f2fs: fix race conditon on truncation with inline_data

Let's consider the following scenario. blkaddr[0] inline_data i_size i_blocks writepage truncate NEW X 4096 2 dirty page #0 NEW X 0 change i_size NEW X 0 2 f2fs_write_inline_data NEW X 0 2 get_dnode_of_data NEW X 0 2 truncate_data_blocks_range NULL O 0 1 memcpy(inline_data) NULL O 0 1 f2fs_put_dnode NULL O 0 1 f2fs_truncate NULL O 0 1 get_dnode_of_data NULL O 0 1 *invalid block addr* This patch adds checking inline_data flag during f2fs_truncate not to refer corrupted block indices. Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
author: Jaegeuk Kim <jaegeuk@kernel.org> 2014-10-15 17:24:34 (GMT)
committer: Jaegeuk Kim <jaegeuk@kernel.org> 2014-11-04 00:07:29 (GMT)
commit: 1ce86bf6f882381013e12b16bbb3921608c0f238 (patch)
tree: f0549d36787483b38b161879e24e26d098c790dc /fs/f2fs/file.c
parent: c08a690b46919e6b531c1a2bb74389323e5f5b1c (diff)
download: linux-1ce86bf6f882381013e12b16bbb3921608c0f238.tar.xz
1 files changed, 6 insertions, 0 deletions
diff --git a/fs/f2fs/file.c b/fs/f2fs/file.c
index 8e68bb6..543d8c6 100644
--- a/fs/f2fs/file.c
+++ b/fs/f2fs/file.c
@@ -473,6 +473,12 @@ int truncate_blocks(struct inode *inode, u64 from, bool lock)
 		return err;
 	}
 
+	/* writepage can convert inline_data under get_donde_of_data */
+	if (f2fs_has_inline_data(inode)) {
+		f2fs_put_dnode(&dn);
+		goto done;
+	}
+
 	count = ADDRS_PER_PAGE(dn.node_page, F2FS_I(inode));
 
 	count -= dn.ofs_in_node;
author	Jaegeuk Kim <jaegeuk@kernel.org>	2014-10-15 17:24:34 (GMT)
committer	Jaegeuk Kim <jaegeuk@kernel.org>	2014-11-04 00:07:29 (GMT)
commit	1ce86bf6f882381013e12b16bbb3921608c0f238 (patch)
tree	f0549d36787483b38b161879e24e26d098c790dc /fs/f2fs/file.c
parent	c08a690b46919e6b531c1a2bb74389323e5f5b1c (diff)
download	linux-1ce86bf6f882381013e12b16bbb3921608c0f238.tar.xz