diff mbox series

ceph: fix end offset in truncate_inode_pages_range call

Message ID 20190701171634.20290-1-lhenriques@suse.com (mailing list archive)
State New, archived
Headers show
Series ceph: fix end offset in truncate_inode_pages_range call | expand

Commit Message

Luis Henriques July 1, 2019, 5:16 p.m. UTC
Commit e450f4d1a5d6 ("ceph: pass inclusive lend parameter to
filemap_write_and_wait_range()") fixed the end offset parameter used to
call filemap_write_and_wait_range and invalidate_inode_pages2_range.
Unfortunately it missed truncate_inode_pages_range, introducing a
regression that is easily detected by xfstest generic/130.

The problem is that when doing direct IO it is possible that an extra page
is truncated from the page cache when the end offset is page aligned.
This can cause data loss if that page hasn't been sync'ed to the OSDs.

While there, change code to use PAGE_ALIGN macro instead.

Fixes: e450f4d1a5d6 ("ceph: pass inclusive lend parameter to filemap_write_and_wait_range()")
Signed-off-by: Luis Henriques <lhenriques@suse.com>
---
 fs/ceph/file.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Comments

Jeff Layton July 1, 2019, 5:31 p.m. UTC | #1
On Mon, 2019-07-01 at 18:16 +0100, Luis Henriques wrote:
> Commit e450f4d1a5d6 ("ceph: pass inclusive lend parameter to
> filemap_write_and_wait_range()") fixed the end offset parameter used to
> call filemap_write_and_wait_range and invalidate_inode_pages2_range.
> Unfortunately it missed truncate_inode_pages_range, introducing a
> regression that is easily detected by xfstest generic/130.
> 
> The problem is that when doing direct IO it is possible that an extra page
> is truncated from the page cache when the end offset is page aligned.
> This can cause data loss if that page hasn't been sync'ed to the OSDs.
> 
> While there, change code to use PAGE_ALIGN macro instead.
> 
> Fixes: e450f4d1a5d6 ("ceph: pass inclusive lend parameter to filemap_write_and_wait_range()")
> Signed-off-by: Luis Henriques <lhenriques@suse.com>
> ---
>  fs/ceph/file.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/fs/ceph/file.c b/fs/ceph/file.c
> index 183c37c0a8fc..7a57db8e2fa9 100644
> --- a/fs/ceph/file.c
> +++ b/fs/ceph/file.c
> @@ -1007,7 +1007,7 @@ 	(struct kiocb *iocb, struct iov_iter *iter,
>  			 * may block.
>  			 */
>  			truncate_inode_pages_range(inode->i_mapping, pos,
> -					(pos+len) | (PAGE_SIZE - 1));
> +						   PAGE_ALIGN(pos + len) - 1);
>  
>  			req->r_mtime = mtime;
>  		}

Reviewed-by: Jeff Layton <jlayton@kernel.org>
Jeff Layton July 2, 2019, 1:48 p.m. UTC | #2
On Mon, 2019-07-01 at 18:16 +0100, Luis Henriques wrote:
> Commit e450f4d1a5d6 ("ceph: pass inclusive lend parameter to
> filemap_write_and_wait_range()") fixed the end offset parameter used to
> call filemap_write_and_wait_range and invalidate_inode_pages2_range.
> Unfortunately it missed truncate_inode_pages_range, introducing a
> regression that is easily detected by xfstest generic/130.
> 
> The problem is that when doing direct IO it is possible that an extra page
> is truncated from the page cache when the end offset is page aligned.
> This can cause data loss if that page hasn't been sync'ed to the OSDs.
> 
> While there, change code to use PAGE_ALIGN macro instead.
> 
> Fixes: e450f4d1a5d6 ("ceph: pass inclusive lend parameter to filemap_write_and_wait_range()")
> Signed-off-by: Luis Henriques <lhenriques@suse.com>
> ---
>  fs/ceph/file.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/fs/ceph/file.c b/fs/ceph/file.c
> index 183c37c0a8fc..7a57db8e2fa9 100644
> --- a/fs/ceph/file.c
> +++ b/fs/ceph/file.c
> @@ -1007,7 +1007,7 @@ ceph_direct_read_write(struct kiocb *iocb, struct iov_iter *iter,
>  			 * may block.
>  			 */
>  			truncate_inode_pages_range(inode->i_mapping, pos,
> -					(pos+len) | (PAGE_SIZE - 1));
> +						   PAGE_ALIGN(pos + len) - 1);
>  
>  			req->r_mtime = mtime;
>  		}

Luis, should this be sent to stable? It seems like a data corruption
problem...

Thanks,
Luis Henriques July 2, 2019, 1:58 p.m. UTC | #3
"Jeff Layton" <jlayton@kernel.org> writes:

> On Mon, 2019-07-01 at 18:16 +0100, Luis Henriques wrote:
>> Commit e450f4d1a5d6 ("ceph: pass inclusive lend parameter to
>> filemap_write_and_wait_range()") fixed the end offset parameter used to
>> call filemap_write_and_wait_range and invalidate_inode_pages2_range.
>> Unfortunately it missed truncate_inode_pages_range, introducing a
>> regression that is easily detected by xfstest generic/130.
>> 
>> The problem is that when doing direct IO it is possible that an extra page
>> is truncated from the page cache when the end offset is page aligned.
>> This can cause data loss if that page hasn't been sync'ed to the OSDs.
>> 
>> While there, change code to use PAGE_ALIGN macro instead.
>> 
>> Fixes: e450f4d1a5d6 ("ceph: pass inclusive lend parameter to filemap_write_and_wait_range()")
>> Signed-off-by: Luis Henriques <lhenriques@suse.com>
>> ---
>>  fs/ceph/file.c | 2 +-
>>  1 file changed, 1 insertion(+), 1 deletion(-)
>> 
>> diff --git a/fs/ceph/file.c b/fs/ceph/file.c
>> index 183c37c0a8fc..7a57db8e2fa9 100644
>> --- a/fs/ceph/file.c
>> +++ b/fs/ceph/file.c
>> @@ -1007,7 +1007,7 @@ ceph_direct_read_write(struct kiocb *iocb, struct iov_iter *iter,
>>  			 * may block.
>>  			 */
>>  			truncate_inode_pages_range(inode->i_mapping, pos,
>> -					(pos+len) | (PAGE_SIZE - 1));
>> +						   PAGE_ALIGN(pos + len) - 1);
>>  
>>  			req->r_mtime = mtime;
>>  		}
>
> Luis, should this be sent to stable? It seems like a data corruption
> problem...

Yes, I believe so.  But I believe all the active stable kernels that
include commit e450f4d1a5d6 (or a backport of it) will pick it anyway
due to the 'Fixes:' tag.  AFAIK only 5.1 and 5.2 are affected.

Cheers,
diff mbox series

Patch

diff --git a/fs/ceph/file.c b/fs/ceph/file.c
index 183c37c0a8fc..7a57db8e2fa9 100644
--- a/fs/ceph/file.c
+++ b/fs/ceph/file.c
@@ -1007,7 +1007,7 @@  ceph_direct_read_write(struct kiocb *iocb, struct iov_iter *iter,
 			 * may block.
 			 */
 			truncate_inode_pages_range(inode->i_mapping, pos,
-					(pos+len) | (PAGE_SIZE - 1));
+						   PAGE_ALIGN(pos + len) - 1);
 
 			req->r_mtime = mtime;
 		}