review.tizen.org Git - platform/kernel/linux-rpi.git/commit

author	Zhang Yi <yi.zhang@huawei.com>
	Wed, 31 Mar 2021 03:31:38 +0000 (11:31 +0800)
committer	Theodore Ts'o <tytso@mit.edu>
	Fri, 9 Apr 2021 16:44:08 +0000 (12:44 -0400)
commit	72ffb49a7b623c92a37657eda7cc46a06d3e8398
tree	f9546df364840c95cc197f300e78082990854a71	tree \| snapshot
parent	21175ca434c5d49509b73cf473618b01b0b85437	commit \| diff

ext4: do not set SB_ACTIVE in ext4_orphan_cleanup()

When CONFIG_QUOTA is enabled, if we failed to mount the filesystem due
to some error happens behind ext4_orphan_cleanup(), it will end up
triggering a after free issue of super_block. The problem is that
ext4_orphan_cleanup() will set SB_ACTIVE flag if CONFIG_QUOTA is
enabled, after we cleanup the truncated inodes, the last iput() will put
them into the lru list, and these inodes' pages may probably dirty and
will be write back by the writeback thread, so it could be raced by
freeing super_block in the error path of mount_bdev().

After check the setting of SB_ACTIVE flag in ext4_orphan_cleanup(), it
was used to ensure updating the quota file properly, but evict inode and
trash data immediately in the last iput does not affect the quotafile,
so setting the SB_ACTIVE flag seems not required[1]. Fix this issue by
just remove the SB_ACTIVE setting.

[1] https://lore.kernel.org/linux-ext4/99cce8ca-e4a0-7301-840f-2ace67c551f3@huawei.com/T/#m04990cfbc4f44592421736b504afcc346b2a7c00

Cc: stable@kernel.org
Signed-off-by: Zhang Yi <yi.zhang@huawei.com>
Tested-by: Jan Kara <jack@suse.cz>
Reviewed-by: Jan Kara <jack@suse.cz>
Link: https://lore.kernel.org/r/20210331033138.918975-1-yi.zhang@huawei.com
Signed-off-by: Theodore Ts'o <tytso@mit.edu>