diff options
author | Jaegeuk Kim <jaegeuk@kernel.org> | 2014-10-15 10:24:34 -0700 |
---|---|---|
committer | Jaegeuk Kim <jaegeuk@kernel.org> | 2014-11-03 16:07:29 -0800 |
commit | 1ce86bf6f882381013e12b16bbb3921608c0f238 (patch) | |
tree | f0549d36787483b38b161879e24e26d098c790dc | |
parent | c08a690b46919e6b531c1a2bb74389323e5f5b1c (diff) |
f2fs: fix race conditon on truncation with inline_data
Let's consider the following scenario.
blkaddr[0] inline_data i_size i_blocks writepage truncate
NEW X 4096 2 dirty page #0
NEW X 0 change i_size
NEW X 0 2 f2fs_write_inline_data
NEW X 0 2 get_dnode_of_data
NEW X 0 2 truncate_data_blocks_range
NULL O 0 1 memcpy(inline_data)
NULL O 0 1 f2fs_put_dnode
NULL O 0 1 f2fs_truncate
NULL O 0 1 get_dnode_of_data
NULL O 0 1 *invalid block addr*
This patch adds checking inline_data flag during f2fs_truncate not to refer
corrupted block indices.
Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
-rw-r--r-- | fs/f2fs/file.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/fs/f2fs/file.c b/fs/f2fs/file.c index 8e68bb64f835..543d8c630345 100644 --- a/fs/f2fs/file.c +++ b/fs/f2fs/file.c @@ -473,6 +473,12 @@ int truncate_blocks(struct inode *inode, u64 from, bool lock) return err; } + /* writepage can convert inline_data under get_donde_of_data */ + if (f2fs_has_inline_data(inode)) { + f2fs_put_dnode(&dn); + goto done; + } + count = ADDRS_PER_PAGE(dn.node_page, F2FS_I(inode)); count -= dn.ofs_in_node; |