xfs: truncate should remove all blocks, not just to the end of the page cache

xfs_itruncate_extents_flags() is supposed to unmap every block in a file
from EOF onwards.  Oddly, it uses s_maxbytes as the upper limit to the
bunmapi range, even though s_maxbytes reflects the highest offset the
pagecache can support, not the highest offset that XFS supports.

The result of this confusion is that if you create a 20T file on a
64-bit machine, mount the filesystem on a 32-bit machine, and remove the
file, we leak everything above 16T.  Fix this by capping the bunmapi
request at the maximum possible block offset, not s_maxbytes.

Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com>
Reviewed-by: Christoph Hellwig <hch@lst.de>

diff --git a/fs/xfs/xfs_inode.c b/fs/xfs/xfs_inode.c
index 401da197f0128b6ca3ff6c89fb63767001092185..1309f25c0d2bd259422ff8ece5e27d7d10b7cf00 100644 (file)
--- a/fs/xfs/xfs_inode.c
+++ b/fs/xfs/xfs_inode.c
@@ -1518,7 +1518,6 @@ xfs_itruncate_extents_flags(
        struct xfs_mount        *mp = ip->i_mount;
        struct xfs_trans        *tp = *tpp;
        xfs_fileoff_t           first_unmap_block;
-       xfs_fileoff_t           last_block;
        xfs_filblks_t           unmap_len;
        int                     error = 0;
        int                     done = 0;
@@ -1541,21 +1540,22 @@ xfs_itruncate_extents_flags(
         * the end of the file (in a crash where the space is allocated
         * but the inode size is not yet updated), simply remove any
         * blocks which show up between the new EOF and the maximum
-        * possible file size.  If the first block to be removed is
-        * beyond the maximum file size (ie it is the same as last_block),
-        * then there is nothing to do.
+        * possible file size.
+        *
+        * We have to free all the blocks to the bmbt maximum offset, even if
+        * the page cache can't scale that far.
         */
        first_unmap_block = XFS_B_TO_FSB(mp, (xfs_ufsize_t)new_size);
-       last_block = XFS_B_TO_FSB(mp, mp->m_super->s_maxbytes);
-       if (first_unmap_block == last_block)
+       if (first_unmap_block >= XFS_MAX_FILEOFF) {
+               WARN_ON_ONCE(first_unmap_block > XFS_MAX_FILEOFF);
                return 0;
+       }
 
-       ASSERT(first_unmap_block < last_block);
-       unmap_len = last_block - first_unmap_block + 1;
-       while (!done) {
+       unmap_len = XFS_MAX_FILEOFF - first_unmap_block + 1;
+       while (unmap_len > 0) {
                ASSERT(tp->t_firstblock == NULLFSBLOCK);
-               error = xfs_bunmapi(tp, ip, first_unmap_block, unmap_len, flags,
-                                   XFS_ITRUNC_MAX_EXTENTS, &done);
+               error = __xfs_bunmapi(tp, ip, first_unmap_block, &unmap_len,
+                               flags, XFS_ITRUNC_MAX_EXTENTS);
                if (error)
                        goto out;
 
@@ -1575,7 +1575,7 @@ xfs_itruncate_extents_flags(
        if (whichfork == XFS_DATA_FORK) {
                /* Remove all pending CoW reservations. */
                error = xfs_reflink_cancel_cow_blocks(ip, &tp,
-                               first_unmap_block, last_block, true);
+                               first_unmap_block, XFS_MAX_FILEOFF, true);
                if (error)
                        goto out;