Btrfs: read inode size after acquiring the mutex when punching a hole

commit a1a50f60a6bf4f861eb94793420274bc1ccd409a upstream. In a previous change, commit 12870f1c9b2de7d475d22e73fd7db1b418599725, I accidentally moved the roundup of inode->i_size to outside of the critical section delimited by the inode mutex, which is not atomic and not correct since the size can be changed by other task before we acquire the mutex. Therefore fix it. Signed-off-by: Filipe David Borba Manana <fdmanana@gmail.com> Signed-off-by: Chris Mason <clm@fb.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

Btrfs: read inode size after acquiring the mutex when punching a hole
commit a1a50f60a6bf4f861eb94793420274bc1ccd409a upstream. In a previous change, commit 12870f1c9b2de7d475d22e73fd7db1b418599725, I accidentally moved the roundup of inode->i_size to outside of the critical section delimited by the inode mutex, which is not atomic and not correct since the size can be changed by other task before we acquire the mutex. Therefore fix it. Signed-off-by: Filipe David Borba Manana <fdmanana@gmail.com> Signed-off-by: Chris Mason <clm@fb.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Filipe Manana · Greg Kroah-Hartman
1 parent bddf0faccf
Showing 1 changed file with 2 additions and 1 deletions Side-by-side Diff
fs/btrfs/file.c
@@ -2200,13 +2200,14 @@
 	bool same_page = ((offset >> PAGE_CACHE_SHIFT) ==
 			  ((offset + len - 1) >> PAGE_CACHE_SHIFT));
 	bool no_holes = btrfs_fs_incompat(root->fs_info, NO_HOLES);
-	u64 ino_size = round_up(inode->i_size, PAGE_CACHE_SIZE);
+	u64 ino_size;
  
 	ret = btrfs_wait_ordered_range(inode, offset, len);
 	if (ret)
 		return ret;
  
 	mutex_lock(&inode->i_mutex);
+	ino_size = round_up(inode->i_size, PAGE_CACHE_SIZE);
 	/*
 	 * We needn't truncate any page which is beyond the end of the file
 	 * because we are sure there is no data there.
...	...	@@ -2200,13 +2200,14 @@
2200	2200	bool same_page = ((offset >> PAGE_CACHE_SHIFT) ==
2201	2201	((offset + len - 1) >> PAGE_CACHE_SHIFT));
2202	2202	bool no_holes = btrfs_fs_incompat(root->fs_info, NO_HOLES);
2203		- u64 ino_size = round_up(inode->i_size, PAGE_CACHE_SIZE);
	2203	+ u64 ino_size;
2204	2204
2205	2205	ret = btrfs_wait_ordered_range(inode, offset, len);
2206	2206	if (ret)
2207	2207	return ret;
2208	2208
2209	2209	mutex_lock(&inode->i_mutex);
	2210	+ ino_size = round_up(inode->i_size, PAGE_CACHE_SIZE);
2210	2211	/*
2211	2212	* We needn't truncate any page which is beyond the end of the file
2212	2213	* because we are sure there is no data there.