Google Git
Sign in
kernel / pub / scm / linux / kernel / git / chao / linux.git / refs/heads/dev
commit3f75783c1f20e52b81471b577266d8eee74786e5[log] [tgz]
authorChao Yu <chao@kernel.org>Mon Apr 12 16:15:12 2021 +0800
committerChao Yu <chao@kernel.org>Tue Mar 29 13:10:35 2022 +0800
treed9825ab32be4e314031021c50f665acdeb5eefd6
parentf96877a2dec6a9577ceecf26e27897182013a996 [diff]
f2fs: fix to keep isolation of atomic write

As Yi Chen reported, there is a potential race case described as below:

Thread A			Thread B
- f2fs_ioc_start_atomic_write
				- mkwrite
				 - set_page_dirty
				  - f2fs_set_page_private(page, 0)
 - set_inode_flag(FI_ATOMIC_FILE)
				- mkwrite same page
				 - set_page_dirty
				  - f2fs_register_inmem_page
				   - f2fs_set_page_private(ATOMIC_WRITTEN_PAGE)
				     failed due to PagePrivate flag has been set
				   - list_add_tail
				- truncate_inode_pages
				 - f2fs_invalidate_page
				  - clear page private but w/o remove it from
				    inmem_list
				 - set page->mapping to NULL
- f2fs_ioc_commit_atomic_write
 - __f2fs_commit_inmem_pages
   - __revoke_inmem_pages
    - f2fs_put_page panic as page->mapping is NULL

The root cause is we missed to keep isolation of atomic write in the case
of start_atomic_write vs mkwrite, let start_atomic_write helds i_mmap_sem
lock to avoid this issue.

Reported-by: Yi Chen <chenyi77@huawei.com>
Signed-off-by: Chao Yu <chao@kernel.org>
2 files changed
tree: d9825ab32be4e314031021c50f665acdeb5eefd6
  1. arch/
  2. block/
  3. certs/
  4. crypto/
  5. Documentation/
  6. drivers/
  7. fs/
  8. include/
  9. init/
  10. ipc/
  11. kernel/
  12. lib/
  13. LICENSES/
  14. mm/
  15. net/
  16. samples/
  17. scripts/
  18. security/
  19. sound/
  20. tools/
  21. usr/
  22. virt/
  23. .clang-format
  24. .cocciconfig
  25. .get_maintainer.ignore
  26. .gitattributes
  27. .gitignore
  28. .mailmap
  29. COPYING
  30. CREDITS
  31. Kbuild
  32. Kconfig
  33. MAINTAINERS
  34. Makefile
  35. README