From patchwork Thu Sep 19 16:07:41 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Brian Foster X-Patchwork-Id: 13807834 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 29DF7CF3960 for ; Thu, 19 Sep 2024 16:06:47 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 8E42E6B0095; Thu, 19 Sep 2024 12:06:44 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 820196B0099; Thu, 19 Sep 2024 12:06:44 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 50A916B0096; Thu, 19 Sep 2024 12:06:44 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17]) by kanga.kvack.org (Postfix) with ESMTP id 296E46B0095 for ; Thu, 19 Sep 2024 12:06:44 -0400 (EDT) Received: from smtpin21.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay06.hostedemail.com (Postfix) with ESMTP id D000DAB2B3 for ; Thu, 19 Sep 2024 16:06:43 +0000 (UTC) X-FDA: 82581965886.21.AE777BC Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by imf01.hostedemail.com (Postfix) with ESMTP id F0CF440029 for ; Thu, 19 Sep 2024 16:06:41 +0000 (UTC) Authentication-Results: imf01.hostedemail.com; dkim=pass header.d=redhat.com header.s=mimecast20190719 header.b=dMiGmp7r; dmarc=pass (policy=none) header.from=redhat.com; spf=pass (imf01.hostedemail.com: domain of bfoster@redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=bfoster@redhat.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1726761969; a=rsa-sha256; cv=none; b=8GVTWBtHhBV/OfUxi1GcLYC/DHPd/MllISZpQ5IpB7jhmpMO6olQLsoP/rTk826+22m30L CRnP5HEcpY0HfTnWB9dmMRIvIz2P0pumpgA9eTSSmsFN0Zrc7oB8+Dh+I2gqQ0U+sTRlYi tpeB4Kc2Q82GRbnBajyQhn3QDgVTZeY= ARC-Authentication-Results: i=1; imf01.hostedemail.com; dkim=pass header.d=redhat.com header.s=mimecast20190719 header.b=dMiGmp7r; dmarc=pass (policy=none) header.from=redhat.com; spf=pass (imf01.hostedemail.com: domain of bfoster@redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=bfoster@redhat.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1726761969; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=J42C6q/FXZPCUSvnSAnn35Rn8chzdx2XnsN02GbHj8A=; b=5Cj8Ln7NrOtLsOOPTxDQ79qMIKOOtuIXLSMcZTlP82h+ZiZ/bN9d6YJQ7iBQ6J8koIS38C Ih4VMkwtSLShbIcUW3++1KKi96iJu9/AlFx4Xf1SRYsvE8D2zfaoWupFAWQcrb7Q3oGere pztswJrhlPS50DTcpAciSlYHkN2kfyc= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1726762001; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=J42C6q/FXZPCUSvnSAnn35Rn8chzdx2XnsN02GbHj8A=; b=dMiGmp7ra17zQ8YCvuABl/m6U6NhlRVmPMTWgbQljGOf2lSy57ibRh7oVZMca0HmNd0Lhg Kj1mMQ/g9EuLc6v8/4PI1HxUzEhElPL8tSizsQ0PH5o8RPd8OGM0no41q5YasS6s7d79ch dJqIjhdG90W1R/3VxN5lrNc+3jTiVxo= Received: from mx-prod-mc-01.mail-002.prod.us-west-2.aws.redhat.com (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-231-wfQAY_bfMzKVfvtJnsgYFg-1; Thu, 19 Sep 2024 12:06:37 -0400 X-MC-Unique: wfQAY_bfMzKVfvtJnsgYFg-1 Received: from mx-prod-int-05.mail-002.prod.us-west-2.aws.redhat.com (unknown [10.30.177.17]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-01.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id 50B971936125; Thu, 19 Sep 2024 16:06:36 +0000 (UTC) Received: from bfoster.redhat.com (unknown [10.22.9.175]) by mx-prod-int-05.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id 6590919560A3; Thu, 19 Sep 2024 16:06:35 +0000 (UTC) From: Brian Foster To: linux-ext4@vger.kernel.org, linux-mm@kvack.org Cc: linux-fsdevel@vger.kernel.org, willy@infradead.org Subject: [PATCH 2/2] mm: zero range of eof folio exposed by inode size extension Date: Thu, 19 Sep 2024 12:07:41 -0400 Message-ID: <20240919160741.208162-3-bfoster@redhat.com> In-Reply-To: <20240919160741.208162-1-bfoster@redhat.com> References: <20240919160741.208162-1-bfoster@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.0 on 10.30.177.17 X-Rspam-User: X-Rspamd-Queue-Id: F0CF440029 X-Rspamd-Server: rspam01 X-Stat-Signature: sr8u5guimy7nzco61sndo586c7ay1trw X-HE-Tag: 1726762001-828179 X-HE-Meta: U2FsdGVkX19yyjkHnp4/E1mB+rancsFUbtR0fV/Jj4X28ORYJEUOs9+7iXZAAOC3+q5Lxo/Jdpzk2+xlBHlA7zK+rlDpR9UEavP8uhVTYHW7ZrFpbS1YWXapJmhhkAl6TbSeW/6h6FPtS1ZoUi/YBLheB2oCnQgy1+edGqG1215d+fvVi4jxhgtUJJWsJ+pvb1icf4zMQJ7W4bS9MMPC/B/PpgnDXA/v1slyFdtf7gWqnhYvtoy5oVX9VxEtIs4hgLG50oyGM7IC0VgS8JzLR8I4bQC6g6Vz9S5As71ciG+Sm3fVIPrHjoMi1klK6fPRccIEA0LYN21DvmWcopSv3ry3EanRoPiVezyiKxCCxh6i1JKxyU/v91fIddan88xKnG3OgN7zpouWxrQS1SqhA0oeqdgU+Judm0GORLL/p4R9xitlyAzUGS1xi9/p+5Y4DjQ4mFG+Bondrs6tGCcJxYTRwK59nj87sVESH5CMU5iQx/cxU+AkizVtsXVYEqBsFLs5vquCc3SzygJlTRgh2Kge/AqNkxil/XiF37LT5AXC/5BdNSAgG5UPDT8cTEouTbGYGwN0d390lYBe7rHtEpZfgfs2budyglSk8ZciLsFsGkRag4r0LGyEzxVnp5A2bbva4PJrBUXOHN+/YJbW1/vDmpRul1g1FlvhTNbLNQwGSBdiaN68zRxoPPTnnzKm3G4YNaCRnS0NIh05Xl9wZVwQFDdV+EQUSCW7s1l84kqoXOh82nJ6ln+bV/V4PAsNVTfx9VLxX7oDYReLkxwI/sTj+CsLstGIRYaONhioIMwYgb1S60jiNOcJmo46gtVcVVkRgYbrUBGRhLC5SesHTYpV719nX/9EpCXCwB4Y8l4MculaLYGbgDqtLCnXyrq4zvjS3wMm+ZJKTEnra+AofRYCRurAYtRf5pPHh48s7F+4TnJDUlYIuuHdp4NFFauETr8BrHKXjx25yzZcq5i aYSUZmyY wBoiMiNyJ5J6RxZxQyF6KenzND7/NA8kWJoPromWGnv5MkRKkGngMPw6Ue7gVwHkfVIfLmgt3JX+fwGl16YYcHZjC6BQfQmlQ6hc5l4hxnOBcEU4/1PRrgVUY7f4rHTp4JLsF9wteFXVwY9MME631fIh6ChZg6wz8SuXpLIlti5697GfW4ydJtxQT7OACvzTHrmZSvhcXIY4NC6Mo2JiS9/CLhU60MdSlAlYij/7Cnp8Ry/SrHkYYt8Yw1tDU9RsXg/iE/cDcpMbQ+uHACkfpl/ANt02+PHOE0IZFGmUAcqoCpHN38UsDt6YcC+nvGSjXcjVgf1ZNw2wjwPw= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On some filesystems, it is currently possible to create a transient data inconsistency between pagecache and on-disk state. For example, on a 1k block size ext4 filesystem: $ xfs_io -fc "pwrite 0 2k" -c "mmap 0 4k" -c "mwrite 2k 2k" \ -c "truncate 8k" -c "fiemap -v" -c "pread -v 2k 16" ... EXT: FILE-OFFSET BLOCK-RANGE TOTAL FLAGS 0: [0..3]: 17410..17413 4 0x1 1: [4..15]: hole 12 00000800: 58 58 58 58 58 58 58 58 58 58 58 58 58 58 58 58 XXXXXXXXXXXXXXXX $ umount ; mount $ xfs_io -c "pread -v 2k 16" 00000800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ This allocates and writes two 1k blocks, map writes to the post-eof portion of the (4k) eof folio, extends the file, and then shows that the post-eof data is not cleared before the file size is extended. The result is pagecache with a clean and uptodate folio over a hole that returns non-zero data. Once reclaimed, pagecache begins to return valid data. Some filesystems avoid this problem by flushing the EOF folio before inode size extension. This triggers writeback time partial post-eof zeroing. XFS explicitly zeroes newly exposed file ranges via iomap_zero_range(), but this includes a hack to flush dirty but hole-backed folios, which means writeback actually does the zeroing in this particular case as well. bcachefs explicitly flushes the eof folio on truncate extension to the same effect, but doesn't handle the analogous write extension case (i.e., replace "truncate 8k" with "pwrite 4k 4k" in the above example command to reproduce the same problem on bcachefs). btrfs doesn't seem to support subpage block sizes. The two main options to avoid this behavior are to either flush or do the appropriate zeroing during size extending operations. Zeroing is only required when the size change exposes ranges of the file that haven't been directly written, such as a write or truncate that starts beyond the current eof. The pagecache_isize_extended() helper is already used for this particular scenario. It currently cleans any pte's for the eof folio to ensure preexisting mappings fault and allow the filesystem to take action based on the updated inode size. This is required to ensure the folio is fully backed by allocated blocks, for example, but this also happens to be the same scenario zeroing is required. Update pagecache_isize_extended() to zero the post-eof range of the eof folio if it is dirty at the time of the size change, since writeback now won't have the chance. If non-dirty, the folio has either not been written or the post-eof portion was zeroed by writeback. Signed-off-by: Brian Foster --- mm/truncate.c | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/mm/truncate.c b/mm/truncate.c index 0668cd340a46..6e7f3cfb982d 100644 --- a/mm/truncate.c +++ b/mm/truncate.c @@ -797,6 +797,21 @@ void pagecache_isize_extended(struct inode *inode, loff_t from, loff_t to) */ if (folio_mkclean(folio)) folio_mark_dirty(folio); + + /* + * The post-eof range of the folio must be zeroed before it is exposed + * to the file. Writeback normally does this, but since i_size has been + * increased we handle it here. + */ + if (folio_test_dirty(folio)) { + unsigned int offset, end; + + offset = from - folio_pos(folio); + end = min_t(unsigned int, to - folio_pos(folio), + folio_size(folio)); + folio_zero_segment(folio, offset, end); + } + folio_unlock(folio); folio_put(folio); }