From 0f2f87d51aebcf71a709b52f661d681594c7dffa Mon Sep 17 00:00:00 2001

From: Zhang Yi <yi.zhang@huawei.com>

Date: Wed, 8 Sep 2021 20:08:50 +0800

Subject: [PATCH] ext4: prevent partial update of the extent blocks

Git-commit: 0f2f87d51aebcf71a709b52f661d681594c7dffa

Patch-mainline: v5.16-rc1

References: bsc#1194163 bsc#1196339

In the most error path of current extents updating operations are not

roll back partial updates properly when some bad things happens(.e.g in

ext4_ext_insert_extent()). So we may get an inconsistent extents tree

if journal has been aborted due to IO error, which may probability lead

to BUGON later when we accessing these extent entries in errors=continue

mode. This patch drop extent buffer's verify flag before updatng the

contents in ext4_ext_get_access(), and reset it after updating in

__ext4_ext_dirty(). After this patch we could force to check the extent

buffer if extents tree updating was break off, make sure the extents are

consistent.

Signed-off-by: Zhang Yi <yi.zhang@huawei.com>

Reviewed-by: Theodore Ts'o <tytso@mit.edu>

Link: https://lore.kernel.org/r/20210908120850.4012324-4-yi.zhang@huawei.com

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

Acked-by: Jan Kara <jack@suse.cz>

---

 fs/ext4/extents.c |   17 +++++++++++++++--

 1 file changed, 15 insertions(+), 2 deletions(-)

--- a/fs/ext4/extents.c

+++ b/fs/ext4/extents.c

@@ -133,14 +133,24 @@ static int ext4_ext_truncate_extend_rest

 static int ext4_ext_get_access(handle_t *handle, struct inode *inode,

 				struct ext4_ext_path *path)

 {

+	int err = 0;

+

 	if (path->p_bh) {

 		/* path points to block */

 		BUFFER_TRACE(path->p_bh, "get_write_access");

-		return ext4_journal_get_write_access(handle, path->p_bh);

+		err = ext4_journal_get_write_access(handle, path->p_bh);

+		/*

+		 * The extent buffer's verified bit will be set again in

+		 * __ext4_ext_dirty(). We could leave an inconsistent

+		 * buffer if the extents updating procudure break off du

+		 * to some error happens, force to check it again.

+		 */

+		if (!err)

+			clear_buffer_verified(path->p_bh);

 	}

 	/* path points to leaf/index in inode body */

 	/* we use in-core data, no need to protect them */

-	return 0;

+	return err;

 }

 /*

@@ -160,6 +170,9 @@ int __ext4_ext_dirty(const char *where,

 		/* path points to block */

 		err = __ext4_handle_dirty_metadata(where, line, handle,

 						   inode, path->p_bh);

+		/* Extents updating done, re-set verified flag */

+		if (!err)

+			set_buffer_verified(path->p_bh);

 	} else {

 		/* path points to leaf/index in inode body */

 		err = ext4_mark_inode_dirty(handle, inode);