On Fri, Mar 15, 2019 at 03:10:12PM +0800, zhangyi (F) wrote: > All indirect buffers get by ext4_find_shared() should be released no > mater the branch should be freed or not. But now, we forget to release > the lower depth indirect buffers when removing space from the same > higher depth indirect block. It will lead to buffer leak and futher > more, it may lead to quota information corruption when using old quota, > consider the following case. > > - Create and mount an empty ext4 filesystem without extent and quota > features, > - quotacheck and enable the user & group quota, > - Create some files and write some data to them, and then punch hole > to some files of them, it may trigger the buffer leak problem > mentioned above. > - Disable quota and run quotacheck again, it will create two new > aquota files and write the checked quota information to them, which > probably may reuse the freed indirect block(the buffer and page > cache was not freed) as data block. > - Enable quota again, it will invoke > vfs_load_quota_inode()->invalidate_bdev() to try to clean unused > buffers and pagecache. Unfortunately, because of the buffer of quota > data block is still referenced, quota code cannot read the up to date > quota info from the device and lead to quota information corruption. > > This problem can be reproduced by xfstests generic/231 on ext3 file > system or ext4 file system without extent and quota features. > > This patch fix this problem by brelse the missing indirect buffers, in > ext4_ind_remove_space(). > > Reported-by: Hulk Robot <hulkci@xxxxxxxxxx> > Signed-off-by: zhangyi (F) <yi.zhang@xxxxxxxxxx> > Suggested-by: Jan Kara <jack@xxxxxxx> > Cc: <stable@xxxxxxxxxxxxxxx> Thanks, applied. - Ted
