udf: Fix race between write(2) and close(2)
Currently write(2) updating i_size and close(2) of the file can race in such a way that udf_truncate_tail_extent() called from udf_file_release() sees old i_size but already new extents added by the running write call. This results in complaints like: UDF-fs: warning (device vdb2): udf_truncate_tail_extent: Too long extent after EOF in inode 877: i_size: 0 lbcount: 1073739776 extent 0+1073739776 UDF-fs: error (device vdb2): udf_truncate_tail_extent: Extent after EOF in inode 877 Fix the problem by grabbing i_mutex in udf_file_release() to be sure i_size is consistent with current state of extent list. Also avoid truncating tail extent unnecessarily when the file is still open for writing. Signed-off-by: Jan Kara <jack@suse.cz>
This commit is contained in:
parent
0b93a92be4
commit
6fb1ca92a6
1 changed files with 8 additions and 1 deletions
|
@ -223,11 +223,18 @@ long udf_ioctl(struct file *filp, unsigned int cmd, unsigned long arg)
|
|||
|
||||
static int udf_release_file(struct inode *inode, struct file *filp)
|
||||
{
|
||||
if (filp->f_mode & FMODE_WRITE) {
|
||||
if (filp->f_mode & FMODE_WRITE &&
|
||||
atomic_read(&inode->i_writecount) > 1) {
|
||||
/*
|
||||
* Grab i_mutex to avoid races with writes changing i_size
|
||||
* while we are running.
|
||||
*/
|
||||
mutex_lock(&inode->i_mutex);
|
||||
down_write(&UDF_I(inode)->i_data_sem);
|
||||
udf_discard_prealloc(inode);
|
||||
udf_truncate_tail_extent(inode);
|
||||
up_write(&UDF_I(inode)->i_data_sem);
|
||||
mutex_unlock(&inode->i_mutex);
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue