diff options
author | Amir Goldstein <amir73il@gmail.com> | 2018-09-18 15:34:32 +0200 |
---|---|---|
committer | Miklos Szeredi <mszeredi@redhat.com> | 2018-09-24 10:54:01 +0200 |
commit | 898cc19d8af2d6a80a9f2804b0db2e83c5dd8863 (patch) | |
tree | 771188a58c4632b7615c4bffdffa942b4ed82b22 /fs | |
parent | ovl: fix memory leak on unlink of indexed file (diff) | |
download | linux-898cc19d8af2d6a80a9f2804b0db2e83c5dd8863.tar.xz linux-898cc19d8af2d6a80a9f2804b0db2e83c5dd8863.zip |
ovl: fix freeze protection bypass in ovl_write_iter()
Tested by re-writing to an open overlayfs file while upper ext4 is frozen:
xfs_io -f /ovl/x
xfs_io> pwrite 0 4096
fsfreeze -f /ext4
xfs_io> pwrite 0 4096
WARNING: CPU: 0 PID: 1492 at fs/ext4/ext4_jbd2.c:53 \
ext4_journal_check_start+0x48/0x82
After the fix, the second write blocks in ovl_write_iter() and avoids
hitting WARN_ON(sb->s_writers.frozen == SB_FREEZE_COMPLETE) in
ext4_journal_check_start().
Fixes: 2a92e07edc5e ("ovl: add ovl_write_iter()")
Signed-off-by: Amir Goldstein <amir73il@gmail.com>
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Diffstat (limited to 'fs')
-rw-r--r-- | fs/overlayfs/file.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/fs/overlayfs/file.c b/fs/overlayfs/file.c index aeaefd2a551b..986313da0c88 100644 --- a/fs/overlayfs/file.c +++ b/fs/overlayfs/file.c @@ -240,8 +240,10 @@ static ssize_t ovl_write_iter(struct kiocb *iocb, struct iov_iter *iter) goto out_unlock; old_cred = ovl_override_creds(file_inode(file)->i_sb); + file_start_write(real.file); ret = vfs_iter_write(real.file, iter, &iocb->ki_pos, ovl_iocb_to_rwf(iocb)); + file_end_write(real.file); revert_creds(old_cred); /* Update size */ |