From: Sasha Levin <sashal@kernel.org>
To: linux-kernel@vger.kernel.org, stable@vger.kernel.org
Cc: OGAWA Hirofumi <hirofumi@mail.parknet.co.jp>,
Jan Stancek <jstancek@redhat.com>,
Andrew Morton <akpm@linux-foundation.org>,
Linus Torvalds <torvalds@linux-foundation.org>,
Sasha Levin <sashal@kernel.org>
Subject: [PATCH AUTOSEL 4.14 18/23] fat: work around race with userspace's read via blockdev while mounting
Date: Sun, 29 Sep 2019 13:35:28 -0400 [thread overview]
Message-ID: <20190929173535.9744-18-sashal@kernel.org> (raw)
In-Reply-To: <20190929173535.9744-1-sashal@kernel.org>
From: OGAWA Hirofumi <hirofumi@mail.parknet.co.jp>
[ Upstream commit 07bfa4415ab607e459b69bd86aa7e7602ce10b4f ]
If userspace reads the buffer via blockdev while mounting,
sb_getblk()+modify can race with buffer read via blockdev.
For example,
FS userspace
bh = sb_getblk()
modify bh->b_data
read
ll_rw_block(bh)
fill bh->b_data by on-disk data
/* lost modified data by FS */
set_buffer_uptodate(bh)
set_buffer_uptodate(bh)
Userspace should not use the blockdev while mounting though, the udev
seems to be already doing this. Although I think the udev should try to
avoid this, workaround the race by small overhead.
Link: http://lkml.kernel.org/r/87pnk7l3sw.fsf_-_@mail.parknet.co.jp
Signed-off-by: OGAWA Hirofumi <hirofumi@mail.parknet.co.jp>
Reported-by: Jan Stancek <jstancek@redhat.com>
Tested-by: Jan Stancek <jstancek@redhat.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
fs/fat/dir.c | 13 +++++++++++--
fs/fat/fatent.c | 3 +++
2 files changed, 14 insertions(+), 2 deletions(-)
diff --git a/fs/fat/dir.c b/fs/fat/dir.c
index 81cecbe6d7cf6..971e369517a73 100644
--- a/fs/fat/dir.c
+++ b/fs/fat/dir.c
@@ -1097,8 +1097,11 @@ static int fat_zeroed_cluster(struct inode *dir, sector_t blknr, int nr_used,
err = -ENOMEM;
goto error;
}
+ /* Avoid race with userspace read via bdev */
+ lock_buffer(bhs[n]);
memset(bhs[n]->b_data, 0, sb->s_blocksize);
set_buffer_uptodate(bhs[n]);
+ unlock_buffer(bhs[n]);
mark_buffer_dirty_inode(bhs[n], dir);
n++;
@@ -1155,6 +1158,8 @@ int fat_alloc_new_dir(struct inode *dir, struct timespec *ts)
fat_time_unix2fat(sbi, ts, &time, &date, &time_cs);
de = (struct msdos_dir_entry *)bhs[0]->b_data;
+ /* Avoid race with userspace read via bdev */
+ lock_buffer(bhs[0]);
/* filling the new directory slots ("." and ".." entries) */
memcpy(de[0].name, MSDOS_DOT, MSDOS_NAME);
memcpy(de[1].name, MSDOS_DOTDOT, MSDOS_NAME);
@@ -1177,6 +1182,7 @@ int fat_alloc_new_dir(struct inode *dir, struct timespec *ts)
de[0].size = de[1].size = 0;
memset(de + 2, 0, sb->s_blocksize - 2 * sizeof(*de));
set_buffer_uptodate(bhs[0]);
+ unlock_buffer(bhs[0]);
mark_buffer_dirty_inode(bhs[0], dir);
err = fat_zeroed_cluster(dir, blknr, 1, bhs, MAX_BUF_PER_PAGE);
@@ -1234,11 +1240,14 @@ static int fat_add_new_entries(struct inode *dir, void *slots, int nr_slots,
/* fill the directory entry */
copy = min(size, sb->s_blocksize);
+ /* Avoid race with userspace read via bdev */
+ lock_buffer(bhs[n]);
memcpy(bhs[n]->b_data, slots, copy);
- slots += copy;
- size -= copy;
set_buffer_uptodate(bhs[n]);
+ unlock_buffer(bhs[n]);
mark_buffer_dirty_inode(bhs[n], dir);
+ slots += copy;
+ size -= copy;
if (!size)
break;
n++;
diff --git a/fs/fat/fatent.c b/fs/fat/fatent.c
index 9635df94db7d9..24ed1f4e48ae2 100644
--- a/fs/fat/fatent.c
+++ b/fs/fat/fatent.c
@@ -389,8 +389,11 @@ static int fat_mirror_bhs(struct super_block *sb, struct buffer_head **bhs,
err = -ENOMEM;
goto error;
}
+ /* Avoid race with userspace read via bdev */
+ lock_buffer(c_bh);
memcpy(c_bh->b_data, bhs[n]->b_data, sb->s_blocksize);
set_buffer_uptodate(c_bh);
+ unlock_buffer(c_bh);
mark_buffer_dirty_inode(c_bh, sbi->fat_inode);
if (sb->s_flags & MS_SYNCHRONOUS)
err = sync_dirty_buffer(c_bh);
--
2.20.1
next prev parent reply other threads:[~2019-09-29 17:38 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-09-29 17:35 [PATCH AUTOSEL 4.14 01/23] clk: jz4740: Add TCU clock Sasha Levin
2019-09-29 17:35 ` Sasha Levin
2019-09-29 17:35 ` [PATCH AUTOSEL 4.14 02/23] MIPS: tlbex: Explicitly cast _PAGE_NO_EXEC to a boolean Sasha Levin
2019-09-29 17:35 ` [PATCH AUTOSEL 4.14 03/23] i2c-cht-wc: Fix lockdep warning Sasha Levin
2019-09-29 17:35 ` [PATCH AUTOSEL 4.14 04/23] mfd: intel-lpss: Remove D3cold delay Sasha Levin
2019-09-29 17:35 ` [PATCH AUTOSEL 4.14 05/23] PCI: tegra: Fix OF node reference leak Sasha Levin
2019-09-29 17:35 ` [PATCH AUTOSEL 4.14 06/23] livepatch: Nullify obj->mod in klp_module_coming()'s error path Sasha Levin
2019-09-29 17:35 ` [PATCH AUTOSEL 4.14 07/23] ARM: 8898/1: mm: Don't treat faults reported from cache maintenance as writes Sasha Levin
2019-09-29 17:35 ` [PATCH AUTOSEL 4.14 08/23] ARM: 8875/1: Kconfig: default to AEABI w/ Clang Sasha Levin
2019-09-29 18:08 ` Nathan Chancellor
2019-10-05 23:02 ` Sasha Levin
2019-09-29 17:35 ` [PATCH AUTOSEL 4.14 09/23] MIPS: lantiq: update the clock alias' for the mainline PCIe PHY driver Sasha Levin
2019-09-29 17:35 ` [PATCH AUTOSEL 4.14 10/23] firmware: bcm47xx_nvram: Correct size_t printf format Sasha Levin
2019-09-29 17:35 ` [PATCH AUTOSEL 4.14 11/23] rtc: snvs: fix possible race condition Sasha Levin
2019-09-29 17:35 ` [PATCH AUTOSEL 4.14 12/23] HID: apple: Fix stuck function keys when using FN Sasha Levin
2019-09-29 17:35 ` [PATCH AUTOSEL 4.14 13/23] PCI: rockchip: Propagate errors for optional regulators Sasha Levin
2019-09-29 17:35 ` [PATCH AUTOSEL 4.14 14/23] PCI: imx6: " Sasha Levin
2019-09-29 17:35 ` [PATCH AUTOSEL 4.14 15/23] PCI: exynos: Propagate errors for optional PHYs Sasha Levin
2019-09-29 17:35 ` [PATCH AUTOSEL 4.14 16/23] security: smack: Fix possible null-pointer dereferences in smack_socket_sock_rcv_skb() Sasha Levin
2019-09-29 17:35 ` [PATCH AUTOSEL 4.14 17/23] ARM: 8903/1: ensure that usable memory in bank 0 starts from a PMD-aligned address Sasha Levin
2019-09-29 17:35 ` Sasha Levin [this message]
2019-09-29 17:35 ` [PATCH AUTOSEL 4.14 19/23] pktcdvd: remove warning on attempting to register non-passthrough dev Sasha Levin
2019-09-29 17:35 ` [PATCH AUTOSEL 4.14 20/23] hypfs: Fix error number left in struct pointer member Sasha Levin
2019-09-29 17:35 ` [PATCH AUTOSEL 4.14 21/23] kbuild: clean compressed initramfs image Sasha Levin
2019-09-29 17:35 ` [PATCH AUTOSEL 4.14 22/23] ocfs2: wait for recovering done after direct unlock request Sasha Levin
2019-09-29 17:35 ` [PATCH AUTOSEL 4.14 23/23] kmemleak: increase DEBUG_KMEMLEAK_EARLY_LOG_SIZE default to 16K Sasha Levin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190929173535.9744-18-sashal@kernel.org \
--to=sashal@kernel.org \
--cc=akpm@linux-foundation.org \
--cc=hirofumi@mail.parknet.co.jp \
--cc=jstancek@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=stable@vger.kernel.org \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.