linux/fs/afs
David Howells 9d1be4f4dc afs: Don't unlock fetched data pages until the op completes successfully
Don't call req->page_done() on each page as we finish filling it with
the data coming from the network.  Whilst this might speed up the
application a bit, it's a problem if there's a network failure and the
operation has to be reissued.

If this happens, an oops occurs because afs_readpages_page_done() clears
the pointer to each page it unlocks and when a retry happens, the
pointers to the pages it wants to fill are now NULL (and the pages have
been unlocked anyway).

Instead, wait till the operation completes successfully and only then
release all the pages after clearing any terminal gap (the server can
give us less data than we requested as we're allowed to ask for more
than is available).

KASAN produces a bug like the following, and even without KASAN, it can
oops and panic.

    BUG: KASAN: wild-memory-access in _copy_to_iter+0x323/0x5f4
    Write of size 1404 at addr 0005088000000000 by task md5sum/5235

    CPU: 0 PID: 5235 Comm: md5sum Not tainted 5.7.0-rc3-fscache+ #250
    Hardware name: ASUS All Series/H97-PLUS, BIOS 2306 10/09/2014
    Call Trace:
     memcpy+0x39/0x58
     _copy_to_iter+0x323/0x5f4
     __skb_datagram_iter+0x89/0x2a6
     skb_copy_datagram_iter+0x129/0x135
     rxrpc_recvmsg_data.isra.0+0x615/0xd42
     rxrpc_kernel_recv_data+0x1e9/0x3ae
     afs_extract_data+0x139/0x33a
     yfs_deliver_fs_fetch_data64+0x47a/0x91b
     afs_deliver_to_call+0x304/0x709
     afs_wait_for_call_to_complete+0x1cc/0x4ad
     yfs_fs_fetch_data+0x279/0x288
     afs_fetch_data+0x1e1/0x38d
     afs_readpages+0x593/0x72e
     read_pages+0xf5/0x21e
     __do_page_cache_readahead+0x128/0x23f
     ondemand_readahead+0x36e/0x37f
     generic_file_buffered_read+0x234/0x680
     new_sync_read+0x109/0x17e
     vfs_read+0xe6/0x138
     ksys_read+0xd8/0x14d
     do_syscall_64+0x6e/0x8a
     entry_SYSCALL_64_after_hwframe+0x49/0xb3

Fixes: 196ee9cd2d ("afs: Make afs_fs_fetch_data() take a list of pages")
Fixes: 30062bd13e ("afs: Implement YFS support in the fs client")
Signed-off-by: David Howells <dhowells@redhat.com>
Reviewed-by: Matthew Wilcox (Oracle) <willy@infradead.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2020-05-18 10:29:17 -07:00
..
addr_list.c afs: Use kfree_rcu() instead of casting kfree() to rcu_callback_t 2020-03-13 10:47:33 -07:00
afs_cm.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
afs_fs.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
afs_vl.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
afs.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
cache.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
callback.c afs: Fix possible assert with callbacks from yfs servers 2019-11-22 14:19:26 -08:00
cell.c afs: Fix characters allowed into cell names 2020-01-26 08:54:04 -08:00
cmservice.c afs: Fix to actually set AFS_SERVER_FL_HAVE_EPOCH 2020-04-24 16:32:49 +01:00
dir_edit.c afs: Remove set but not used variables 'before', 'after' 2019-11-21 20:36:00 +00:00
dir_silly.c afs: Fix race between post-modification dir edit and readdir/d_revalidate 2020-04-13 15:09:01 +01:00
dir.c afs: Fix afs_d_validate() to set the right directory version 2020-04-13 15:09:01 +01:00
dynroot.c afs: Fix creation calls in the dynamic root to fail with EOPNOTSUPP 2019-12-11 17:47:51 +00:00
file.c afs: Rename desc -> req in afs_fetch_data() 2019-11-21 09:12:17 +00:00
flock.c fs: afs: Use pr_warn instead of pr_warning 2019-10-18 15:01:55 +02:00
fs_probe.c afs: Remove some unused bits 2020-04-24 16:32:49 +01:00
fsclient.c afs: Don't unlock fetched data pages until the op completes successfully 2020-05-18 10:29:17 -07:00
inode.c Printk changes for 5.5 2019-11-25 19:40:40 -08:00
internal.h afs: Make record checking use TASK_UNINTERRUPTIBLE when appropriate 2020-04-24 16:33:32 +01:00
Kconfig treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
main.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 152 2019-05-30 11:26:32 -07:00
Makefile afs: do not send list of client addresses 2019-06-02 18:06:26 -07:00
misc.c AFS development 2019-07-10 20:55:33 -07:00
mntpt.c afs: Fix mountpoint parsing 2019-12-11 16:56:54 +00:00
proc.c afs: Show volume name in /proc/net/afs/<cell>/volumes 2019-12-11 17:48:20 +00:00
protocol_uae.h afs: Add support for the UAE error table 2019-06-28 18:37:53 +01:00
protocol_yfs.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 36 2019-05-24 17:27:11 +02:00
rotate.c afs: Make record checking use TASK_UNINTERRUPTIBLE when appropriate 2020-04-24 16:33:32 +01:00
rxrpc.c afs: Fix client call Rx-phase signal handling 2020-03-13 23:04:35 +00:00
security.c afs: Support RCU pathwalk 2019-09-02 11:43:54 +01:00
server_list.c AFS development 2019-07-10 20:55:33 -07:00
server.c afs: Make record checking use TASK_UNINTERRUPTIBLE when appropriate 2020-04-24 16:33:32 +01:00
super.c fs_parse: fold fs_parameter_desc/fs_parameter_spec 2020-02-07 14:48:37 -05:00
vl_list.c fs/afs: Replace rcu_swap_protected() with rcu_replace_pointer() 2019-10-30 08:44:27 -07:00
vl_probe.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 36 2019-05-24 17:27:11 +02:00
vl_rotate.c afs: Remove some unused bits 2020-04-24 16:32:49 +01:00
vlclient.c afs: Switch the naming of call->iter and call->_iter 2019-11-21 09:12:17 +00:00
volume.c afs: Make record checking use TASK_UNINTERRUPTIBLE when appropriate 2020-04-24 16:33:32 +01:00
write.c AFS development 2019-07-10 20:55:33 -07:00
xattr.c afs: xattr: use scnprintf 2019-11-21 09:12:17 +00:00
xdr_fs.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 36 2019-05-24 17:27:11 +02:00
yfsclient.c afs: Don't unlock fetched data pages until the op completes successfully 2020-05-18 10:29:17 -07:00