On 07/25, Jaegeuk Kim wrote:
> Note that, this patch is failing generic/250.
correction: it's failing in 4.14 and 4.19 after simple cherry-pick, but
giving no failure on 5.4, 5.10, and mainline.
>
> On 07/16, Eric Biggers wrote:
> > From: Eric Biggers <ebiggers@xxxxxxxxxx>
> >
> > f2fs_write_begin() assumes that all blocks were preallocated by
> > default unless FI_NO_PREALLOC is explicitly set. This invites data
> > corruption, as there are cases in which not all blocks are preallocated.
> > Commit 47501f87c61a ("f2fs: preallocate DIO blocks when forcing
> > buffered_io") fixed one case, but there are others remaining.
> >
> > Fix up this logic by replacing this flag with FI_PREALLOCATED_ALL, which
> > only gets set if all blocks for the current write were preallocated.
> >
> > Also clean up f2fs_preallocate_blocks(), move it to file.c, and make it
> > handle some of the logic that was previously in write_iter() directly.
> >
> > Signed-off-by: Eric Biggers <ebiggers@xxxxxxxxxx>
> > ---
> > fs/f2fs/data.c | 55 ++--------------------
> > fs/f2fs/f2fs.h | 3 +-
> > fs/f2fs/file.c | 123 ++++++++++++++++++++++++++++++++-----------------
> > 3 files changed, 84 insertions(+), 97 deletions(-)
> >
> > diff --git a/fs/f2fs/data.c b/fs/f2fs/data.c
> > index 18cb28a514e6..cdadaa9daf55 100644
> > --- a/fs/f2fs/data.c
> > +++ b/fs/f2fs/data.c
> > @@ -1370,53 +1370,6 @@ static int __allocate_data_block(struct dnode_of_data *dn, int seg_type)
> > return 0;
> > }
> >
> > -int f2fs_preallocate_blocks(struct kiocb *iocb, struct iov_iter *from)
> > -{
> > - struct inode *inode = file_inode(iocb->ki_filp);
> > - struct f2fs_map_blocks map;
> > - int flag;
> > - int err = 0;
> > - bool direct_io = iocb->ki_flags & IOCB_DIRECT;
> > -
> > - map.m_lblk = F2FS_BLK_ALIGN(iocb->ki_pos);
> > - map.m_len = F2FS_BYTES_TO_BLK(iocb->ki_pos + iov_iter_count(from));
> > - if (map.m_len > map.m_lblk)
> > - map.m_len -= map.m_lblk;
> > - else
> > - map.m_len = 0;
> > -
> > - map.m_next_pgofs = NULL;
> > - map.m_next_extent = NULL;
> > - map.m_seg_type = NO_CHECK_TYPE;
> > - map.m_may_create = true;
> > -
> > - if (direct_io) {
> > - map.m_seg_type = f2fs_rw_hint_to_seg_type(iocb->ki_hint);
> > - flag = f2fs_force_buffered_io(inode, iocb, from) ?
> > - F2FS_GET_BLOCK_PRE_AIO :
> > - F2FS_GET_BLOCK_PRE_DIO;
> > - goto map_blocks;
> > - }
> > - if (iocb->ki_pos + iov_iter_count(from) > MAX_INLINE_DATA(inode)) {
> > - err = f2fs_convert_inline_inode(inode);
> > - if (err)
> > - return err;
> > - }
> > - if (f2fs_has_inline_data(inode))
> > - return err;
> > -
> > - flag = F2FS_GET_BLOCK_PRE_AIO;
> > -
> > -map_blocks:
> > - err = f2fs_map_blocks(inode, &map, 1, flag);
> > - if (map.m_len > 0 && err == -ENOSPC) {
> > - if (!direct_io)
> > - set_inode_flag(inode, FI_NO_PREALLOC);
> > - err = 0;
> > - }
> > - return err;
> > -}
> > -
> > void f2fs_do_map_lock(struct f2fs_sb_info *sbi, int flag, bool lock)
> > {
> > if (flag == F2FS_GET_BLOCK_PRE_AIO) {
> > @@ -3210,12 +3163,10 @@ static int prepare_write_begin(struct f2fs_sb_info *sbi,
> > int flag;
> >
> > /*
> > - * we already allocated all the blocks, so we don't need to get
> > - * the block addresses when there is no need to fill the page.
> > + * If a whole page is being written and we already preallocated all the
> > + * blocks, then there is no need to get a block address now.
> > */
> > - if (!f2fs_has_inline_data(inode) && len == PAGE_SIZE &&
> > - !is_inode_flag_set(inode, FI_NO_PREALLOC) &&
> > - !f2fs_verity_in_progress(inode))
> > + if (len == PAGE_SIZE && is_inode_flag_set(inode, FI_PREALLOCATED_ALL))
> > return 0;
> >
> > /* f2fs_lock_op avoids race between write CP and convert_inline_page */
> > diff --git a/fs/f2fs/f2fs.h b/fs/f2fs/f2fs.h
> > index ad7c1b94e23a..da1da3111f18 100644
> > --- a/fs/f2fs/f2fs.h
> > +++ b/fs/f2fs/f2fs.h
> > @@ -699,7 +699,7 @@ enum {
> > FI_INLINE_DOTS, /* indicate inline dot dentries */
> > FI_DO_DEFRAG, /* indicate defragment is running */
> > FI_DIRTY_FILE, /* indicate regular/symlink has dirty pages */
> > - FI_NO_PREALLOC, /* indicate skipped preallocated blocks */
> > + FI_PREALLOCATED_ALL, /* all blocks for write were preallocated */
> > FI_HOT_DATA, /* indicate file is hot */
> > FI_EXTRA_ATTR, /* indicate file has extra attribute */
> > FI_PROJ_INHERIT, /* indicate file inherits projectid */
> > @@ -3604,7 +3604,6 @@ void f2fs_update_data_blkaddr(struct dnode_of_data *dn, block_t blkaddr);
> > int f2fs_reserve_new_blocks(struct dnode_of_data *dn, blkcnt_t count);
> > int f2fs_reserve_new_block(struct dnode_of_data *dn);
> > int f2fs_get_block(struct dnode_of_data *dn, pgoff_t index);
> > -int f2fs_preallocate_blocks(struct kiocb *iocb, struct iov_iter *from);
> > int f2fs_reserve_block(struct dnode_of_data *dn, pgoff_t index);
> > struct page *f2fs_get_read_data_page(struct inode *inode, pgoff_t index,
> > int op_flags, bool for_write);
> > diff --git a/fs/f2fs/file.c b/fs/f2fs/file.c
> > index b1cb5b50faac..9b12004e78c6 100644
> > --- a/fs/f2fs/file.c
> > +++ b/fs/f2fs/file.c
> > @@ -4218,10 +4218,72 @@ static ssize_t f2fs_file_read_iter(struct kiocb *iocb, struct iov_iter *iter)
> > return ret;
> > }
> >
> > +/*
> > + * Preallocate blocks for a write request, if it is possible and helpful to do
> > + * so. Returns a positive number if blocks may have been preallocated, 0 if no
> > + * blocks were preallocated, or a negative errno value if something went
> > + * seriously wrong. Also sets FI_PREALLOCATED_ALL on the inode if *all* the
> > + * requested blocks (not just some of them) have been allocated.
> > + */
> > +static int f2fs_preallocate_blocks(struct kiocb *iocb, struct iov_iter *iter)
> > +{
> > + struct inode *inode = file_inode(iocb->ki_filp);
> > + struct f2fs_sb_info *sbi = F2FS_I_SB(inode);
> > + const loff_t pos = iocb->ki_pos;
> > + const size_t count = iov_iter_count(iter);
> > + struct f2fs_map_blocks map = {};
> > + bool dio = (iocb->ki_flags & IOCB_DIRECT) &&
> > + !f2fs_force_buffered_io(inode, iocb, iter);
> > + int flag;
> > + int ret;
> > +
> > + /* If it will be an in-place direct write, don't bother. */
> > + if (dio && !f2fs_lfs_mode(sbi))
> > + return 0;
> > +
> > + /* No-wait I/O can't allocate blocks. */
> > + if (iocb->ki_flags & IOCB_NOWAIT)
> > + return 0;
> > +
> > + /* If it will be a short write, don't bother. */
> > + if (iov_iter_fault_in_readable(iter, count) != 0)
> > + return 0;
> > +
> > + if (f2fs_has_inline_data(inode)) {
> > + /* If the data will fit inline, don't bother. */
> > + if (pos + count <= MAX_INLINE_DATA(inode))
> > + return 0;
> > + ret = f2fs_convert_inline_inode(inode);
> > + if (ret)
> > + return ret;
> > + }
> > +
> > + map.m_lblk = (pos >> inode->i_blkbits);
> > + map.m_len = ((pos + count - 1) >> inode->i_blkbits) - map.m_lblk + 1;
> > + map.m_may_create = true;
> > + if (dio) {
> > + map.m_seg_type = f2fs_rw_hint_to_seg_type(inode->i_write_hint);
> > + flag = F2FS_GET_BLOCK_PRE_DIO;
> > + } else {
> > + map.m_seg_type = NO_CHECK_TYPE;
> > + flag = F2FS_GET_BLOCK_PRE_AIO;
> > + }
> > +
> > + ret = f2fs_map_blocks(inode, &map, 1, flag);
> > + /* -ENOSPC is only a fatal error if no blocks could be allocated. */
> > + if (ret < 0 && !(ret == -ENOSPC && map.m_len > 0))
> > + return ret;
> > + if (ret == 0)
> > + set_inode_flag(inode, FI_PREALLOCATED_ALL);
> > + return map.m_len;
> > +}
> > +
> > static ssize_t f2fs_file_write_iter(struct kiocb *iocb, struct iov_iter *from)
> > {
> > struct file *file = iocb->ki_filp;
> > struct inode *inode = file_inode(file);
> > + loff_t target_size;
> > + int preallocated;
> > ssize_t ret;
> >
> > if (unlikely(f2fs_cp_error(F2FS_I_SB(inode)))) {
> > @@ -4245,84 +4307,59 @@ static ssize_t f2fs_file_write_iter(struct kiocb *iocb, struct iov_iter *from)
> >
> > if (unlikely(IS_IMMUTABLE(inode))) {
> > ret = -EPERM;
> > - goto unlock;
> > + goto out_unlock;
> > }
> >
> > if (is_inode_flag_set(inode, FI_COMPRESS_RELEASED)) {
> > ret = -EPERM;
> > - goto unlock;
> > + goto out_unlock;
> > }
> >
> > ret = generic_write_checks(iocb, from);
> > if (ret > 0) {
> > - bool preallocated = false;
> > - size_t target_size = 0;
> > - int err;
> > -
> > - if (iov_iter_fault_in_readable(from, iov_iter_count(from)))
> > - set_inode_flag(inode, FI_NO_PREALLOC);
> > -
> > - if ((iocb->ki_flags & IOCB_NOWAIT)) {
> > + if (iocb->ki_flags & IOCB_NOWAIT) {
> > if (!f2fs_overwrite_io(inode, iocb->ki_pos,
> > iov_iter_count(from)) ||
> > f2fs_has_inline_data(inode) ||
> > f2fs_force_buffered_io(inode, iocb, from)) {
> > - clear_inode_flag(inode, FI_NO_PREALLOC);
> > - inode_unlock(inode);
> > ret = -EAGAIN;
> > - goto out;
> > + goto out_unlock;
> > }
> > - goto write;
> > }
> > -
> > - if (is_inode_flag_set(inode, FI_NO_PREALLOC))
> > - goto write;
> > -
> > if (iocb->ki_flags & IOCB_DIRECT) {
> > /*
> > * Convert inline data for Direct I/O before entering
> > * f2fs_direct_IO().
> > */
> > - err = f2fs_convert_inline_inode(inode);
> > - if (err)
> > - goto out_err;
> > - /*
> > - * If force_buffere_io() is true, we have to allocate
> > - * blocks all the time, since f2fs_direct_IO will fall
> > - * back to buffered IO.
> > - */
> > - if (!f2fs_force_buffered_io(inode, iocb, from) &&
> > - f2fs_lfs_mode(F2FS_I_SB(inode)))
> > - goto write;
> > + ret = f2fs_convert_inline_inode(inode);
> > + if (ret)
> > + goto out_unlock;
> > }
> > - preallocated = true;
> > - target_size = iocb->ki_pos + iov_iter_count(from);
> >
> > - err = f2fs_preallocate_blocks(iocb, from);
> > - if (err) {
> > -out_err:
> > - clear_inode_flag(inode, FI_NO_PREALLOC);
> > - inode_unlock(inode);
> > - ret = err;
> > - goto out;
> > + /* Possibly preallocate the blocks for the write. */
> > + target_size = iocb->ki_pos + iov_iter_count(from);
> > + preallocated = f2fs_preallocate_blocks(iocb, from);
> > + if (preallocated < 0) {
> > + ret = preallocated;
> > + goto out_unlock;
> > }
> > -write:
> > +
> > ret = __generic_file_write_iter(iocb, from);
> > - clear_inode_flag(inode, FI_NO_PREALLOC);
> >
> > - /* if we couldn't write data, we should deallocate blocks. */
> > - if (preallocated && i_size_read(inode) < target_size) {
> > + /* Don't leave any preallocated blocks around past i_size. */
> > + if (preallocated > 0 && inode->i_size < target_size) {
> > down_write(&F2FS_I(inode)->i_gc_rwsem[WRITE]);
> > down_write(&F2FS_I(inode)->i_mmap_sem);
> > f2fs_truncate(inode);
> > up_write(&F2FS_I(inode)->i_mmap_sem);
> > up_write(&F2FS_I(inode)->i_gc_rwsem[WRITE]);
> > }
> > + clear_inode_flag(inode, FI_PREALLOCATED_ALL);
> >
> > if (ret > 0)
> > f2fs_update_iostat(F2FS_I_SB(inode), APP_WRITE_IO, ret);
> > }
> > -unlock:
> > +out_unlock:
> > inode_unlock(inode);
> > out:
> > trace_f2fs_file_write_iter(inode, iocb->ki_pos,
> > --
> > 2.32.0
