use time64_t internally 2018-02-06 18:32:45 -08:00
nls License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
notify vfs: do bulk POLL* -> EPOLL* replacement 2018-02-11 14:34:03 -08:00
ntfs ntfs: remove i_version handling 2018-01-01 10:09:33 -05:00
ocfs2 vfs: do bulk POLL* -> EPOLL* replacement 2018-02-11 14:34:03 -08:00
omfs License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
openpromfs Rename superblock flags (MS_xyz -> SB_xyz) 2017-11-27 13:05:09 -08:00
orangefs vfs: do bulk POLL* -> EPOLL* replacement 2018-02-11 14:34:03 -08:00
overlayfs ovl: update Kconfig texts 2018-03-07 11:47:15 +01:00
proc Merge branch 'x86-urgent-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip 2018-02-14 17:31:51 -08:00
pstore fs: pstore: remove unused hardirq.h 2017-11-28 16:39:09 -08:00
qnx4 Rename superblock flags (MS_xyz -> SB_xyz) 2017-11-27 13:05:09 -08:00
qnx6 Rename superblock flags (MS_xyz -> SB_xyz) 2017-11-27 13:05:09 -08:00
quota quota: Check for register_shrinker() failure. 2017-11-29 16:46:48 +01:00
ramfs mm: make pagevec_lookup() update index 2017-09-06 17:27:26 -07:00
reiserfs fs/*/Kconfig: drop links to 404-compliant http://acl.bestbits.at 2018-01-01 12:45:37 -07:00
romfs Rename superblock flags (MS_xyz -> SB_xyz) 2017-11-27 13:05:09 -08:00
squashfs Rename superblock flags (MS_xyz -> SB_xyz) 2017-11-27 13:05:09 -08:00
sysfs sysfs: symlink: export sysfs_create_link_nowarn() 2018-03-19 21:14:26 -04:00
sysv Rename superblock flags (MS_xyz -> SB_xyz) 2017-11-27 13:05:09 -08:00
tracefs VFS: Don't use save/replace_mount_options if not using generic_show_options 2017-07-06 03:31:46 -04:00
ubifs Refactor support for encrypted symlinks to move common code to fscrypt. 2018-02-04 10:43:12 -08:00
udf udf: Sanitize nanoseconds for time stamps 2017-12-19 08:11:01 +01:00
ufs iversion.h related cleanup for v4.16 2018-02-07 14:25:22 -08:00
xfs xfs: don't block on the ilock for RWF_NOWAIT 2018-03-01 14:12:45 -08:00
Kconfig libnvdimm for 4.16 2018-02-06 10:41:33 -08:00
Kconfig.binfmt ARM: enable elf_fdpic on systems with an MMU 2017-09-10 19:31:46 -04:00
Makefile ncpfs: move net/ncpfs to drivers/staging/ncpfs 2017-11-28 13:55:01 +01:00
aio.c fs/aio: Use RCU accessors for kioctx_table->table[] 2018-03-14 12:10:17 -07:00
anon_inodes.c
attr.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
bad_inode.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
binfmt_aout.c fs: fix kernel_read prototype 2017-09-04 19:05:15 -04:00
binfmt_elf.c elf: fix NT_FILE integer overflow 2018-02-06 18:32:45 -08:00
binfmt_elf_fdpic.c Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2017-11-17 12:54:01 -08:00
binfmt_em86.c
binfmt_flat.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
binfmt_misc.c fs/binfmt_misc.c: node could be NULL when evicting inode 2017-10-13 16:18:33 -07:00
binfmt_script.c exec: load_script: kill the onstack interp[BINPRM_BUF_SIZE] array 2017-10-03 17:54:25 -07:00
block_dev.c blockdev: Avoid two active bdev inodes for one device 2018-02-26 09:48:42 -07:00
buffer.c Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2018-01-31 09:25:20 -08:00
char_dev.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
compat.c
compat_binfmt_elf.c
compat_ioctl.c fs: compat_ioctl: add new DVB demux ioctls 2017-12-28 11:17:29 -05:00
coredump.c Merge branch 'misc.compat' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2017-11-17 11:54:55 -08:00
dax.c Only miscellaneous cleanups and bug fixes for ext4 this cycle. 2018-02-03 13:49:22 -08:00
dcache.c fs: dcache: Use READ_ONCE when accessing i_dir_seq 2018-02-25 12:51:10 -05:00
dcookies.c
direct-io.c direct-io: Fix sleep in atomic due to sync AIO 2018-02-26 09:05:35 -07:00
drop_caches.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
eventfd.c vfs: do bulk POLL* -> EPOLL* replacement 2018-02-11 14:34:03 -08:00
eventpoll.c vfs: do bulk POLL* -> EPOLL* replacement 2018-02-11 14:34:03 -08:00
exec.c exec: Weaken dumpability for secureexec 2018-01-03 10:13:36 -08:00
fcntl.c vfs: do bulk POLL* -> EPOLL* replacement 2018-02-11 14:34:03 -08:00
fhandle.c vfs: Copy struct mount.mnt_id to userspace using put_user() 2018-01-15 12:07:51 -08:00
file.c Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2018-01-31 09:25:20 -08:00
file_table.c vfs: remove unused hardirq.h 2017-12-07 14:23:30 -05:00
filesystems.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
fs-writeback.c writeback: update comment in inode_io_list_move_locked 2018-01-06 09:18:00 -07:00
fs_pin.c Merge branch 'linus' into locking/core, to resolve conflicts 2017-11-07 10:32:44 +01:00
fs_struct.c
inode.c vfs: remove might_sleep() from clear_inode() 2018-02-06 18:32:47 -08:00
internal.h fs: expose do_unlinkat for built-in callers 2017-11-10 08:48:46 -05:00
ioctl.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
iomap.c iomap: warn on zero-length mappings 2018-01-29 07:27:24 -08:00
libfs.c Rename superblock flags (MS_xyz -> SB_xyz) 2017-11-27 13:05:09 -08:00
locks.c This request is late, apologies. 2018-02-08 15:18:32 -08:00
mbcache.c mbcache: make sure c_entry_count is not decremented past zero 2018-01-09 23:57:52 -05:00
mount.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
mpage.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
namei.c fs: Teach path_connected to handle nfs filesystems with multiple roots. 2018-03-15 18:48:38 -04:00
namespace.c VFS: Handle lazytime in do_mount() 2017-12-09 20:16:33 -05:00
no-block.c
nsfs.c nsfs: generalize ns_get_path() for path resolution with a task 2017-12-31 16:12:23 +01:00
open.c ovl: don't allow writing ioctl on lower layer 2017-09-05 12:53:12 +02:00
pipe.c vfs: do bulk POLL* -> EPOLL* replacement 2018-02-11 14:34:03 -08:00
pnode.c
pnode.h
posix_acl.c posix_acl: convert posix_acl.a_refcount from atomic_t to refcount_t 2018-01-02 19:27:28 -08:00
proc_namespace.c vfs: do bulk POLL* -> EPOLL* replacement 2018-02-11 14:34:03 -08:00
read_write.c Merge branch 'work.iov_iter' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2017-11-17 12:08:18 -08:00
readdir.c Merge branch 'linus' into locking/core, to resolve conflicts 2017-11-07 10:32:44 +01:00
select.c vfs: do bulk POLL* -> EPOLL* replacement 2018-02-11 14:34:03 -08:00
seq_file.c seq_file: fix incomplete reset on read from zero offset 2018-01-20 02:31:15 -05:00
signalfd.c fs/signalfd: fix build error for BUS_MCEERR_AR 2018-02-22 15:00:07 -06:00
splice.c locking/atomics: COCCINELLE/treewide: Convert trivial ACCESS_ONCE() patterns to READ_ONCE()/WRITE_ONCE() 2017-10-25 11:01:08 +02:00
stack.c
stat.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
statfs.c Rename superblock flags (MS_xyz -> SB_xyz) 2017-11-27 13:05:09 -08:00
super.c Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2018-01-31 09:25:20 -08:00
sync.c Merge branch 'for-4.15/block' of git://git.kernel.dk/linux-block 2017-11-14 15:32:19 -08:00
timerfd.c vfs: do bulk POLL* -> EPOLL* replacement 2018-02-11 14:34:03 -08:00
userfaultfd.c vfs: do bulk POLL* -> EPOLL* replacement 2018-02-11 14:34:03 -08:00
utimes.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
xattr.c lsm: fix smack_inode_removexattr and xattr_getsecurity memleak 2017-10-04 18:03:15 +11:00