Re: [PATCH V3 03/10] xfs: Check for extent overflow when deleting an extent

From: Chandan Babu R <chandanrlinux@gmail.com>
To: "Darrick J. Wong" <darrick.wong@oracle.com>
Cc: linux-xfs@vger.kernel.org, david@fromorbit.com, hch@infradead.org
Subject: Re: [PATCH V3 03/10] xfs: Check for extent overflow when deleting an extent
Date: Tue, 01 Sep 2020 15:14:30 +0530	[thread overview]
Message-ID: <3694943.Jq2CTAKDPb@garuda> (raw)
In-Reply-To: <20200831163451.GL6096@magnolia>

On Monday 31 August 2020 10:04:51 PM IST Darrick J. Wong wrote:
> On Thu, Aug 20, 2020 at 11:13:42AM +0530, Chandan Babu R wrote:
> > Deleting a file range from the middle of an existing extent can cause
> > the per-inode extent count to increase by 1. This commit checks for
> > extent count overflow in such cases.
> > 
> > Signed-off-by: Chandan Babu R <chandanrlinux@gmail.com>
> > ---
> >  fs/xfs/libxfs/xfs_inode_fork.h | 6 ++++++
> >  fs/xfs/xfs_bmap_item.c         | 4 ++++
> >  fs/xfs/xfs_bmap_util.c         | 5 +++++
> >  3 files changed, 15 insertions(+)
> > 
> > diff --git a/fs/xfs/libxfs/xfs_inode_fork.h b/fs/xfs/libxfs/xfs_inode_fork.h
> > index 7fc2b129a2e7..2642e4847ee0 100644
> > --- a/fs/xfs/libxfs/xfs_inode_fork.h
> > +++ b/fs/xfs/libxfs/xfs_inode_fork.h
> > @@ -39,6 +39,12 @@ struct xfs_ifork {
> >   * extent to a fork and there's no possibility of splitting an existing mapping.
> >   */
> >  #define XFS_IEXT_ADD_NOSPLIT_CNT	(1)
> > +/*
> > + * Removing an extent from the middle of an existing extent can cause the extent
> > + * count to increase by 1.
> > + * i.e. | Old extent | Hole | Old extent |
> > + */
> > +#define XFS_IEXT_REMOVE_CNT		(1)
> 
> The first thought that popped into my head after reading the subject
> line was "UH-oh, is this going to result in undeletable files when the
> extent counts hit max and the user tries to rm?"
> 
> Then I realized that "when deleting an extent" actually refers to
> punching holes in the middle of files, not truncating them.
> 
> So I think at the very least the subject line should be changed to
> say that we're talking about hole punching, not general file deletion;
> and the constant probably ought to be called XFS_IEXT_PUNCH_CNT to make
> that clearer.
>

Sure, I will change the commit message and the name of the constant.

> Aside from that the logic seems ok to me.
> 
> (Also PS I'm not reviewing these patches in order...)
> 
> --D
> 
> >  
> >  /*
> >   * Fork handling.
> > diff --git a/fs/xfs/xfs_bmap_item.c b/fs/xfs/xfs_bmap_item.c
> > index ec3691372e7c..b9c35fb10de4 100644
> > --- a/fs/xfs/xfs_bmap_item.c
> > +++ b/fs/xfs/xfs_bmap_item.c
> > @@ -519,6 +519,10 @@ xfs_bui_item_recover(
> >  	}
> >  	xfs_trans_ijoin(tp, ip, 0);
> >  
> > +	error = xfs_iext_count_may_overflow(ip, whichfork, XFS_IEXT_REMOVE_CNT);
> > +	if (error)
> > +		goto err_inode;
> > +
> >  	count = bmap->me_len;
> >  	error = xfs_trans_log_finish_bmap_update(tp, budp, type, ip, whichfork,
> >  			bmap->me_startoff, bmap->me_startblock, &count, state);
> > diff --git a/fs/xfs/xfs_bmap_util.c b/fs/xfs/xfs_bmap_util.c
> > index 7b76a48b0885..59d4da38aadf 100644
> > --- a/fs/xfs/xfs_bmap_util.c
> > +++ b/fs/xfs/xfs_bmap_util.c
> > @@ -891,6 +891,11 @@ xfs_unmap_extent(
> >  
> >  	xfs_trans_ijoin(tp, ip, 0);
> >  
> > +	error = xfs_iext_count_may_overflow(ip, XFS_DATA_FORK,
> > +			XFS_IEXT_REMOVE_CNT);
> > +	if (error)
> > +		goto out_trans_cancel;
> > +
> >  	error = xfs_bunmapi(tp, ip, startoffset_fsb, len_fsb, 0, 2, done);
> >  	if (error)
> >  		goto out_trans_cancel;
> 

-- 
chandan