This is a note to let you know that I've just added the patch titled
xfs: fix overfilling of reserve pool
to the 5.15-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
xfs-fix-overfilling-of-reserve-pool.patch
and it can be found in the queue-5.15 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.
>From foo@baz Tue Aug 23 09:20:27 AM CEST 2022
From: Leah Rumancik <leah.rumancik@xxxxxxxxx>
Date: Fri, 19 Aug 2022 11:14:28 -0700
Subject: xfs: fix overfilling of reserve pool
To: stable@xxxxxxxxxxxxxxx
Cc: linux-xfs@xxxxxxxxxxxxxxx, amir73il@xxxxxxxxx, "Darrick J. Wong" <djwong@xxxxxxxxxx>, Dave Chinner <dchinner@xxxxxxxxxx>, Leah Rumancik <leah.rumancik@xxxxxxxxx>
Message-ID: <20220819181431.4113819-7-leah.rumancik@xxxxxxxxx>
From: "Darrick J. Wong" <djwong@xxxxxxxxxx>
[ Upstream commit 82be38bcf8a2e056b4c99ce79a3827fa743df6ec ]
Due to cycling of m_sb_lock, it's possible for multiple callers of
xfs_reserve_blocks to race at changing the pool size, subtracting blocks
from fdblocks, and actually putting it in the pool. The result of all
this is that we can overfill the reserve pool to hilarious levels.
xfs_mod_fdblocks, when called with a positive value, already knows how
to take freed blocks and either fill the reserve until it's full, or put
them in fdblocks. Use that instead of setting m_resblks_avail directly.
Signed-off-by: Darrick J. Wong <djwong@xxxxxxxxxx>
Reviewed-by: Dave Chinner <dchinner@xxxxxxxxxx>
Signed-off-by: Leah Rumancik <leah.rumancik@xxxxxxxxx>
Acked-by: Darrick J. Wong <djwong@xxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
fs/xfs/xfs_fsops.c | 13 ++++++-------
1 file changed, 6 insertions(+), 7 deletions(-)
--- a/fs/xfs/xfs_fsops.c
+++ b/fs/xfs/xfs_fsops.c
@@ -448,18 +448,17 @@ xfs_reserve_blocks(
* count or we'll get an ENOSPC. Don't set the reserved flag
* here - we don't want to reserve the extra reserve blocks
* from the reserve.
+ *
+ * The desired reserve size can change after we drop the lock.
+ * Use mod_fdblocks to put the space into the reserve or into
+ * fdblocks as appropriate.
*/
fdblks_delta = min(free, delta);
spin_unlock(&mp->m_sb_lock);
error = xfs_mod_fdblocks(mp, -fdblks_delta, 0);
- spin_lock(&mp->m_sb_lock);
-
- /*
- * Update the reserve counters if blocks have been successfully
- * allocated.
- */
if (!error)
- mp->m_resblks_avail += fdblks_delta;
+ xfs_mod_fdblocks(mp, fdblks_delta, 0);
+ spin_lock(&mp->m_sb_lock);
}
out:
if (outval) {
Patches currently in stable-queue which might be from leah.rumancik@xxxxxxxxx are
queue-5.15/xfs-remove-infinite-loop-when-reserving-free-block-pool.patch
queue-5.15/xfs-reserve-quota-for-target-dir-expansion-when-renaming-files.patch
queue-5.15/xfs-fix-soft-lockup-via-spinning-in-filestream-ag-selection-loop.patch
queue-5.15/xfs-flush-inodegc-workqueue-tasks-before-cancel.patch
queue-5.15/xfs-revert-xfs-actually-bump-warning-counts-when-we-send-warnings.patch
queue-5.15/xfs-reserve-quota-for-dir-expansion-when-linking-unlinking-files.patch
queue-5.15/xfs-fix-overfilling-of-reserve-pool.patch
queue-5.15/xfs-reject-crazy-array-sizes-being-fed-to-xfs_ioc_getbmap.patch
queue-5.15/xfs-always-succeed-at-setting-the-reserve-pool-size.patch
