| From 78530bf7f2559b317c04991b52217c1608d5a58d Mon Sep 17 00:00:00 2001 |
| From: Artem Bityutskiy <Artem.Bityutskiy@nokia.com> |
| Date: Wed, 13 Apr 2011 10:31:52 +0300 |
| Subject: UBIFS: fix oops when R/O file-system is fsync'ed |
| |
| From: Artem Bityutskiy <Artem.Bityutskiy@nokia.com> |
| |
| commit 78530bf7f2559b317c04991b52217c1608d5a58d upstream. |
| |
| This patch fixes severe UBIFS bug: UBIFS oopses when we 'fsync()' an |
| file on R/O-mounter file-system. We (the UBIFS authors) incorrectly |
| thought that VFS would not propagate 'fsync()' down to the file-system |
| if it is read-only, but this is not the case. |
| |
| It is easy to exploit this bug using the following simple perl script: |
| |
| use strict; |
| use File::Sync qw(fsync sync); |
| |
| die "File path is not specified" if not defined $ARGV[0]; |
| my $path = $ARGV[0]; |
| |
| open FILE, "<", "$path" or die "Cannot open $path: $!"; |
| fsync(\*FILE) or die "cannot fsync $path: $!"; |
| close FILE or die "Cannot close $path: $!"; |
| |
| Thanks to Reuben Dowle <Reuben.Dowle@navico.com> for reporting about this |
| issue. |
| |
| Signed-off-by: Artem Bityutskiy <Artem.Bityutskiy@nokia.com> |
| Reported-by: Reuben Dowle <Reuben.Dowle@navico.com> |
| Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de> |
| |
| --- |
| fs/ubifs/file.c | 3 +++ |
| 1 file changed, 3 insertions(+) |
| |
| --- a/fs/ubifs/file.c |
| +++ b/fs/ubifs/file.c |
| @@ -1311,6 +1311,9 @@ int ubifs_fsync(struct file *file, struc |
| |
| dbg_gen("syncing inode %lu", inode->i_ino); |
| |
| + if (inode->i_sb->s_flags & MS_RDONLY) |
| + return 0; |
| + |
| /* |
| * VFS has already synchronized dirty pages for this inode. Synchronize |
| * the inode unless this is a 'datasync()' call. |
