linux/fs/xfs/scrub
Dave Chinner f2e812c152 xfs: don't use current->journal_info
syzbot reported an ext4 panic during a page fault where found a
journal handle when it didn't expect to find one. The structure
it tripped over had a value of 'TRAN' in the first entry in the
structure, and that indicates it tripped over a struct xfs_trans
instead of a jbd2 handle.

The reason for this is that the page fault was taken during a
copy-out to a user buffer from an xfs bulkstat operation. XFS uses
an "empty" transaction context for bulkstat to do automated metadata
buffer cleanup, and so the transaction context is valid across the
copyout of the bulkstat info into the user buffer.

We are using empty transaction contexts like this in XFS to reduce
the risk of failing to release objects we reference during the
operation, especially during error handling. Hence we really need to
ensure that we can take page faults from these contexts without
leaving landmines for the code processing the page fault to trip
over.

However, this same behaviour could happen from any other filesystem
that triggers a page fault or any other exception that is handled
on-stack from within a task context that has current->journal_info
set.  Having a page fault from some other filesystem bounce into XFS
where we have to run a transaction isn't a bug at all, but the usage
of current->journal_info means that this could result corruption of
the outer task's journal_info structure.

The problem is purely that we now have two different contexts that
now think they own current->journal_info. IOWs, no filesystem can
allow page faults or on-stack exceptions while current->journal_info
is set by the filesystem because the exception processing might use
current->journal_info itself.

If we end up with nested XFS transactions whilst holding an empty
transaction, then it isn't an issue as the outer transaction does
not hold a log reservation. If we ignore the current->journal_info
usage, then the only problem that might occur is a deadlock if the
exception tries to take the same locks the upper context holds.
That, however, is not a problem that setting current->journal_info
would solve, so it's largely an irrelevant concern here.

IOWs, we really only use current->journal_info for a warning check
in xfs_vm_writepages() to ensure we aren't doing writeback from a
transaction context. Writeback might need to do allocation, so it
can need to run transactions itself. Hence it's a debug check to
warn us that we've done something silly, and largely it is not all
that useful.

So let's just remove all the use of current->journal_info in XFS and
get rid of all the potential issues from nested contexts where
current->journal_info might get misused by another filesystem
context.

Reported-by: syzbot+cdee56dbcdf0096ef605@syzkaller.appspotmail.com
Signed-off-by: Dave Chinner <dchinner@redhat.com>
Reviewed-by: "Darrick J. Wong" <djwong@kernel.org>
Reviewed-by: Mark Tinguely <mark.tinguely@oracle.com>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Chandan Babu R <chandanbabu@kernel.org>
2024-03-25 10:21:01 +05:30
..
agb_bitmap.c xfs: move the per-AG datatype bitmaps to separate files 2023-12-15 10:03:30 -08:00
agb_bitmap.h xfs: create agblock bitmap helper to count the number of set regions 2024-02-22 12:43:37 -08:00
agheader_repair.c xfs: split xfs_inobt_init_cursor 2024-02-22 12:40:49 -08:00
agheader.c xfs: split the agf_roots and agf_levels arrays 2024-02-22 12:39:46 -08:00
alloc_repair.c xfs: split xfs_allocbt_init_cursor 2024-02-22 12:40:12 -08:00
alloc.c xfs: repair free space btrees 2023-12-15 10:03:32 -08:00
attr.c xfs: remove struct xfs_attr_shortform 2023-12-29 13:37:05 +05:30
attr.h xfs: check used space of shortform xattr structures 2023-04-11 19:00:33 -07:00
bitmap.c xfs: create agblock bitmap helper to count the number of set regions 2024-02-22 12:43:37 -08:00
bitmap.h xfs: create agblock bitmap helper to count the number of set regions 2024-02-22 12:43:37 -08:00
bmap_repair.c xfs: remove xfs_bmbt_stage_cursor 2024-02-22 12:39:45 -08:00
bmap.c xfs: create a helper to decide if a file mapping targets the rt volume 2024-02-22 12:43:36 -08:00
btree.c xfs: consolidate btree block verification 2024-02-22 12:40:57 -08:00
btree.h overflow: Add struct_size_t() helper 2023-05-26 13:52:19 -07:00
common.c xfs: don't use current->journal_info 2024-03-25 10:21:01 +05:30
common.h xfs: repair the rmapbt 2024-02-22 12:43:38 -08:00
cow_repair.c xfs: convert remaining kmem_free() to kfree() 2024-02-13 18:07:34 +05:30
dabtree.c xfs: scrub should use ECHRNG to signal that the drain is needed 2023-04-11 19:00:00 -07:00
dabtree.h xfs: update copyright years for scrub/ files 2023-04-11 18:59:57 -07:00
dir.c xfs: create a predicate to determine if two xfs_names are the same 2024-02-22 12:30:49 -08:00
dqiterate.c xfs: improve dquot iteration for scrub 2023-12-15 10:03:45 -08:00
fsb_bitmap.h xfs: reintroduce reaping of file metadata blocks to xrep_reap_extents 2023-12-15 10:03:38 -08:00
fscounters_repair.c xfs: repair summary counters 2024-02-22 12:33:05 -08:00
fscounters.c xfs: repair summary counters 2024-02-22 12:33:05 -08:00
fscounters.h xfs: repair summary counters 2024-02-22 12:33:05 -08:00
health.c xfs: refactor the btree cursor allocation logic in xchk_ag_btcur_init 2024-02-22 12:39:48 -08:00
health.h xfs: refactor the btree cursor allocation logic in xchk_ag_btcur_init 2024-02-22 12:39:48 -08:00
ialloc_repair.c xfs: split xfs_inobt_init_cursor 2024-02-22 12:40:49 -08:00
ialloc.c xfs: remove xfs_btnum_t 2024-02-22 12:40:51 -08:00
inode_repair.c xfs: move xfs_symlink_remote.c declarations to xfs_symlink_remote.h 2024-02-22 12:45:01 -08:00
inode.c xfs: repair inode records 2023-12-15 10:03:36 -08:00
iscan.c xfs: split xfs_inobt_init_cursor 2024-02-22 12:40:49 -08:00
iscan.h xfs: repair file modes by scanning for a dirent pointing to us 2024-02-22 12:30:51 -08:00
newbt.c xfs: repair the rmapbt 2024-02-22 12:43:38 -08:00
newbt.h xfs: repair the rmapbt 2024-02-22 12:43:38 -08:00
nlinks_repair.c xfs: teach repair to fix file nlinks 2024-02-22 12:31:00 -08:00
nlinks.c xfs: teach repair to fix file nlinks 2024-02-22 12:31:00 -08:00
nlinks.h xfs: teach repair to fix file nlinks 2024-02-22 12:31:00 -08:00
off_bitmap.h xfs: repair problems in CoW forks 2023-12-15 10:03:40 -08:00
parent.c xfs: abort directory parent scrub scans if we encounter a zapped directory 2023-12-15 10:03:37 -08:00
quota_repair.c xfs: repair quotas 2023-12-15 10:03:45 -08:00
quota.c xfs: repair quotas 2023-12-15 10:03:45 -08:00
quota.h xfs: repair quotas 2023-12-15 10:03:45 -08:00
quotacheck_repair.c xfs: repair dquots based on live quotacheck results 2024-02-22 12:30:57 -08:00
quotacheck.c xfs: repair dquots based on live quotacheck results 2024-02-22 12:30:57 -08:00
quotacheck.h xfs: repair dquots based on live quotacheck results 2024-02-22 12:30:57 -08:00
rcbag_btree.c xfs: create refcount bag structure for btree repairs 2024-02-22 12:43:41 -08:00
rcbag_btree.h xfs: create refcount bag structure for btree repairs 2024-02-22 12:43:41 -08:00
rcbag.c xfs: create refcount bag structure for btree repairs 2024-02-22 12:43:41 -08:00
rcbag.h xfs: create refcount bag structure for btree repairs 2024-02-22 12:43:41 -08:00
readdir.c xfs: Replace xfs_isilocked with xfs_assert_ilocked 2024-02-19 21:19:33 +05:30
readdir.h xfs: streamline the directory iteration code for scrub 2023-04-11 19:00:17 -07:00
reap.c xfs: repair the rmapbt 2024-02-22 12:43:38 -08:00
reap.h xfs: reintroduce reaping of file metadata blocks to xrep_reap_extents 2023-12-15 10:03:38 -08:00
refcount_repair.c xfs: port refcount repair to the new refcount bag structure 2024-02-22 12:43:42 -08:00
refcount.c xfs: port refcount repair to the new refcount bag structure 2024-02-22 12:43:42 -08:00
repair.c xfs: hook live rmap operations during a repair operation 2024-02-22 12:43:40 -08:00
repair.h xfs: port refcount repair to the new refcount bag structure 2024-02-22 12:43:42 -08:00
rmap_repair.c xfs: hook live rmap operations during a repair operation 2024-02-22 12:43:40 -08:00
rmap.c xfs: repair the rmapbt 2024-02-22 12:43:38 -08:00
rtbitmap_repair.c xfs: online repair of realtime bitmaps 2023-12-15 10:03:43 -08:00
rtbitmap.c xfs: remove conditional building of rt geometry validator functions 2024-01-30 14:04:43 +05:30
rtbitmap.h xfs: online repair of realtime bitmaps 2023-12-15 10:03:43 -08:00
rtsummary.c xfs: remove the xfile_pread/pwrite APIs 2024-02-21 11:36:53 +05:30
scrub.c xfs: hook live rmap operations during a repair operation 2024-02-22 12:43:40 -08:00
scrub.h xfs: hook live rmap operations during a repair operation 2024-02-22 12:43:40 -08:00
stats.c xfs: fix scrub stats file permissions 2024-02-26 17:58:37 +05:30
stats.h xfs: track usage statistics of online fsck 2023-08-10 07:48:07 -07:00
symlink.c xfs: move remote symlink target read function to libxfs 2024-02-22 12:45:17 -08:00
trace.c xfs: hook live rmap operations during a repair operation 2024-02-22 12:43:40 -08:00
trace.h xfs: hook live rmap operations during a repair operation 2024-02-22 12:43:40 -08:00
xfarray.c xfs: convert xfarray_pagesort to deal with large folios 2024-02-21 11:36:55 +05:30
xfarray.h xfs: create a sparse load xfarray function 2024-02-22 12:30:54 -08:00
xfile.c xfs: remove xfile_{get,put}_page 2024-02-21 11:36:56 +05:30
xfile.h xfs: remove xfile_{get,put}_page 2024-02-21 11:36:56 +05:30
xfs_scrub.h xfs: update copyright years for scrub/ files 2023-04-11 18:59:57 -07:00