diff options
| author | Filipe Manana <fdmanana@suse.com> | 2024-11-06 11:26:07 +0000 |
|---|---|---|
| committer | David Sterba <dsterba@suse.com> | 2024-11-11 14:34:23 +0100 |
| commit | e82c936293aafb4f33b153c684c37291b3eed377 (patch) | |
| tree | 28cd75943c5dbf781ef5728eb69109bbb0dea4fc /fs/btrfs | |
| parent | dc058f5fda091abcdccc2487b48dbbc1cdde98d0 (diff) | |
| download | linux-stable-e82c936293aafb4f33b153c684c37291b3eed377.tar.gz linux-stable-e82c936293aafb4f33b153c684c37291b3eed377.tar.bz2 linux-stable-e82c936293aafb4f33b153c684c37291b3eed377.zip | |
btrfs: send: check for read-only send root under critical section
We're checking if the send root is read-only without being under the
protection of the root's root_item_lock spinlock, which is what protects
the root's flags when clearing the read-only flag, done at
btrfs_ioctl_subvol_setflags(). Furthermore, it should be done in the
same critical section that increments the root's send_in_progress counter,
as btrfs_ioctl_subvol_setflags() clears the read-only flag in the same
critical section that checks the counter's value.
So fix this by moving the read-only check under the critical section
delimited by the root's root_item_lock which also increments the root's
send_in_progress counter.
Signed-off-by: Filipe Manana <fdmanana@suse.com>
Reviewed-by: David Sterba <dsterba@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
Diffstat (limited to 'fs/btrfs')
| -rw-r--r-- | fs/btrfs/send.c | 16 |
1 files changed, 6 insertions, 10 deletions
diff --git a/fs/btrfs/send.c b/fs/btrfs/send.c index 3fcc8113641d..7254279c3cc9 100644 --- a/fs/btrfs/send.c +++ b/fs/btrfs/send.c @@ -8133,7 +8133,12 @@ long btrfs_ioctl_send(struct btrfs_inode *inode, const struct btrfs_ioctl_send_a spin_unlock(&send_root->root_item_lock); return -EPERM; } - if (btrfs_root_readonly(send_root) && send_root->dedupe_in_progress) { + /* Userspace tools do the checks and warn the user if it's not RO. */ + if (!btrfs_root_readonly(send_root)) { + spin_unlock(&send_root->root_item_lock); + return -EPERM; + } + if (send_root->dedupe_in_progress) { dedupe_in_progress_warn(send_root); spin_unlock(&send_root->root_item_lock); return -EAGAIN; @@ -8142,15 +8147,6 @@ long btrfs_ioctl_send(struct btrfs_inode *inode, const struct btrfs_ioctl_send_a spin_unlock(&send_root->root_item_lock); /* - * Userspace tools do the checks and warn the user if it's - * not RO. - */ - if (!btrfs_root_readonly(send_root)) { - ret = -EPERM; - goto out; - } - - /* * Check that we don't overflow at later allocations, we request * clone_sources_count + 1 items, and compare to unsigned long inside * access_ok. Also set an upper limit for allocation size so this can't |