Re: [PATCH] mm: cleancache: fix corruption on missed inode invalidation

From: Andrew Morton
Date: Thu Nov 15 2018 - 17:31:07 EST

Next message: Andrew Morton: "Re: [PATCH V4] binder: ipc namespace support for android binder"
Previous message: Andrew Morton: "Re: [PATCH] mm: cleancache: fix corruption on missed inode invalidation"
In reply to: Andrew Morton: "Re: [PATCH] mm: cleancache: fix corruption on missed inode invalidation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 12 Nov 2018 12:57:34 +0300 Pavel Tikhomirov <ptikhomirov@xxxxxxxxxxxxx> wrote:

> If all pages are deleted from the mapping by memory reclaim and also
> moved to the cleancache:
>
> __delete_from_page_cache
> (no shadow case)
> unaccount_page_cache_page
> cleancache_put_page
> page_cache_delete
> mapping->nrpages -= nr
> (nrpages becomes 0)
>
> We don't clean the cleancache for an inode after final file truncation
> (removal).
>
> truncate_inode_pages_final
> check (nrpages || nrexceptional) is false
> no truncate_inode_pages
> no cleancache_invalidate_inode(mapping)
>
> These way when reading the new file created with same inode we may get
> these trash leftover pages from cleancache and see wrong data instead of
> the contents of the new file.
>
> Fix it by always doing truncate_inode_pages which is already ready for
> nrpages == 0 && nrexceptional == 0 case and just invalidates inode.
>

Data corruption sounds serious. Shouldn't we backport this into
-stable kernels?

Next message: Andrew Morton: "Re: [PATCH V4] binder: ipc namespace support for android binder"
Previous message: Andrew Morton: "Re: [PATCH] mm: cleancache: fix corruption on missed inode invalidation"
In reply to: Andrew Morton: "Re: [PATCH] mm: cleancache: fix corruption on missed inode invalidation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]