On Thu, Jan 25, 2024 at 07:19:45PM +0900, Namjae Jeon wrote: > 2024-01-25 6:35 GMT+09:00, Dave Chinner <david@xxxxxxxxxxxxx>: > > On Wed, Jan 24, 2024 at 10:05:15AM +0000, Yuezhang.Mo@xxxxxxxx wrote: > >> From: Matthew Wilcox <willy@xxxxxxxxxxxxx> > >> Sent: Wednesday, January 24, 2024 1:21 PM > >> To: Mo, Yuezhang <Yuezhang.Mo@xxxxxxxx> > >> Subject: Re: [PATCH] exfat: fix file not locking when writing zeros in > >> exfat_file_mmap() > >> > On Wed, Jan 24, 2024 at 05:00:37AM +0000, mailto:Yuezhang.Mo@xxxxxxxx > >> > wrote: > >> > > inode->i_rwsem should be locked when writing file. But the lock > >> > > is missing when writing zeros to the file in exfat_file_mmap(). > >> > > >> > This is actually very weird behaviour in exfat. This kind of "I must > >> > manipulate the on-disc layout" is not generally done in mmap(), it's > >> > done in ->page_mkwrite() or even delayed until we actually do > >> > writeback. > >> > Why does exfat do this? > >> > >> In exfat, "valid_size" describes how far into the data stream user data > >> has been > >> written and "size" describes the file size. Return zeros if read > >> "valid_size"~"size". > >> > >> For example, > >> > >> (1) xfs_io -t -f -c "pwrite -S 0x59 0 1024" $filename > >> - Write 0x59 to 0~1023 > >> - both "size" and "valid_size" are 1024 > >> (2) xfs_io -t -f -c "truncate 4K" $filename > >> - "valid_size" is still 1024 > >> - "size" is changed to 4096 > >> - 1024~4095 is not zeroed > > > > I think that's the problem right there. File extension via truncate > > should really zero the bytes in the page cache in partial pages on > > file extension (and likley should do it on-disk as well). See > > iomap_truncate_page(), ext4_block_truncate_page(), etc. > > > > Leaving the zeroing until someone actually accesses the data leads > > to complexity in the IO path to handle this corner case and getting > > that wrong leads directly to data corruption bugs. Just zero the > > data in the operation that exposes that data range as zeros to the > > user. > We need to consider the case that mmap against files with different > valid size and size created from Windows. So it needed to zero out in mmap. That's a different case - that's a "read from a hole" case, not a "extending truncate" case. i.e. the range from 'valid size' to EOF is a range where no data has been written and so contains zeros. It is equivalent to either a hole in the file (no backing store) or an unwritten range (backing store instantiated but marked as containing no valid data). When we consider this range as "reading from a hole/unwritten range", it should become obvious the correct way to handle this case is the same as every other filesystem that supports holes and/or unwritten extents: the page cache page gets zeroed in the readahead/readpage paths when it maps to a hole/unwritten range in the file. There's no special locking needed if it is done this way, and there's no need for special hooks anywhere to zero data beyond valid size because it is already guaranteed to be zeroed in memory if the range is cached in the page cache..... > We tried to improve this after receiving a report of a compatibility > issue with linux-exfat, where the two file sizes are set differently > from Windows. > > https://github.com/exfatprogs/exfatprogs/issues/213 > > Yue referred to mmap code of ntfs3 that has valid-size like exfat and > had handled it in mmap. Saying "but someone else did the same thing" doesn't make it the right thing to do. It just means someone else has already done it the wrong way, and it wasn't noticed during review. :/ -Dave. -- Dave Chinner david@xxxxxxxxxxxxx
