[PATCH] xfs: fix s_max_bytes to MAX_LFS_FILESIZE if needed

Jeff Liu <jeff.liu@xxxxxxxxxx> · Fri, 12 Apr 2013 18:26:40 +0800

From: Jie Liu <jeff.liu@xxxxxxxxxx>

On 32-bit machine, the s_maxbytes is larger than the MAX_LFS_FILESIZE limits if CONFIG_LBDAF is
not enabled.  Hence it's possible to create a huge file via buffered-IO write with a given offset
beyond this limitation. e.g.

# block_size=4096
# offset=$(((2**32 - 1) * $block_size))
# xfs_io -f -c "pwrite $offset $block_size" /storage/test_file

In this case, xfs_io will hang at the page writeback stage soon since the given offset would
cause an overflow at xfs_vm_writepage():

end_index = offset >> PAGE_CACHE_SHIFT;
last_index = (offset - 1) >> PAGE_CACHE_SHIFT;
if (page->index >= end_index) {
                unsigned offset_into_page = offset & (PAGE_CACHE_SIZE - 1);

                /*
                 * Just skip the page if it is fully outside i_size, e.g. due
                 * to a truncate operation that is in progress.
                 */
                if (page->index >= end_index + 1 || offset_into_page == 0) {
		^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
                        unlock_page(page);
                        return 0;
                }
end_index is unsigned long so that the max value is '2^32-1 = 4294967295', and it
would be evaluated to the max value with the given offset(when writing the page offset
up to s_max_bytes) for above test case.  As a result, (page->index >= end_index + 1) is
ok as (end_index + 1) is overflowed to ZERO.

Actually, create a file as above on 32-bit machine should be failed with EFBIG error returned
because there has strict check up at generic_write_checks() against the given offset with a
*correct* s_max_bytes.

This patch fix the s_max_bytes to MAX_LFS_FILESIZE if the pre-calculated value is greater
than it.

Reported-by: Michael L. Semon <mlsemon35@xxxxxxxxx>
Signed-off-by: Jie Liu <jeff.liu@xxxxxxxxxx>

---
 fs/xfs/xfs_super.c |    6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/fs/xfs/xfs_super.c b/fs/xfs/xfs_super.c
index ea341ce..0644d61 100644
--- a/fs/xfs/xfs_super.c
+++ b/fs/xfs/xfs_super.c
@@ -585,6 +585,7 @@ xfs_max_file_offset(
 {
 	unsigned int		pagefactor = 1;
 	unsigned int		bitshift = BITS_PER_LONG - 1;
+	__uint64_t		offset;
 
 	/* Figure out maximum filesize, on Linux this can depend on
 	 * the filesystem blocksize (on 32 bit platforms).
@@ -610,7 +611,10 @@ xfs_max_file_offset(
 # endif
 #endif
 
-	return (((__uint64_t)pagefactor) << bitshift) - 1;
+	offset = (((__uint64_t)pagefactor) << bitshift) - 1;
+
+	/* Check against VM & VFS exposed limits */
+	return (offset > MAX_LFS_FILESIZE) ? MAX_LFS_FILESIZE : offset;
 }
 
 xfs_agnumber_t
-- 
1.7.9.5

_______________________________________________
xfs mailing list
xfs@xxxxxxxxxxx
http://oss.sgi.com/mailman/listinfo/xfs







