ext4: fix data corruption caused by overlapping unaligned and aligned IO
authorLukas Czerner <lczerner@redhat.com>
Sat, 11 May 2019 01:45:33 +0000 (21:45 -0400)
committerTheodore Ts'o <tytso@mit.edu>
Sat, 11 May 2019 01:45:33 +0000 (21:45 -0400)
Unaligned AIO must be serialized because the zeroing of partial blocks
of unaligned AIO can result in data corruption in case it's overlapping
another in flight IO.

Currently we wait for all unwritten extents before we submit unaligned
AIO which protects data in case of unaligned AIO is following overlapping
IO. However if a unaligned AIO is followed by overlapping aligned AIO we
can still end up corrupting data.

To fix this, we must make sure that the unaligned AIO is the only IO in
flight by waiting for unwritten extents conversion not just before the
IO submission, but right after it as well.

This problem can be reproduced by xfstest generic/538

Signed-off-by: Lukas Czerner <lczerner@redhat.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Cc: stable@kernel.org
fs/ext4/file.c

index 98ec11f69cd4d0d50abbaf14b6fd82224a10e6d0..2c5baa5e8291165e07d5609b650c38c13eda587f 100644 (file)
@@ -264,6 +264,13 @@ ext4_file_write_iter(struct kiocb *iocb, struct iov_iter *from)
        }
 
        ret = __generic_file_write_iter(iocb, from);
+       /*
+        * Unaligned direct AIO must be the only IO in flight. Otherwise
+        * overlapping aligned IO after unaligned might result in data
+        * corruption.
+        */
+       if (ret == -EIOCBQUEUED && unaligned_aio)
+               ext4_unwritten_wait(inode);
        inode_unlock(inode);
 
        if (ret > 0)