From: Miklos Szeredi Date: Wed, 30 Apr 2008 07:54:45 +0000 (-0700) Subject: fuse: fix race in llseek X-Git-Tag: firefly_0821_release~20619 X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=5559b8f4d1f630b8614b6c8e13b8bf6c9c45d7d7;p=firefly-linux-kernel-4.4.55.git fuse: fix race in llseek Fuse doesn't use i_mutex to protect setting i_size, and so generic_file_llseek() can be racy: it doesn't use i_size_read(). So do a fuse specific llseek method, which does use i_size_read(). [akpm@linux-foundation.org: make `retval' loff_t] Signed-off-by: Miklos Szeredi Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- diff --git a/fs/fuse/file.c b/fs/fuse/file.c index 2d3649e42599..9ced35b00686 100644 --- a/fs/fuse/file.c +++ b/fs/fuse/file.c @@ -1431,8 +1431,33 @@ static sector_t fuse_bmap(struct address_space *mapping, sector_t block) return err ? 0 : outarg.block; } +static loff_t fuse_file_llseek(struct file *file, loff_t offset, int origin) +{ + loff_t retval; + struct inode *inode = file->f_path.dentry->d_inode; + + mutex_lock(&inode->i_mutex); + switch (origin) { + case SEEK_END: + offset += i_size_read(inode); + break; + case SEEK_CUR: + offset += file->f_pos; + } + retval = -EINVAL; + if (offset >= 0 && offset <= inode->i_sb->s_maxbytes) { + if (offset != file->f_pos) { + file->f_pos = offset; + file->f_version = 0; + } + retval = offset; + } + mutex_unlock(&inode->i_mutex); + return retval; +} + static const struct file_operations fuse_file_operations = { - .llseek = generic_file_llseek, + .llseek = fuse_file_llseek, .read = do_sync_read, .aio_read = fuse_file_aio_read, .write = do_sync_write, @@ -1448,7 +1473,7 @@ static const struct file_operations fuse_file_operations = { }; static const struct file_operations fuse_direct_io_file_operations = { - .llseek = generic_file_llseek, + .llseek = fuse_file_llseek, .read = fuse_direct_read, .write = fuse_direct_write, .open = fuse_open,