From: Jaegeuk Kim Date: Wed, 15 Oct 2014 17:24:34 +0000 (-0700) Subject: f2fs: fix race conditon on truncation with inline_data X-Git-Tag: firefly_0821_release~176^2~2738^2~84 X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=1ce86bf6f882381013e12b16bbb3921608c0f238;p=firefly-linux-kernel-4.4.55.git f2fs: fix race conditon on truncation with inline_data Let's consider the following scenario. blkaddr[0] inline_data i_size i_blocks writepage truncate NEW X 4096 2 dirty page #0 NEW X 0 change i_size NEW X 0 2 f2fs_write_inline_data NEW X 0 2 get_dnode_of_data NEW X 0 2 truncate_data_blocks_range NULL O 0 1 memcpy(inline_data) NULL O 0 1 f2fs_put_dnode NULL O 0 1 f2fs_truncate NULL O 0 1 get_dnode_of_data NULL O 0 1 *invalid block addr* This patch adds checking inline_data flag during f2fs_truncate not to refer corrupted block indices. Signed-off-by: Jaegeuk Kim --- diff --git a/fs/f2fs/file.c b/fs/f2fs/file.c index 8e68bb64f835..543d8c630345 100644 --- a/fs/f2fs/file.c +++ b/fs/f2fs/file.c @@ -473,6 +473,12 @@ int truncate_blocks(struct inode *inode, u64 from, bool lock) return err; } + /* writepage can convert inline_data under get_donde_of_data */ + if (f2fs_has_inline_data(inode)) { + f2fs_put_dnode(&dn); + goto done; + } + count = ADDRS_PER_PAGE(dn.node_page, F2FS_I(inode)); count -= dn.ofs_in_node;