{"payload":{"feedbackUrl":"https://github.com/orgs/community/discussions/53140","repo":{"id":550300851,"defaultBranch":"master","name":"nilfs2-kmod8","ownerLogin":"nilfs-dev","currentUserCanPush":false,"isFork":false,"isEmpty":false,"createdAt":"2022-10-12T14:26:44.000Z","ownerAvatar":"https://avatars.githubusercontent.com/u/1202600?v=4","public":true,"private":false,"isOrgOwned":true},"refInfo":{"name":"","listCacheKey":"v0:1727022252.0","currentOid":""},"activityList":{"items":[{"before":"45b36cdd49540453c06f562be2ee1a012f7b0866","after":"e49f2e869424c7f7432335aa6cdb1e3360f0c9c0","ref":"refs/heads/master","pushedAt":"2024-09-22T16:24:12.000Z","pushType":"push","commitsCount":11,"pusher":{"login":"konis","name":"Ryusuke Konishi","path":"/konis","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1105451?s=80&v=4"},"commit":{"message":"nilfs2-kmod8 v1.20 release\n\nSigned-off-by: Ryusuke Konishi ","shortMessageHtmlLink":"nilfs2-kmod8 v1.20 release"}},{"before":"126264f0be14d6ff670fb653c556ec04541bcafc","after":"45b36cdd49540453c06f562be2ee1a012f7b0866","ref":"refs/heads/master","pushedAt":"2024-09-05T05:01:36.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"konis","name":"Ryusuke Konishi","path":"/konis","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1105451?s=80&v=4"},"commit":{"message":"nilfs2-kmod8 v1.19 release\n\nSigned-off-by: Ryusuke Konishi ","shortMessageHtmlLink":"nilfs2-kmod8 v1.19 release"}},{"before":"35df4a2efbd546b84f650f82eb67586e8a54e8b4","after":"126264f0be14d6ff670fb653c556ec04541bcafc","ref":"refs/heads/master","pushedAt":"2024-09-05T04:37:25.000Z","pushType":"push","commitsCount":6,"pusher":{"login":"konis","name":"Ryusuke Konishi","path":"/konis","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1105451?s=80&v=4"},"commit":{"message":"nilfs2: fix state management in error path of log writing function\n\ncommit 6576dd6695f2afca3f4954029ac4a64f82ba60ab upstream.\n\nAfter commit a694291a6211 (\"nilfs2: separate wait function from\nnilfs_segctor_write\") was applied, the log writing function\nnilfs_segctor_do_construct() was able to issue I/O requests continuously\neven if user data blocks were split into multiple logs across segments,\nbut two potential flaws were introduced in its error handling.\n\nFirst, if nilfs_segctor_begin_construction() fails while creating the\nsecond or subsequent logs, the log writing function returns without\ncalling nilfs_segctor_abort_construction(), so the writeback flag set on\npages/folios will remain uncleared. This causes page cache operations to\nhang waiting for the writeback flag. For example,\ntruncate_inode_pages_final(), which is called via nilfs_evict_inode() when\nan inode is evicted from memory, will hang.\n\nSecond, the NILFS_I_COLLECTED flag set on normal inodes remain uncleared.\nAs a result, if the next log write involves checkpoint creation, that's\nfine, but if a partial log write is performed that does not, inodes with\nNILFS_I_COLLECTED set are erroneously removed from the \"sc_dirty_files\"\nlist, and their data and b-tree blocks may not be written to the device,\ncorrupting the block mapping.\n\nFix these issues by uniformly calling nilfs_segctor_abort_construction()\non failure of each step in the loop in nilfs_segctor_do_construct(),\nhaving it clean up logs and segment usages according to progress, and\ncorrecting the conditions for calling nilfs_redirty_inodes() to ensure\nthat the NILFS_I_COLLECTED flag is cleared.\n\nLink: https://lkml.kernel.org/r/20240814101119.4070-1-konishi.ryusuke@gmail.com\nFixes: a694291a6211 (\"nilfs2: separate wait function from nilfs_segctor_write\")\nSigned-off-by: Ryusuke Konishi \nTested-by: Ryusuke Konishi \nCc: \nSigned-off-by: Andrew Morton ","shortMessageHtmlLink":"nilfs2: fix state management in error path of log writing function"}},{"before":"858ada218385acf9338aea74679111fc908b85f3","after":"35df4a2efbd546b84f650f82eb67586e8a54e8b4","ref":"refs/heads/master","pushedAt":"2024-07-11T15:07:12.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"konis","name":"Ryusuke Konishi","path":"/konis","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1105451?s=80&v=4"},"commit":{"message":"nilfs2-kmod8 v1.18 release\n\nSigned-off-by: Ryusuke Konishi ","shortMessageHtmlLink":"nilfs2-kmod8 v1.18 release"}},{"before":"53774aedd29755c41a7ad30db2ca8fafb05e1a5f","after":"858ada218385acf9338aea74679111fc908b85f3","ref":"refs/heads/master","pushedAt":"2024-07-11T14:54:44.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"konis","name":"Ryusuke Konishi","path":"/konis","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1105451?s=80&v=4"},"commit":{"message":"nilfs2: fix kernel bug on rename operation of broken directory\n\ncommit a9e1ddc09ca55746079cc479aa3eb6411f0d99d4 upstream.\n\nSyzbot reported that in rename directory operation on broken directory on\nnilfs2, __block_write_begin_int() called to prepare block write may fail\nBUG_ON check for access exceeding the folio/page size.\n\nThis is because nilfs_dotdot(), which gets parent directory reference\nentry (\"..\") of the directory to be moved or renamed, does not check\nconsistency enough, and may return location exceeding folio/page size for\nbroken directories.\n\nFix this issue by checking required directory entries (\".\" and \"..\") in\nthe first chunk of the directory in nilfs_dotdot().\n\nLink: https://lkml.kernel.org/r/20240628165107.9006-1-konishi.ryusuke@gmail.com\nSigned-off-by: Ryusuke Konishi \nReported-by: syzbot+d3abed1ad3d367fa2627@syzkaller.appspotmail.com\nCloses: https://syzkaller.appspot.com/bug?extid=d3abed1ad3d367fa2627\nFixes: 2ba466d74ed7 (\"nilfs2: directory entry operations\")\nTested-by: Ryusuke Konishi \nCc: \nSigned-off-by: Andrew Morton \nSigned-off-by: Ryusuke Konishi ","shortMessageHtmlLink":"nilfs2: fix kernel bug on rename operation of broken directory"}},{"before":"884147fbf3ba1c66bad0f245544f5659482c74bf","after":"53774aedd29755c41a7ad30db2ca8fafb05e1a5f","ref":"refs/heads/master","pushedAt":"2024-07-05T17:00:42.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"konis","name":"Ryusuke Konishi","path":"/konis","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1105451?s=80&v=4"},"commit":{"message":"nilfs2-kmod8 v1.17 release\n\nSigned-off-by: Ryusuke Konishi ","shortMessageHtmlLink":"nilfs2-kmod8 v1.17 release"}},{"before":"6b5815cdcfbc1f117a603057f89a84a5d8bd3dd8","after":"884147fbf3ba1c66bad0f245544f5659482c74bf","ref":"refs/heads/master","pushedAt":"2024-07-05T16:49:08.000Z","pushType":"push","commitsCount":3,"pusher":{"login":"konis","name":"Ryusuke Konishi","path":"/konis","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1105451?s=80&v=4"},"commit":{"message":"nilfs2: fix incorrect inode allocation from reserved inodes\n\nIf the bitmap block that manages the inode allocation status is corrupted,\nnilfs_ifile_create_inode() may allocate a new inode from the reserved\ninode area where it should not be allocated.\n\nPrevious fix commit d325dc6eb763 (\"nilfs2: fix use-after-free bug of\nstruct nilfs_root\"), fixed the problem that reserved inodes with inode\nnumbers less than NILFS_USER_INO (=11) were incorrectly reallocated due to\nbitmap corruption, but since the start number of non-reserved inodes is\nread from the super block and may change, in which case inode allocation\nmay occur from the extended reserved inode area.\n\nIf that happens, access to that inode will cause an IO error, causing the\nfile system to degrade to an error state.\n\nFix this potential issue by adding a wraparound option to the common\nmetadata object allocation routine and by modifying\nnilfs_ifile_create_inode() to disable the option so that it only allocates\ninodes with inode numbers greater than or equal to the inode number read\nin \"nilfs->ns_first_ino\", regardless of the bitmap status of reserved\ninodes.\n\n[ konishi.ryusuke: adjusted for implementation before kmap replacement ]\nLink: https://lkml.kernel.org/r/20240623051135.4180-4-konishi.ryusuke@gmail.com\nSigned-off-by: Ryusuke Konishi \nCc: Hillf Danton \nCc: Jan Kara \nCc: Matthew Wilcox (Oracle) \nCc: \nSigned-off-by: Andrew Morton \nSigned-off-by: Ryusuke Konishi ","shortMessageHtmlLink":"nilfs2: fix incorrect inode allocation from reserved inodes"}},{"before":"2263c0a84156a8d0538478e16d7698a8f022d57e","after":"6b5815cdcfbc1f117a603057f89a84a5d8bd3dd8","ref":"refs/heads/master","pushedAt":"2024-06-08T12:35:28.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"konis","name":"Ryusuke Konishi","path":"/konis","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1105451?s=80&v=4"},"commit":{"message":"nilfs2-kmod8 v1.16 release\n\nSigned-off-by: Ryusuke Konishi ","shortMessageHtmlLink":"nilfs2-kmod8 v1.16 release"}},{"before":"823d4f3bf5e639c5799bbb724901f3799510ee7c","after":"2263c0a84156a8d0538478e16d7698a8f022d57e","ref":"refs/heads/master","pushedAt":"2024-06-08T12:26:21.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"konis","name":"Ryusuke Konishi","path":"/konis","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1105451?s=80&v=4"},"commit":{"message":"nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors\n\nThe error handling in nilfs_empty_dir() when a directory folio/page read\nfails is incorrect, as in the old ext2 implementation, and if the\nfolio/page cannot be read or nilfs_check_folio() fails, it will falsely\ndetermine the directory as empty and corrupt the file system.\n\nIn addition, since nilfs_empty_dir() does not immediately return on a\nfailed folio/page read, but continues to loop, this can cause a long loop\nwith I/O if i_size of the directory's inode is also corrupted, causing the\nlog writer thread to wait and hang, as reported by syzbot.\n\nFix these issues by making nilfs_empty_dir() immediately return a false\nvalue (0) if it fails to get a directory folio/page.\n\nLink: https://lkml.kernel.org/r/20240604134255.7165-1-konishi.ryusuke@gmail.com\nSigned-off-by: Ryusuke Konishi \nReported-by: syzbot+c8166c541d3971bf6c87@syzkaller.appspotmail.com\nCloses: https://syzkaller.appspot.com/bug?extid=c8166c541d3971bf6c87\nFixes: 2ba466d74ed7 (\"nilfs2: directory entry operations\")\nTested-by: Ryusuke Konishi \nCc: \nSigned-off-by: Andrew Morton \nSigned-off-by: Ryusuke Konishi ","shortMessageHtmlLink":"nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors"}},{"before":"f987b1d6e8476cc40be5ca50bbf193d16550e39b","after":"823d4f3bf5e639c5799bbb724901f3799510ee7c","ref":"refs/heads/master","pushedAt":"2024-06-01T00:34:11.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"konis","name":"Ryusuke Konishi","path":"/konis","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1105451?s=80&v=4"},"commit":{"message":"README: remove CentOS 8 stream from supported distributions\n\nCentOS 8 stream has reached its EOL at the end of May 2024, so cancel\nit in the list of supported distributions.\n\nSigned-off-by: Ryusuke Konishi ","shortMessageHtmlLink":"README: remove CentOS 8 stream from supported distributions"}},{"before":"9707a7a30b76893945e404363803835545a2affc","after":"f987b1d6e8476cc40be5ca50bbf193d16550e39b","ref":"refs/heads/master","pushedAt":"2024-05-27T05:26:13.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"konis","name":"Ryusuke Konishi","path":"/konis","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1105451?s=80&v=4"},"commit":{"message":"nilfs2-kmod8 v1.15 release\n\nSigned-off-by: Ryusuke Konishi ","shortMessageHtmlLink":"nilfs2-kmod8 v1.15 release"}},{"before":"67425b4081e6a51dc711b0387cf1a778a34f4f9a","after":"9707a7a30b76893945e404363803835545a2affc","ref":"refs/heads/master","pushedAt":"2024-05-27T05:13:57.000Z","pushType":"push","commitsCount":7,"pusher":{"login":"konis","name":"Ryusuke Konishi","path":"/konis","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1105451?s=80&v=4"},"commit":{"message":"nilfs2: fix potential hang in nilfs_detach_log_writer()\n\nSyzbot has reported a potential hang in nilfs_detach_log_writer() called\nduring nilfs2 unmount.\n\nAnalysis revealed that this is because nilfs_segctor_sync(), which\nsynchronizes with the log writer thread, can be called after\nnilfs_segctor_destroy() terminates that thread, as shown in the call trace\nbelow:\n\nnilfs_detach_log_writer\n nilfs_segctor_destroy\n nilfs_segctor_kill_thread --> Shut down log writer thread\n flush_work\n nilfs_iput_work_func\n nilfs_dispose_list\n iput\n nilfs_evict_inode\n nilfs_transaction_commit\n nilfs_construct_segment (if inode needs sync)\n nilfs_segctor_sync --> Attempt to synchronize with\n log writer thread\n *** DEADLOCK ***\n\nFix this issue by changing nilfs_segctor_sync() so that the log writer\nthread returns normally without synchronizing after it terminates, and by\nforcing tasks that are already waiting to complete once after the thread\nterminates.\n\nThe skipped inode metadata flushout will then be processed together in the\nsubsequent cleanup work in nilfs_segctor_destroy().\n\nLink: https://lkml.kernel.org/r/20240520132621.4054-4-konishi.ryusuke@gmail.com\nSigned-off-by: Ryusuke Konishi \nReported-by: syzbot+e3973c409251e136fdd0@syzkaller.appspotmail.com\nCloses: https://syzkaller.appspot.com/bug?extid=e3973c409251e136fdd0\nTested-by: Ryusuke Konishi \nCc: \nCc: \"Bai, Shuangpeng\" \nSigned-off-by: Andrew Morton \nSigned-off-by: Ryusuke Konishi ","shortMessageHtmlLink":"nilfs2: fix potential hang in nilfs_detach_log_writer()"}},{"before":"0a42689b24abe27e0dc403daec03beffbb0dd01c","after":"67425b4081e6a51dc711b0387cf1a778a34f4f9a","ref":"refs/heads/master","pushedAt":"2024-03-16T09:51:20.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"konis","name":"Ryusuke Konishi","path":"/konis","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1105451?s=80&v=4"},"commit":{"message":"nilfs2-kmod8 v1.14 release\n\nSigned-off-by: Ryusuke Konishi ","shortMessageHtmlLink":"nilfs2-kmod8 v1.14 release"}},{"before":"e3ca1c3c6d3c9f06b3c3164df31932ff6d20d377","after":"0a42689b24abe27e0dc403daec03beffbb0dd01c","ref":"refs/heads/master","pushedAt":"2024-03-16T09:41:16.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"konis","name":"Ryusuke Konishi","path":"/konis","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1105451?s=80&v=4"},"commit":{"message":"nilfs2: prevent kernel bug at submit_bh_wbc()\n\nFix a bug where nilfs_get_block() returns a successful status when\nsearching and inserting the specified block both fail inconsistently. If\nthis inconsistent behavior is not due to a previously fixed bug, then an\nunexpected race is occurring, so return a temporary error -EAGAIN instead.\n\nThis prevents callers such as __block_write_begin_int() from requesting a\nread into a buffer that is not mapped, which would cause the BUG_ON check\nfor the BH_Mapped flag in submit_bh_wbc() to fail.\n\nLink: https://lkml.kernel.org/r/20240313105827.5296-3-konishi.ryusuke@gmail.com\nFixes: 1f5abe7e7dbc (\"nilfs2: replace BUG_ON and BUG calls triggerable from ioctl\")\nSigned-off-by: Ryusuke Konishi \nCc: \nSigned-off-by: Andrew Morton \nSigned-off-by: Ryusuke Konishi ","shortMessageHtmlLink":"nilfs2: prevent kernel bug at submit_bh_wbc()"}},{"before":"57ab2dc43cb980b1852727e4113258f5b243cf53","after":"e3ca1c3c6d3c9f06b3c3164df31932ff6d20d377","ref":"refs/heads/master","pushedAt":"2024-02-11T11:02:08.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"konis","name":"Ryusuke Konishi","path":"/konis","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1105451?s=80&v=4"},"commit":{"message":"nilfs2-kmod8 v1.13 release","shortMessageHtmlLink":"nilfs2-kmod8 v1.13 release"}},{"before":"138086c4c872d59f3e6fc958aa4302bb86f03c02","after":"57ab2dc43cb980b1852727e4113258f5b243cf53","ref":"refs/heads/master","pushedAt":"2024-02-11T10:55:55.000Z","pushType":"push","commitsCount":5,"pusher":{"login":"konis","name":"Ryusuke Konishi","path":"/konis","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1105451?s=80&v=4"},"commit":{"message":"nilfs2: fix potential bug in end_buffer_async_write\n\nAccording to a syzbot report, end_buffer_async_write(), which handles the\ncompletion of block device writes, may detect abnormal condition of the\nbuffer async_write flag and cause a BUG_ON failure when using nilfs2.\n\nNilfs2 itself does not use end_buffer_async_write(). But, the async_write\nflag is now used as a marker by commit 7f42ec394156 (\"nilfs2: fix issue\nwith race condition of competition between segments for dirty blocks\") as\na means of resolving double list insertion of dirty blocks in\nnilfs_lookup_dirty_data_buffers() and nilfs_lookup_node_buffers() and the\nresulting crash.\n\nThis modification is safe as long as it is used for file data and b-tree\nnode blocks where the page caches are independent. However, it was\nirrelevant and redundant to also introduce async_write for segment summary\nand super root blocks that share buffers with the backing device. This\nled to the possibility that the BUG_ON check in end_buffer_async_write\nwould fail as described above, if independent writebacks of the backing\ndevice occurred in parallel.\n\nThe use of async_write for segment summary buffers has already been\nremoved in a previous change.\n\nFix this issue by removing the manipulation of the async_write flag for\nthe remaining super root block buffer.\n\nLink: https://lkml.kernel.org/r/20240203161645.4992-1-konishi.ryusuke@gmail.com\nFixes: 7f42ec394156 (\"nilfs2: fix issue with race condition of competition between segments for dirty blocks\")\nSigned-off-by: Ryusuke Konishi \nReported-by: syzbot+5c04210f7c7f897c1e7f@syzkaller.appspotmail.com\nCloses: https://lkml.kernel.org/r/00000000000019a97c05fd42f8c8@google.com\nCc: \nSigned-off-by: Andrew Morton \nSigned-off-by: Ryusuke Konishi ","shortMessageHtmlLink":"nilfs2: fix potential bug in end_buffer_async_write"}},{"before":"b968f64ddf5e82ccb22801269a276820de527556","after":"138086c4c872d59f3e6fc958aa4302bb86f03c02","ref":"refs/heads/master","pushedAt":"2023-12-09T14:38:21.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"konis","name":"Ryusuke Konishi","path":"/konis","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1105451?s=80&v=4"},"commit":{"message":"nilfs2-kmod8 v1.12 release\n\nSigned-off-by: Ryusuke Konishi ","shortMessageHtmlLink":"nilfs2-kmod8 v1.12 release"}},{"before":"6b847922e21cbe4f7080fe61f2b32d235b1dbee4","after":"b968f64ddf5e82ccb22801269a276820de527556","ref":"refs/heads/master","pushedAt":"2023-12-09T14:31:37.000Z","pushType":"push","commitsCount":3,"pusher":{"login":"konis","name":"Ryusuke Konishi","path":"/konis","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1105451?s=80&v=4"},"commit":{"message":"nilfs2: prevent WARNING in nilfs_sufile_set_segment_usage()\n\nIf nilfs2 reads a disk image with corrupted segment usage metadata, and\nits segment usage information is marked as an error for the segment at the\nwrite location, nilfs_sufile_set_segment_usage() can trigger WARN_ONs\nduring log writing.\n\nSegments newly allocated for writing with nilfs_sufile_alloc() will not\nhave this error flag set, but this unexpected situation will occur if the\nsegment indexed by either nilfs->ns_segnum or nilfs->ns_nextnum (active\nsegment) was marked in error.\n\nFix this issue by inserting a sanity check to treat it as a file system\ncorruption.\n\nSince error returns are not allowed during the execution phase where\nnilfs_sufile_set_segment_usage() is used, this inserts the sanity check\ninto nilfs_sufile_mark_dirty() which pre-reads the buffer containing the\nsegment usage record to be updated and sets it up in a dirty state for\nwriting.\n\nIn addition, nilfs_sufile_set_segment_usage() is also called when\ncanceling log writing and undoing segment usage update, so in order to\navoid issuing the same kernel warning in that case, in case of\ncancellation, avoid checking the error flag in\nnilfs_sufile_set_segment_usage().\n\nLink: https://lkml.kernel.org/r/20231205085947.4431-1-konishi.ryusuke@gmail.com\nSigned-off-by: Ryusuke Konishi \nReported-by: syzbot+14e9f834f6ddecece094@syzkaller.appspotmail.com\nCloses: https://syzkaller.appspot.com/bug?extid=14e9f834f6ddecece094\nTested-by: Ryusuke Konishi \nCc: \nSigned-off-by: Andrew Morton \nSigned-off-by: Ryusuke Konishi ","shortMessageHtmlLink":"nilfs2: prevent WARNING in nilfs_sufile_set_segment_usage()"}},{"before":"6324bdc6bdc6b25581ebc2f957c6ad1f6175f67d","after":"6b847922e21cbe4f7080fe61f2b32d235b1dbee4","ref":"refs/heads/master","pushedAt":"2023-09-03T16:10:02.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"konis","name":"Ryusuke Konishi","path":"/konis","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1105451?s=80&v=4"},"commit":{"message":"nilfs2-kmod8 v1.11 release\n\nSigned-off-by: Ryusuke Konishi ","shortMessageHtmlLink":"nilfs2-kmod8 v1.11 release"}},{"before":"57d671ecdcb02ff2ef4ea71b86e6de3e106d240b","after":"6324bdc6bdc6b25581ebc2f957c6ad1f6175f67d","ref":"refs/heads/master","pushedAt":"2023-09-03T15:57:31.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"konis","name":"Ryusuke Konishi","path":"/konis","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1105451?s=80&v=4"},"commit":{"message":"nilfs2: fix WARNING in mark_buffer_dirty due to discarded buffer reuse\n\nA syzbot stress test using a corrupted disk image reported that\nmark_buffer_dirty() called from __nilfs_mark_inode_dirty() or\nnilfs_palloc_commit_alloc_entry() may output a kernel warning, and can\npanic if the kernel is booted with panic_on_warn.\n\nThis is because nilfs2 keeps buffer pointers in local structures for some\nmetadata and reuses them, but such buffers may be forcibly discarded by\nnilfs_clear_dirty_page() in some critical situations.\n\nThis issue is reported to appear after commit 28a65b49eb53 (\"nilfs2: do\nnot write dirty data after degenerating to read-only\"), but the issue has\npotentially existed before.\n\nFix this issue by checking the uptodate flag when attempting to reuse an\ninternally held buffer, and reloading the metadata instead of reusing the\nbuffer if the flag was lost.\n\nLink: https://lkml.kernel.org/r/20230818131804.7758-1-konishi.ryusuke@gmail.com\nSigned-off-by: Ryusuke Konishi \nReported-by: syzbot+cdfcae656bac88ba0e2d@syzkaller.appspotmail.com\nCloses: https://lkml.kernel.org/r/0000000000003da75f05fdeffd12@google.com\nFixes: 8c26c4e2694a (\"nilfs2: fix issue with flush kernel thread after remount in RO mode because of driver's internal error or metadata corruption\")\nTested-by: Ryusuke Konishi \nCc: # 3.10+\nSigned-off-by: Andrew Morton \nSigned-off-by: Ryusuke Konishi ","shortMessageHtmlLink":"nilfs2: fix WARNING in mark_buffer_dirty due to discarded buffer reuse"}},{"before":"3f6e1f8fa6d2c296fcd8aeb259fed1865f065a95","after":"57d671ecdcb02ff2ef4ea71b86e6de3e106d240b","ref":"refs/heads/master","pushedAt":"2023-08-29T02:33:05.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"konis","name":"Ryusuke Konishi","path":"/konis","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1105451?s=80&v=4"},"commit":{"message":"nilfs2: fix general protection fault in nilfs_lookup_dirty_data_buffers()\n\ncommit f83913f8c5b882a312e72b7669762f8a5c9385e4 upstream.\n\nA syzbot stress test reported that create_empty_buffers() called from\nnilfs_lookup_dirty_data_buffers() can cause a general protection fault.\n\nAnalysis using its reproducer revealed that the back reference \"mapping\"\nfrom a page/folio has been changed to NULL after dirty page/folio gang\nlookup in nilfs_lookup_dirty_data_buffers().\n\nFix this issue by excluding pages/folios from being collected if, after\nacquiring a lock on each page/folio, its back reference \"mapping\" differs\nfrom the pointer to the address space struct that held the page/folio.\n\nLink: https://lkml.kernel.org/r/20230805132038.6435-1-konishi.ryusuke@gmail.com\nSigned-off-by: Ryusuke Konishi \nReported-by: syzbot+0ad741797f4565e7e2d2@syzkaller.appspotmail.com\nCloses: https://lkml.kernel.org/r/0000000000002930a705fc32b231@google.com\nTested-by: Ryusuke Konishi \nCc: \nSigned-off-by: Andrew Morton \nSigned-off-by: Ryusuke Konishi ","shortMessageHtmlLink":"nilfs2: fix general protection fault in nilfs_lookup_dirty_data_buffe…"}},{"before":"16f93faa9095a1902ee9983a700f5a2ae888463d","after":"3f6e1f8fa6d2c296fcd8aeb259fed1865f065a95","ref":"refs/heads/master","pushedAt":"2023-08-12T08:44:16.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"konis","name":"Ryusuke Konishi","path":"/konis","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1105451?s=80&v=4"},"commit":{"message":"nilfs2: fix use-after-free of nilfs_root in dirtying inodes via iput\n\nDuring unmount process of nilfs2, nothing holds nilfs_root structure after\nnilfs2 detaches its writer in nilfs_detach_log_writer(). Previously,\nnilfs_evict_inode() could cause use-after-free read for nilfs_root if\ninodes are left in \"garbage_list\" and released by nilfs_dispose_list at\nthe end of nilfs_detach_log_writer(), and this bug was fixed by commit\n9b5a04ac3ad9 (\"nilfs2: fix use-after-free bug of nilfs_root in\nnilfs_evict_inode()\").\n\nHowever, it turned out that there is another possibility of UAF in the\ncall path where mark_inode_dirty_sync() is called from iput():\n\nnilfs_detach_log_writer()\n nilfs_dispose_list()\n iput()\n mark_inode_dirty_sync()\n __mark_inode_dirty()\n nilfs_dirty_inode()\n __nilfs_mark_inode_dirty()\n nilfs_load_inode_block() --> causes UAF of nilfs_root struct\n\nThis can happen after commit 0ae45f63d4ef (\"vfs: add support for a\nlazytime mount option\"), which changed iput() to call\nmark_inode_dirty_sync() on its final reference if i_state has I_DIRTY_TIME\nflag and i_nlink is non-zero.\n\nThis issue appears after commit 28a65b49eb53 (\"nilfs2: do not write dirty\ndata after degenerating to read-only\") when using the syzbot reproducer,\nbut the issue has potentially existed before.\n\nFix this issue by adding a \"purging flag\" to the nilfs structure, setting\nthat flag while disposing the \"garbage_list\" and checking it in\n__nilfs_mark_inode_dirty().\n\nUnlike commit 9b5a04ac3ad9 (\"nilfs2: fix use-after-free bug of nilfs_root\nin nilfs_evict_inode()\"), this patch does not rely on ns_writer to\ndetermine whether to skip operations, so as not to break recovery on\nmount. The nilfs_salvage_orphan_logs routine dirties the buffer of\nsalvaged data before attaching the log writer, so changing\n__nilfs_mark_inode_dirty() to skip the operation when ns_writer is NULL\nwill cause recovery write to fail. The purpose of using the cleanup-only\nflag is to allow for narrowing of such conditions.\n\nLink: https://lkml.kernel.org/r/20230728191318.33047-1-konishi.ryusuke@gmail.com\nSigned-off-by: Ryusuke Konishi \nReported-by: syzbot+74db8b3087f293d3a13a@syzkaller.appspotmail.com\nCloses: https://lkml.kernel.org/r/000000000000b4e906060113fd63@google.com\nFixes: 0ae45f63d4ef (\"vfs: add support for a lazytime mount option\")\nTested-by: Ryusuke Konishi \nCc: # 4.0+\nSigned-off-by: Andrew Morton \nSigned-off-by: Ryusuke Konishi ","shortMessageHtmlLink":"nilfs2: fix use-after-free of nilfs_root in dirtying inodes via iput"}},{"before":"9c8f0ecb470d88c9ceabeb6933525d0801273bbb","after":"16f93faa9095a1902ee9983a700f5a2ae888463d","ref":"refs/heads/master","pushedAt":"2023-06-24T13:01:03.519Z","pushType":"push","commitsCount":1,"pusher":{"login":"konis","name":"Ryusuke Konishi","path":"/konis","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1105451?s=80&v=4"},"commit":{"message":"nilfs2-kmod8 v1.10 release\n\nSigned-off-by: Ryusuke Konishi ","shortMessageHtmlLink":"nilfs2-kmod8 v1.10 release"}},{"before":"9d7414aa2d0fa0a5b5ca83e5d31a71f719f35513","after":"9c8f0ecb470d88c9ceabeb6933525d0801273bbb","ref":"refs/heads/master","pushedAt":"2023-06-24T12:47:46.565Z","pushType":"push","commitsCount":2,"pusher":{"login":"konis","name":"Ryusuke Konishi","path":"/konis","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1105451?s=80&v=4"},"commit":{"message":"nilfs2: prevent general protection fault in nilfs_clear_dirty_page()\n\nIn a syzbot stress test that deliberately causes file system errors on\nnilfs2 with a corrupted disk image, it has been reported that\nnilfs_clear_dirty_page() called from nilfs_clear_dirty_pages() can cause a\ngeneral protection fault.\n\nIn nilfs_clear_dirty_pages(), when looking up dirty pages from the page\ncache and calling nilfs_clear_dirty_page() for each dirty page/folio\nretrieved, the back reference from the argument page to \"mapping\" may have\nbeen changed to NULL (and possibly others). It is necessary to check this\nafter locking the page/folio.\n\nSo, fix this issue by not calling nilfs_clear_dirty_page() on a page/folio\nafter locking it in nilfs_clear_dirty_pages() if the back reference\n\"mapping\" from the page/folio is different from the \"mapping\" that held\nthe page/folio just before.\n\nLink: https://lkml.kernel.org/r/20230612021456.3682-1-konishi.ryusuke@gmail.com\nSigned-off-by: Ryusuke Konishi \nReported-by: syzbot+53369d11851d8f26735c@syzkaller.appspotmail.com\nCloses: https://lkml.kernel.org/r/000000000000da4f6b05eb9bf593@google.com\nTested-by: Ryusuke Konishi \nCc: \nSigned-off-by: Andrew Morton \n[Converted folio back to page-based]\nSigned-off-by: Ryusuke Konishi ","shortMessageHtmlLink":"nilfs2: prevent general protection fault in nilfs_clear_dirty_page()"}},{"before":"3901a66d6703376e5344b1d4d88930bb4a69ea95","after":"9d7414aa2d0fa0a5b5ca83e5d31a71f719f35513","ref":"refs/heads/master","pushedAt":"2023-06-14T13:57:47.227Z","pushType":"push","commitsCount":1,"pusher":{"login":"konis","name":"Ryusuke Konishi","path":"/konis","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1105451?s=80&v=4"},"commit":{"message":"nilfs2-kmod8 v1.9 release\n\nSigned-off-by: Ryusuke Konishi ","shortMessageHtmlLink":"nilfs2-kmod8 v1.9 release"}},{"before":"7486f9f1edbf7033bcccde989a6b228e69dd96b8","after":"3901a66d6703376e5344b1d4d88930bb4a69ea95","ref":"refs/heads/master","pushedAt":"2023-06-14T13:46:13.387Z","pushType":"push","commitsCount":4,"pusher":{"login":"konis","name":"Ryusuke Konishi","path":"/konis","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1105451?s=80&v=4"},"commit":{"message":"nilfs2: reject devices with insufficient block count\n\nThe current sanity check for nilfs2 geometry information lacks checks for\nthe number of segments stored in superblocks, so even for device images\nthat have been destructively truncated or have an unusually high number of\nsegments, the mount operation may succeed.\n\nThis causes out-of-bounds block I/O on file system block reads or log\nwrites to the segments, the latter in particular causing\n\"a_ops->writepages\" to repeatedly fail, resulting in sync_inodes_sb() to\nhang.\n\nFix this issue by checking the number of segments stored in the superblock\nand avoiding mounting devices that can cause out-of-bounds accesses. To\neliminate the possibility of overflow when calculating the number of\nblocks required for the device from the number of segments, this also adds\na helper function to calculate the upper bound on the number of segments\nand inserts a check using it.\n\nLink: https://lkml.kernel.org/r/20230526021332.3431-1-konishi.ryusuke@gmail.com\nSigned-off-by: Ryusuke Konishi \nReported-by: syzbot+7d50f1e54a12ba3aeae2@syzkaller.appspotmail.com\n Link: https://syzkaller.appspot.com/bug?extid=7d50f1e54a12ba3aeae2\nTested-by: Ryusuke Konishi \nCc: \nSigned-off-by: Andrew Morton \nSigned-off-by: Ryusuke Konishi ","shortMessageHtmlLink":"nilfs2: reject devices with insufficient block count"}},{"before":"97e4b17894e632c259dc1a4a27e0c5e42d407dea","after":"7486f9f1edbf7033bcccde989a6b228e69dd96b8","ref":"refs/heads/master","pushedAt":"2023-05-22T06:19:00.728Z","pushType":"push","commitsCount":1,"pusher":{"login":"konis","name":"Ryusuke Konishi","path":"/konis","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1105451?s=80&v=4"},"commit":{"message":"nilfs2: fix use-after-free bug of nilfs_root in nilfs_evict_inode()\n\nDuring unmount process of nilfs2, nothing holds nilfs_root structure after\nnilfs2 detaches its writer in nilfs_detach_log_writer(). However, since\nnilfs_evict_inode() uses nilfs_root for some cleanup operations, it may\ncause use-after-free read if inodes are left in \"garbage_list\" and\nreleased by nilfs_dispose_list() at the end of nilfs_detach_log_writer().\n\nFix this issue by modifying nilfs_evict_inode() to only clear inode\nwithout additional metadata changes that use nilfs_root if the file system\nis degraded to read-only or the writer is detached.\n\nLink: https://lkml.kernel.org/r/20230509152956.8313-1-konishi.ryusuke@gmail.com\nSigned-off-by: Ryusuke Konishi \nReported-by: syzbot+78d4495558999f55d1da@syzkaller.appspotmail.com\nCloses: https://lkml.kernel.org/r/00000000000099e5ac05fb1c3b85@google.com\nTested-by: Ryusuke Konishi \nCc: \nSigned-off-by: Andrew Morton \nSigned-off-by: Ryusuke Konishi ","shortMessageHtmlLink":"nilfs2: fix use-after-free bug of nilfs_root in nilfs_evict_inode()"}},{"before":"0a4e138faa3665ce228cc423d6bc91948832a0ce","after":"97e4b17894e632c259dc1a4a27e0c5e42d407dea","ref":"refs/heads/master","pushedAt":"2023-05-07T04:32:35.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"konis","name":"Ryusuke Konishi","path":"/konis","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1105451?s=80&v=4"},"commit":{"message":"nilfs2-kmod8 v1.8 release\n\nSigned-off-by: Ryusuke Konishi ","shortMessageHtmlLink":"nilfs2-kmod8 v1.8 release"}},{"before":"3dcd87db954b709c68d41ce147d9d7025a1bcf21","after":"0a4e138faa3665ce228cc423d6bc91948832a0ce","ref":"refs/heads/master","pushedAt":"2023-05-07T04:22:18.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"konis","name":"Ryusuke Konishi","path":"/konis","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1105451?s=80&v=4"},"commit":{"message":"nilfs2: do not write dirty data after degenerating to read-only\n\nAccording to syzbot's report, mark_buffer_dirty() called from\nnilfs_segctor_do_construct() outputs a warning with some patterns after\nnilfs2 detects metadata corruption and degrades to read-only mode.\n\nAfter such read-only degeneration, page cache data may be cleared through\nnilfs_clear_dirty_page() which may also clear the uptodate flag for their\nbuffer heads. However, even after the degeneration, log writes are still\nperformed by unmount processing etc., which causes mark_buffer_dirty() to\nbe called for buffer heads without the \"uptodate\" flag and causes the\nwarning.\n\nSince any writes should not be done to a read-only file system in the\nfirst place, this fixes the warning in mark_buffer_dirty() by letting\nnilfs_segctor_do_construct() abort early if in read-only mode.\n\nThis also changes the retry check of nilfs_segctor_write_out() to avoid\nunnecessary log write retries if it detects -EROFS that\nnilfs_segctor_do_construct() returned.\n\nLink: https://lkml.kernel.org/r/20230427011526.13457-1-konishi.ryusuke@gmail.com\nSigned-off-by: Ryusuke Konishi \nTested-by: Ryusuke Konishi \nReported-by: syzbot+2af3bc9585be7f23f290@syzkaller.appspotmail.com\n Link: https://syzkaller.appspot.com/bug?extid=2af3bc9585be7f23f290\nCc: \nSigned-off-by: Andrew Morton \nSigned-off-by: Ryusuke Konishi ","shortMessageHtmlLink":"nilfs2: do not write dirty data after degenerating to read-only"}},{"before":"54d216ace443944a9a30e5ed627e895bfee666ab","after":"3dcd87db954b709c68d41ce147d9d7025a1bcf21","ref":"refs/heads/master","pushedAt":"2023-04-23T10:40:02.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"konis","name":"Ryusuke Konishi","path":"/konis","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/1105451?s=80&v=4"},"commit":{"message":"nilfs2-kmod8 v1.7 release\n\nSigned-off-by: Ryusuke Konishi ","shortMessageHtmlLink":"nilfs2-kmod8 v1.7 release"}}],"hasNextPage":true,"hasPreviousPage":false,"activityType":"all","actor":null,"timePeriod":"all","sort":"DESC","perPage":30,"startCursor":"Y3Vyc29yOnYyOpK7MjAyNC0wOS0yMlQxNjoyNDoxMi4wMDAwMDBazwAAAAS9Q1zM","endCursor":"Y3Vyc29yOnYyOpK7MjAyMy0wNC0yM1QxMDo0MDowMi4wMDAwMDBazwAAAAMeaZIF"}},"title":"Activity · nilfs-dev/nilfs2-kmod8"}