VFS: fix a race in lease-breaking during truncate
It is possible that another process could acquire a new file lease right after break_lease() is called during a truncate, but before lease-granting is disabled by the subsequent get_write_access(). Merely switching the order of the break_lease() and get_write_access() calls prevents this race. Signed-off-by: David M. Richter <richterd@citi.umich.edu> Signed-off-by: "J. Bruce Fields" <bfields@citi.umich.edu> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
This commit is contained in:
parent
937472b00b
commit
9700382c3c
18
fs/open.c
18
fs/open.c
|
@ -256,24 +256,26 @@ static long do_sys_truncate(const char __user * path, loff_t length)
|
|||
if (IS_IMMUTABLE(inode) || IS_APPEND(inode))
|
||||
goto dput_and_out;
|
||||
|
||||
/*
|
||||
* Make sure that there are no leases.
|
||||
*/
|
||||
error = break_lease(inode, FMODE_WRITE);
|
||||
if (error)
|
||||
goto dput_and_out;
|
||||
|
||||
error = get_write_access(inode);
|
||||
if (error)
|
||||
goto dput_and_out;
|
||||
|
||||
/*
|
||||
* Make sure that there are no leases. get_write_access() protects
|
||||
* against the truncate racing with a lease-granting setlease().
|
||||
*/
|
||||
error = break_lease(inode, FMODE_WRITE);
|
||||
if (error)
|
||||
goto put_write_and_out;
|
||||
|
||||
error = locks_verify_truncate(inode, NULL, length);
|
||||
if (!error) {
|
||||
DQUOT_INIT(inode);
|
||||
error = do_truncate(nd.dentry, length, 0, NULL);
|
||||
}
|
||||
put_write_access(inode);
|
||||
|
||||
put_write_and_out:
|
||||
put_write_access(inode);
|
||||
dput_and_out:
|
||||
path_release(&nd);
|
||||
out:
|
||||
|
|
Loading…
Reference in New Issue