From patchwork Mon Jan  2 14:05:33 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
X-Patchwork-Id: 13087068
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 7616DC3DA7A
	for <linux-mm@archiver.kernel.org>; Mon,  2 Jan 2023 14:05:54 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id C1A5F8E0002; Mon,  2 Jan 2023 09:05:53 -0500 (EST)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id BCB718E0001; Mon,  2 Jan 2023 09:05:53 -0500 (EST)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id AB9FC8E0002; Mon,  2 Jan 2023 09:05:53 -0500 (EST)
X-Delivered-To: linux-mm@kvack.org
Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com
 [216.40.44.12])
	by kanga.kvack.org (Postfix) with ESMTP id 8FB708E0001
	for <linux-mm@kvack.org>; Mon,  2 Jan 2023 09:05:53 -0500 (EST)
Received: from smtpin24.hostedemail.com (a10.router.float.18 [10.200.18.1])
	by unirelay04.hostedemail.com (Postfix) with ESMTP id 5E0251A0929
	for <linux-mm@kvack.org>; Mon,  2 Jan 2023 14:05:53 +0000 (UTC)
X-FDA: 80310032586.24.746A0A7
Received: from www262.sakura.ne.jp (www262.sakura.ne.jp [202.181.97.72])
	by imf09.hostedemail.com (Postfix) with ESMTP id D185D14000B
	for <linux-mm@kvack.org>; Mon,  2 Jan 2023 14:05:50 +0000 (UTC)
Authentication-Results: imf09.hostedemail.com;
	dkim=none;
	dmarc=none;
	spf=none (imf09.hostedemail.com: domain of penguin-kernel@I-love.SAKURA.ne.jp
 has no SPF policy when checking 202.181.97.72)
 smtp.mailfrom=penguin-kernel@I-love.SAKURA.ne.jp
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed;
 d=hostedemail.com;
	s=arc-20220608; t=1672668351;
	h=from:from:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=TDTfmrlEz6ClxJqdY0CX+SLnd6V/nHha3OBb2W2/ixc=;
	b=6S/kIJlxLGEeoC9Z7xieEXbLRNlGgnvzVgQi2w8QLpMZxQW+adPeLr+jh7G985EL1zzVGR
	LC+DsbEnNDKVKzmSJ8FhWql7migSpkQ+8PKR6rBG8rJkTHWRlRKwB0yEIEpM2gFB/xN3hp
	tUAjCVpUOHODeDXKeEDZQu3EXdmCS00=
ARC-Authentication-Results: i=1;
	imf09.hostedemail.com;
	dkim=none;
	dmarc=none;
	spf=none (imf09.hostedemail.com: domain of penguin-kernel@I-love.SAKURA.ne.jp
 has no SPF policy when checking 202.181.97.72)
 smtp.mailfrom=penguin-kernel@I-love.SAKURA.ne.jp
ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1672668351; a=rsa-sha256;
	cv=none;
	b=fmfHyp5G/RAXvEO67Bnj7clQFQepfnNSMepZkHCQG658aM67rs3aU//oK8LJzLULIDZ+0P
	CvFoTaC48Z6afRqN3F4wnKiNsq7hwynu7v/ncdA1MU3xnKh15vuQNA6HMMiahb5uC83P9+
	MluwKYLIPtFeL2lbfP3eoz1hLmSQND4=
Received: from fsav412.sakura.ne.jp (fsav412.sakura.ne.jp [133.242.250.111])
	by www262.sakura.ne.jp (8.15.2/8.15.2) with ESMTP id 302E5Yls085543;
	Mon, 2 Jan 2023 23:05:34 +0900 (JST)
	(envelope-from penguin-kernel@I-love.SAKURA.ne.jp)
Received: from www262.sakura.ne.jp (202.181.97.72)
 by fsav412.sakura.ne.jp (F-Secure/fsigk_smtp/550/fsav412.sakura.ne.jp);
 Mon, 02 Jan 2023 23:05:34 +0900 (JST)
X-Virus-Status: clean(F-Secure/fsigk_smtp/550/fsav412.sakura.ne.jp)
Received: from [192.168.1.20] (M106072142033.v4.enabler.ne.jp [106.72.142.33])
	(authenticated bits=0)
	by www262.sakura.ne.jp (8.15.2/8.15.2) with ESMTPSA id 302E5YWX085539
	(version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NO);
	Mon, 2 Jan 2023 23:05:34 +0900 (JST)
	(envelope-from penguin-kernel@I-love.SAKURA.ne.jp)
Message-ID: <305e5da3-bf57-0fc0-cf5e-4c620a76fb8d@I-love.SAKURA.ne.jp>
Date: Mon, 2 Jan 2023 23:05:33 +0900
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101
 Thunderbird/102.6.1
Subject: [PATCH] fs/ntfs3: don't hold ni_lock when calling truncate_setsize()
Content-Language: en-US
To: Konstantin Komarov <almaz.alexandrovich@paragon-software.com>,
        ntfs3@lists.linux.dev
Cc: syzbot <syzbot+bed15dbf10294aa4f2ae@syzkaller.appspotmail.com>,
        syzkaller-bugs@googlegroups.com, Hillf Danton <hdanton@sina.com>,
        Linus Torvalds <torvalds@linux-foundation.org>
References: <00000000000060d41f05f139aa44@google.com>
 <20230102005409.3474-1-hdanton@sina.com>
 <CAHk-=wim+_xutuWdeykqM34EQxbE3As7+91L5uEVLUCXbUL1CA@mail.gmail.com>
 <20230102094125.3552-1-hdanton@sina.com>
From: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
In-Reply-To: <20230102094125.3552-1-hdanton@sina.com>
X-Rspam-User: 
X-Rspamd-Server: rspam02
X-Rspamd-Queue-Id: D185D14000B
X-Stat-Signature: rgwtsp77rz4hfnfhsydg5541hi6z5hk9
X-HE-Tag: 1672668350-848553
X-HE-Meta: 
 U2FsdGVkX18i5UCFxzLcJXIyfL8FLpCyZrdeBw1vlvxcihTfbjvvf1DhqiJNs6NpxJjgdAUUv/yOINU3zHHkJSo/xVolOHY2dNZ5Ehr8nLjGJCVxtANIP8lWwQlPKuYbQ3XzkZcY+O/tW1mtoG2l4vGf4hPUR+hC//MpShHLXvBb6/Ys5w3ywYR3BWURrHW3r7Ni6D9j6n1jv2WR5IL4jxd0ckxOE6OZQvOrvtTP/PiyMAhA35FxDAZI9IrKyn+ejn7E0Xf9F904QXk6cH69WBRwBP5z/4RBYscBIb8VZWRCa4/EvSlLpJ/flyhuo3tPF45C3PFxV7xj5LgXtuEHNEbto88+MR/79P2F36rQ33YOczn7qZIYOe9Ky18d52T8drFs3vlJMxNE7SM9E5dfuA858gpsExeBA9slx9mblFXL+3dolRjoCcBE9KbtyTppeCBrFclQ+RGCLSDoflnTQtITbb4dIfbQAo5o7IEccJqsyjjpITmWQ0wdw+E5RW+6anEMtkj0isftM2rC2zCB33XCVz73p9jgQxa9lzL2jvB1pISFTY0je545S5enS3m62DbIbchzowKyaZV0FoZwQlNQt2ShX36V5udCWxUKyPqb0dobj1x7/sO/cg95xSkn8KOHAQh5vIWf4hqYWJtdnXxG6ZB3YoOs9AOzt7lmiZLnKYKC+pQer2cFhke9Bg+8gr/YRNUTpq0/p9QaG0Km63TTZz6+LXlM9i6thp9BtSStva8et49NV9mgKc00KoMUUnzNGchUiEuNRZqdZUM5p7z8KtphvlEG51FXIDiLt+c65KQ3zn930Un9eqhPjHXRpoXaOvHkfd820pn9udprgp7dr20En9EA0j3uoeWICJkmSp87r8ogXphWk9FDhpraDvxZqCAWvX2Q+dEeKxHEynVOi7y5EZPU0pLyQDMcNTxdS5I5wciAoYyYLCmUPuzNrUMCiCQ48lBxt3WUn33
 WITnSKqM
 uZICqaux7BxNwvbghGwt0SjZI2o6iFK+6SRMpRq9s8SZr+dRIKsQgYS0if2H8Y4wCNlT6MqFBJBR3sJpMpYi/84qmFHwrYAgvkduurAz5VOl+mB6Woc7AM5ulJmqHa08DK6oSWmsAI8DeSPpLy+oSx1qtB8/D7p0RC4xsoR0HfwOwWGQU5OPKv14vHiPimjd0BA9kUAfEJm9EKeetHzVA+ANMuhhb9lRFOFptFxD2BN4cumVs3uidwXe62ZAxzNWkGc11zjj0tW5vpCdDbnoc6C+Du9PT9azGKAD+mkmaGE1AE6UA6O14giiCJef1WoiNcPTSV4yGVSn2ZMT25PZPpv2Y7HP3IC6rJIYQWk8KxVultTfkbTN0qpl9qw==
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

syzbot is reporting hung task at do_user_addr_fault() [1], for
there is a silent deadlock between PG_locked bit and ni_lock lock.

Since filemap_update_page() calls filemap_read_folio() after calling
folio_trylock() which will set PG_locked bit, ntfs_truncate() must not
call truncate_setsize() which will wait for PG_locked bit to be
cleared when holding ni_lock lock.

Link: https://syzkaller.appspot.com/bug?extid=bed15dbf10294aa4f2ae [1]
Reported-by: syzbot <syzbot+bed15dbf10294aa4f2ae@syzkaller.appspotmail.com>
Debugged-by: Linus Torvalds <torvalds@linux-foundation.org>
Co-developed-by: Hillf Danton <hdanton@sina.com>
Signed-off-by: Hillf Danton <hdanton@sina.com>
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Fixes: 4342306f0f0d ("fs/ntfs3: Add file operations and implementation")
---
By the way, ntfs_truncate() is ignoring attr_set_size() failure. Is it OK?

 fs/ntfs3/file.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/fs/ntfs3/file.c b/fs/ntfs3/file.c
index e5399ebc3a2b..d294cd975688 100644
--- a/fs/ntfs3/file.c
+++ b/fs/ntfs3/file.c
@@ -390,10 +390,10 @@ static int ntfs_truncate(struct inode *inode, loff_t new_size)
 
 	new_valid = ntfs_up_block(sb, min_t(u64, ni->i_valid, new_size));
 
-	ni_lock(ni);
-
 	truncate_setsize(inode, new_size);
 
+	ni_lock(ni);
+
 	down_write(&ni->file.run_lock);
 	err = attr_set_size(ni, ATTR_DATA, NULL, 0, &ni->file.run, new_size,
 			    &new_valid, ni->mi.sbi->options->prealloc, NULL);