CVS commit: [netbsd-8] src/sys/ufs/ffs
Module Name:src Committed By: martin Date: Tue Nov 28 13:13:29 UTC 2023 Modified Files: src/sys/ufs/ffs [netbsd-8]: ffs_vfsops.c Log Message: Pull up following revision(s) (requested by riastradh in ticket #1921): sys/ufs/ffs/ffs_vfsops.c: revision 1.382 ffs_sync: Avoid unlocked access to v_numoutput/v_dirtyblkhd. Found by lockdoc. PR kern/57606 To generate a diff of this commit: cvs rdiff -u -r1.353.4.2 -r1.353.4.3 src/sys/ufs/ffs/ffs_vfsops.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: [netbsd-8] src/sys/ufs/ffs
Module Name:src
Committed By: martin
Date: Tue Nov 28 13:13:29 UTC 2023
Modified Files:
src/sys/ufs/ffs [netbsd-8]: ffs_vfsops.c
Log Message:
Pull up following revision(s) (requested by riastradh in ticket #1921):
sys/ufs/ffs/ffs_vfsops.c: revision 1.382
ffs_sync: Avoid unlocked access to v_numoutput/v_dirtyblkhd.
Found by lockdoc.
PR kern/57606
To generate a diff of this commit:
cvs rdiff -u -r1.353.4.2 -r1.353.4.3 src/sys/ufs/ffs/ffs_vfsops.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/ufs/ffs/ffs_vfsops.c
diff -u src/sys/ufs/ffs/ffs_vfsops.c:1.353.4.2 src/sys/ufs/ffs/ffs_vfsops.c:1.353.4.3
--- src/sys/ufs/ffs/ffs_vfsops.c:1.353.4.2 Wed Apr 11 14:49:08 2018
+++ src/sys/ufs/ffs/ffs_vfsops.c Tue Nov 28 13:13:29 2023
@@ -1,4 +1,4 @@
-/* $NetBSD: ffs_vfsops.c,v 1.353.4.2 2018/04/11 14:49:08 martin Exp $ */
+/* $NetBSD: ffs_vfsops.c,v 1.353.4.3 2023/11/28 13:13:29 martin Exp $ */
/*-
* Copyright (c) 2008, 2009 The NetBSD Foundation, Inc.
@@ -61,7 +61,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: ffs_vfsops.c,v 1.353.4.2 2018/04/11 14:49:08 martin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ffs_vfsops.c,v 1.353.4.3 2023/11/28 13:13:29 martin Exp $");
#if defined(_KERNEL_OPT)
#include "opt_ffs.h"
@@ -1926,14 +1926,25 @@ ffs_sync(struct mount *mp, int waitfor,
/*
* Force stale file system control information to be flushed.
*/
- if (waitfor != MNT_LAZY && (ump->um_devvp->v_numoutput > 0 ||
- !LIST_EMPTY(>um_devvp->v_dirtyblkhd))) {
- vn_lock(ump->um_devvp, LK_EXCLUSIVE | LK_RETRY);
- if ((error = VOP_FSYNC(ump->um_devvp, cred,
- (waitfor == MNT_WAIT ? FSYNC_WAIT : 0) | FSYNC_NOLOG,
- 0, 0)) != 0)
- allerror = error;
- VOP_UNLOCK(ump->um_devvp);
+ if (waitfor != MNT_LAZY) {
+ bool need_devvp_fsync;
+
+ mutex_enter(ump->um_devvp->v_interlock);
+ need_devvp_fsync = (ump->um_devvp->v_numoutput > 0 ||
+ !LIST_EMPTY(>um_devvp->v_dirtyblkhd));
+ mutex_exit(ump->um_devvp->v_interlock);
+ if (need_devvp_fsync) {
+ int flags = FSYNC_NOLOG;
+
+ if (waitfor == MNT_WAIT)
+flags |= FSYNC_WAIT;
+
+ vn_lock(ump->um_devvp, LK_EXCLUSIVE | LK_RETRY);
+ if ((error = VOP_FSYNC(ump->um_devvp, cred, flags, 0,
+0)) != 0)
+allerror = error;
+ VOP_UNLOCK(ump->um_devvp);
+ }
}
#if defined(QUOTA) || defined(QUOTA2)
qsync(mp);
CVS commit: [netbsd-8] src/sys/ufs/ffs
Module Name:src
Committed By: martin
Date: Wed May 29 15:51:40 UTC 2019
Modified Files:
src/sys/ufs/ffs [netbsd-8]: ffs_alloc.c
Log Message:
Pull up following revision(s) (requested by kardel in ticket #1272):
sys/ufs/ffs/ffs_alloc.c: revision 1.164
PR/53990, PR/52380, PR/52102: UFS2 cylinder group inode allocation botch
Fix rare allocation botch in ffs_nodealloccg().
Conditions:
a) less than
#_of_initialized_inodes(cg->cg_initediblk)
- inodes_per_filesystem_block
are allocated in the cylinder group
b) cg->cg_irotor points to a uninterupted run of
allocated inodes in the inode bitmap up to the
end of dynamically initialized inodes
(cg->cg_initediblk)
In this case the next inode after this run was returned
without initializing the respective inode block. As the
block is not initialized these inodes could trigger panics
on inode consistency due to old (uninitialized) disk data.
In very rare cases data loss could occur when
the uninitialized inode block is initialized via the
normal mechanism.
Further conditions to occur after the above:
c) no panic
d) no (forced) fsck
e) and more than cg->cg_initediblk - inodes_per_filesystem_block
allocated inodes.
Fix:
Always insure allocation always in initialized inode range
extending the initialized inode range as needed.
Add KASSERTMSG() safeguards.
ok hannken@
To generate a diff of this commit:
cvs rdiff -u -r1.156.6.1 -r1.156.6.2 src/sys/ufs/ffs/ffs_alloc.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/ufs/ffs/ffs_alloc.c
diff -u src/sys/ufs/ffs/ffs_alloc.c:1.156.6.1 src/sys/ufs/ffs/ffs_alloc.c:1.156.6.2
--- src/sys/ufs/ffs/ffs_alloc.c:1.156.6.1 Mon Jul 24 06:21:57 2017
+++ src/sys/ufs/ffs/ffs_alloc.c Wed May 29 15:51:40 2019
@@ -1,4 +1,4 @@
-/* $NetBSD: ffs_alloc.c,v 1.156.6.1 2017/07/24 06:21:57 snj Exp $ */
+/* $NetBSD: ffs_alloc.c,v 1.156.6.2 2019/05/29 15:51:40 martin Exp $ */
/*-
* Copyright (c) 2008, 2009 The NetBSD Foundation, Inc.
@@ -70,7 +70,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: ffs_alloc.c,v 1.156.6.1 2017/07/24 06:21:57 snj Exp $");
+__KERNEL_RCSID(0, "$NetBSD: ffs_alloc.c,v 1.156.6.2 2019/05/29 15:51:40 martin Exp $");
#if defined(_KERNEL_OPT)
#include "opt_ffs.h"
@@ -1259,7 +1259,7 @@ ffs_nodealloccg(struct inode *ip, int cg
struct buf *bp, *ibp;
u_int8_t *inosused;
int error, start, len, loc, map, i;
- int32_t initediblk;
+ int32_t initediblk, maxiblk, irotor;
daddr_t nalloc;
struct ufs2_dinode *dp2;
const int needswap = UFS_FSNEEDSWAP(fs);
@@ -1271,7 +1271,13 @@ ffs_nodealloccg(struct inode *ip, int cg
return (0);
mutex_exit(>um_lock);
ibp = NULL;
- initediblk = -1;
+ if (fs->fs_magic == FS_UFS2_MAGIC) {
+ initediblk = -1;
+ } else {
+ initediblk = fs->fs_ipg;
+ }
+ maxiblk = initediblk;
+
retry:
error = bread(ip->i_devvp, FFS_FSBTODB(fs, cgtod(fs, cg)),
(int)fs->fs_cgsize, B_MODIFY, );
@@ -1291,7 +1297,8 @@ retry:
* Check to see if we need to initialize more inodes.
*/
if (fs->fs_magic == FS_UFS2_MAGIC && ibp == NULL) {
- initediblk = ufs_rw32(cgp->cg_initediblk, needswap);
+ initediblk = ufs_rw32(cgp->cg_initediblk, needswap);
+ maxiblk = initediblk;
nalloc = fs->fs_ipg - ufs_rw32(cgp->cg_cs.cs_nifree, needswap);
if (nalloc + FFS_INOPB(fs) > initediblk &&
initediblk < ufs_rw32(cgp->cg_niblk, needswap)) {
@@ -1307,6 +1314,9 @@ retry:
FFS_NOBLK, fs->fs_bsize, false, );
if (error)
goto fail;
+
+ maxiblk += FFS_INOPB(fs);
+
goto retry;
}
}
@@ -1316,14 +1326,22 @@ retry:
(fs->fs_old_flags & FS_FLAGS_UPDATED))
cgp->cg_time = ufs_rw64(time_second, needswap);
inosused = cg_inosused(cgp, needswap);
+
if (ipref) {
ipref %= fs->fs_ipg;
- if (isclr(inosused, ipref))
+ /* safeguard to stay in (to be) allocated range */
+ if (ipref < maxiblk && isclr(inosused, ipref))
goto gotit;
}
- start = ufs_rw32(cgp->cg_irotor, needswap) / NBBY;
- len = howmany(fs->fs_ipg - ufs_rw32(cgp->cg_irotor, needswap),
- NBBY);
+
+ irotor = ufs_rw32(cgp->cg_irotor, needswap);
+
+ KASSERTMSG(irotor < initediblk, "%s: allocation botch: cg=%d, irotor %d"
+ " out of bounds, initediblk=%d",
+ __func__, cg, irotor, initediblk);
+
+ start = irotor / NBBY;
+ len = howmany(maxiblk - irotor, NBBY);
loc = skpc(0xff, len, [start]);
if (loc == 0) {
len = start + 1;
@@ -1341,9 +1359,17 @@ retry:
if (map == 0) {
panic("%s: block not in map: fs=%s", __func__, fs->fs_fsmnt);
}
+
ipref = i * NBBY + ffs(map) - 1;
+
cgp->cg_irotor = ufs_rw32(ipref, needswap);
+
gotit:
+ KASSERTMSG(ipref < maxiblk, "%s: allocation botch: cg=%d attempt to "
+ "allocate inode index %d beyond max allocated index %d"
+ " of %d inodes/cg",
+ __func__, cg, (int)ipref, maxiblk, cgp->cg_niblk);
+
CVS commit: [netbsd-8] src/sys/ufs/ffs
Module Name:src Committed By: martin Date: Wed May 29 15:51:40 UTC 2019 Modified Files: src/sys/ufs/ffs [netbsd-8]: ffs_alloc.c Log Message: Pull up following revision(s) (requested by kardel in ticket #1272): sys/ufs/ffs/ffs_alloc.c: revision 1.164 PR/53990, PR/52380, PR/52102: UFS2 cylinder group inode allocation botch Fix rare allocation botch in ffs_nodealloccg(). Conditions: a) less than #_of_initialized_inodes(cg->cg_initediblk) - inodes_per_filesystem_block are allocated in the cylinder group b) cg->cg_irotor points to a uninterupted run of allocated inodes in the inode bitmap up to the end of dynamically initialized inodes (cg->cg_initediblk) In this case the next inode after this run was returned without initializing the respective inode block. As the block is not initialized these inodes could trigger panics on inode consistency due to old (uninitialized) disk data. In very rare cases data loss could occur when the uninitialized inode block is initialized via the normal mechanism. Further conditions to occur after the above: c) no panic d) no (forced) fsck e) and more than cg->cg_initediblk - inodes_per_filesystem_block allocated inodes. Fix: Always insure allocation always in initialized inode range extending the initialized inode range as needed. Add KASSERTMSG() safeguards. ok hannken@ To generate a diff of this commit: cvs rdiff -u -r1.156.6.1 -r1.156.6.2 src/sys/ufs/ffs/ffs_alloc.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
