summaryrefslogtreecommitdiffstats
path: root/fs/xfs/xfs_file.c
diff options
context:
space:
mode:
authorLukas Czerner <lczerner@redhat.com>2014-04-12 09:56:41 -0400
committerTheodore Ts'o <tytso@mit.edu>2014-04-12 09:56:41 -0400
commit23fffa925ea2c9a2bcb1a4453e2c542635aa3545 (patch)
treeada18ccc75346035bea8c684344fa2da6eac9f5b /fs/xfs/xfs_file.c
parent8fc61d92630d1c96057a94c61e1643475045b25b (diff)
downloadlinux-stable-23fffa925ea2c9a2bcb1a4453e2c542635aa3545.tar.gz
linux-stable-23fffa925ea2c9a2bcb1a4453e2c542635aa3545.tar.bz2
linux-stable-23fffa925ea2c9a2bcb1a4453e2c542635aa3545.zip
fs: move falloc collapse range check into the filesystem methods
Currently in do_fallocate in collapse range case we're checking whether offset + len is not bigger than i_size. However there is nothing which would prevent i_size from changing so the check is pointless. It should be done in the file system itself and the file system needs to make sure that i_size is not going to change. The i_size check for the other fallocate modes are also done in the filesystems. As it is now we can easily crash the kernel by having two processes doing truncate and fallocate collapse range at the same time. This can be reproduced on ext4 and it is theoretically possible on xfs even though I was not able to trigger it with this simple test. This commit removes the check from do_fallocate and adds it to the file system. Signed-off-by: Lukas Czerner <lczerner@redhat.com> Signed-off-by: "Theodore Ts'o" <tytso@mit.edu> Acked-by: Dave Chinner <david@fromorbit.com> Reviewed-by: Christoph Hellwig <hch@lst.de>
Diffstat (limited to 'fs/xfs/xfs_file.c')
-rw-r--r--fs/xfs/xfs_file.c10
1 files changed, 9 insertions, 1 deletions
diff --git a/fs/xfs/xfs_file.c b/fs/xfs/xfs_file.c
index f7abff8c16ca..3cb528c4f27c 100644
--- a/fs/xfs/xfs_file.c
+++ b/fs/xfs/xfs_file.c
@@ -840,7 +840,15 @@ xfs_file_fallocate(
goto out_unlock;
}
- ASSERT(offset + len < i_size_read(inode));
+ /*
+ * There is no need to overlap collapse range with EOF,
+ * in which case it is effectively a truncate operation
+ */
+ if (offset + len >= i_size_read(inode)) {
+ error = -EINVAL;
+ goto out_unlock;
+ }
+
new_size = i_size_read(inode) - len;
error = xfs_collapse_file_space(ip, offset, len);