Commit 56ee254d authored by David Sterba's avatar David Sterba
Browse files

Revert "btrfs: compression: drop kmap/kunmap from zstd" 

This reverts commit bbaf9715.

The kmaps in compression code are still needed and cause crashes on
32bit machines (ARM, x86). Reproducible eg. by running fstest btrfs/004
with enabled LZO or ZSTD compression.

Example stacktrace with ZSTD on a 32bit ARM machine:

  Unable to handle kernel NULL pointer dereference at virtual address 00000000
  pgd = c4159ed3
  [00000000] *pgd=00000000
  Internal error: Oops: 5 [#1] PREEMPT SMP ARM
  Modules linked in:
  CPU: 0 PID: 210 Comm: kworker/u2:3 Not tainted 5.14.0-rc79+ #12
  Hardware name: Allwinner sun4i/sun5i Families
  Workqueue: btrfs-delalloc btrfs_work_helper
  PC is at mmiocpy+0x48/0x330
  LR is at ZSTD_compressStream_generic+0x15c/0x28c

  (mmiocpy) from [<c0629648>] (ZSTD_compressStream_generic+0x15c/0x28c)
  (ZSTD_compressStream_generic) from [<c06297dc>] (ZSTD_compressStream+0x64/0xa0)
  (ZSTD_compressStream) from [<c049444c>] (zstd_compress_pages+0x170/0x488)
  (zstd_compress_pages) from [<c0496798>] (btrfs_compress_pages+0x124/0x12c)
  (btrfs_compress_pages) from [<c043c068>] (compress_file_range+0x3c0/0x834)
  (compress_file_range) from [<c043c4ec>] (async_cow_start+0x10/0x28)
  (async_cow_start) from [<c0475c3c>] (btrfs_work_helper+0x100/0x230)
  (btrfs_work_helper) from [<c014ef68>] (process_one_work+0x1b4/0x418)
  (process_one_work) from [<c014f210>] (worker_thread+0x44/0x524)
  (worker_thread) from [<c0156aa4>] (kthread+0x180/0x1b0)
  (kthread) from [<c0100150>]

Link: https://lore.kernel.org/all/CAJCQCtT+OuemovPO7GZk8Y8=qtOObr0XTDp8jh4OHD6y84AFxw@mail.gmail.com/
Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=214839


Signed-off-by: default avatarDavid Sterba <dsterba@suse.com>
parent 3a60f653

fs/btrfs/zstd.c

+18 −9
Original line number Diff line number Diff line
@@ -399,7 +399,7 @@ int zstd_compress_pages(struct list_head *ws, struct address_space *mapping, 


	/* map in the first page of input data */

	in_page = find_get_page(mapping, start >> PAGE_SHIFT);

	workspace->in_buf.src = page_address(in_page);

	workspace->in_buf.src = kmap(in_page);

	workspace->in_buf.pos = 0;

	workspace->in_buf.size = min_t(size_t, len, PAGE_SIZE);
@@ -411,7 +411,7 @@ int zstd_compress_pages(struct list_head *ws, struct address_space *mapping, 
		goto out;

	}

	pages[nr_pages++] = out_page;

	workspace->out_buf.dst = page_address(out_page);

	workspace->out_buf.dst = kmap(out_page);

	workspace->out_buf.pos = 0;

	workspace->out_buf.size = min_t(size_t, max_out, PAGE_SIZE);
@@ -446,6 +446,7 @@ int zstd_compress_pages(struct list_head *ws, struct address_space *mapping, 
		if (workspace->out_buf.pos == workspace->out_buf.size) {

			tot_out += PAGE_SIZE;

			max_out -= PAGE_SIZE;

			kunmap(out_page);

			if (nr_pages == nr_dest_pages) {

				out_page = NULL;

				ret = -E2BIG;
@@ -457,7 +458,7 @@ int zstd_compress_pages(struct list_head *ws, struct address_space *mapping, 
				goto out;

			}

			pages[nr_pages++] = out_page;

			workspace->out_buf.dst = page_address(out_page);

			workspace->out_buf.dst = kmap(out_page);

			workspace->out_buf.pos = 0;

			workspace->out_buf.size = min_t(size_t, max_out,

							PAGE_SIZE);
@@ -472,12 +473,13 @@ int zstd_compress_pages(struct list_head *ws, struct address_space *mapping, 
		/* Check if we need more input */

		if (workspace->in_buf.pos == workspace->in_buf.size) {

			tot_in += PAGE_SIZE;

			kunmap(in_page);

			put_page(in_page);



			start += PAGE_SIZE;

			len -= PAGE_SIZE;

			in_page = find_get_page(mapping, start >> PAGE_SHIFT);

			workspace->in_buf.src = page_address(in_page);

			workspace->in_buf.src = kmap(in_page);

			workspace->in_buf.pos = 0;

			workspace->in_buf.size = min_t(size_t, len, PAGE_SIZE);

		}
@@ -504,6 +506,7 @@ int zstd_compress_pages(struct list_head *ws, struct address_space *mapping, 


		tot_out += PAGE_SIZE;

		max_out -= PAGE_SIZE;

		kunmap(out_page);

		if (nr_pages == nr_dest_pages) {

			out_page = NULL;

			ret = -E2BIG;
@@ -515,7 +518,7 @@ int zstd_compress_pages(struct list_head *ws, struct address_space *mapping, 
			goto out;

		}

		pages[nr_pages++] = out_page;

		workspace->out_buf.dst = page_address(out_page);

		workspace->out_buf.dst = kmap(out_page);

		workspace->out_buf.pos = 0;

		workspace->out_buf.size = min_t(size_t, max_out, PAGE_SIZE);

	}
@@ -531,8 +534,12 @@ int zstd_compress_pages(struct list_head *ws, struct address_space *mapping, 
out:

	*out_pages = nr_pages;

	/* Cleanup */

	if (in_page)

	if (in_page) {

		kunmap(in_page);

		put_page(in_page);

	}

	if (out_page)

		kunmap(out_page);

	return ret;

}
@@ -556,7 +563,7 @@ int zstd_decompress_bio(struct list_head *ws, struct compressed_bio *cb) 
		goto done;

	}



	workspace->in_buf.src = page_address(pages_in[page_in_index]);

	workspace->in_buf.src = kmap(pages_in[page_in_index]);

	workspace->in_buf.pos = 0;

	workspace->in_buf.size = min_t(size_t, srclen, PAGE_SIZE);
@@ -592,14 +599,14 @@ int zstd_decompress_bio(struct list_head *ws, struct compressed_bio *cb) 
			break;



		if (workspace->in_buf.pos == workspace->in_buf.size) {

			page_in_index++;

			kunmap(pages_in[page_in_index++]);

			if (page_in_index >= total_pages_in) {

				workspace->in_buf.src = NULL;

				ret = -EIO;

				goto done;

			}

			srclen -= PAGE_SIZE;

			workspace->in_buf.src = page_address(pages_in[page_in_index]);

			workspace->in_buf.src = kmap(pages_in[page_in_index]);

			workspace->in_buf.pos = 0;

			workspace->in_buf.size = min_t(size_t, srclen, PAGE_SIZE);

		}
@@ -607,6 +614,8 @@ int zstd_decompress_bio(struct list_head *ws, struct compressed_bio *cb) 
	ret = 0;

	zero_fill_bio(cb->orig_bio);

done:

	if (workspace->in_buf.src)

		kunmap(pages_in[page_in_index]);

	return ret;

}