diff options
author | Zhihao Cheng <chengzhihao1@huawei.com> | 2021-05-31 14:52:09 +0200 |
---|---|---|
committer | Richard Weinberger <richard@nod.at> | 2021-06-18 22:04:47 +0200 |
commit | f4e3634a3b642225a530c292fdb1e8a4007507f5 (patch) | |
tree | 3aeb9658f4ab13f138415ee881d66af842cfec32 /fs/ubifs/ubifs.h | |
parent | ubifs: fix snprintf() checking (diff) | |
download | linux-f4e3634a3b642225a530c292fdb1e8a4007507f5.tar.xz linux-f4e3634a3b642225a530c292fdb1e8a4007507f5.zip |
ubifs: Fix races between xattr_{set|get} and listxattr operations
UBIFS may occur some problems with concurrent xattr_{set|get} and
listxattr operations, such as assertion failure, memory corruption,
stale xattr value[1].
Fix it by importing a new rw-lock in @ubifs_inode to serilize write
operations on xattr, concurrent read operations are still effective,
just like ext4.
[1] https://lore.kernel.org/linux-mtd/20200630130438.141649-1-houtao1@huawei.com
Fixes: 1e51764a3c2ac05a23 ("UBIFS: add new flash file system")
Cc: stable@vger.kernel.org # v2.6+
Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
Reviewed-by: Sascha Hauer <s.hauer@pengutronix.de>
Signed-off-by: Richard Weinberger <richard@nod.at>
Diffstat (limited to 'fs/ubifs/ubifs.h')
-rw-r--r-- | fs/ubifs/ubifs.h | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/fs/ubifs/ubifs.h b/fs/ubifs/ubifs.h index b65c599a386a..7e978f421430 100644 --- a/fs/ubifs/ubifs.h +++ b/fs/ubifs/ubifs.h @@ -356,6 +356,7 @@ struct ubifs_gced_idx_leb { * @ui_mutex: serializes inode write-back with the rest of VFS operations, * serializes "clean <-> dirty" state changes, serializes bulk-read, * protects @dirty, @bulk_read, @ui_size, and @xattr_size + * @xattr_sem: serilizes write operations (remove|set|create) on xattr * @ui_lock: protects @synced_i_size * @synced_i_size: synchronized size of inode, i.e. the value of inode size * currently stored on the flash; used only for regular file @@ -409,6 +410,7 @@ struct ubifs_inode { unsigned int bulk_read:1; unsigned int compr_type:2; struct mutex ui_mutex; + struct rw_semaphore xattr_sem; spinlock_t ui_lock; loff_t synced_i_size; loff_t ui_size; |