diff options
| author | Jan Kara <jack@suse.cz> | 2016-02-19 00:33:21 -0500 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2018-04-24 09:32:10 +0200 |
| commit | b9b98c26705b8d5fba8f15faeb923b1c6f48d223 (patch) | |
| tree | 0804a1601ac2ce77b087ee3d253b70d277b1a652 /mm/madvise.c | |
| parent | ba250be92484186b63ad52b7f9bcb66662e7ff2d (diff) | |
ext4: fix crashes in dioread_nolock mode
commit 74dae4278546b897eb81784fdfcce872ddd8b2b8 upstream.
Competing overwrite DIO in dioread_nolock mode will just overwrite
pointer to io_end in the inode. This may result in data corruption or
extent conversion happening from IO completion interrupt because we
don't properly set buffer_defer_completion() when unlocked DIO races
with locked DIO to unwritten extent.
Since unlocked DIO doesn't need io_end for anything, just avoid
allocating it and corrupting pointer from inode for locked DIO.
A cleaner fix would be to avoid these games with io_end pointer from the
inode but that requires more intrusive changes so we leave that for
later.
Cc: stable@vger.kernel.org
Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Nathan Chancellor <natechancellor@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'mm/madvise.c')
0 files changed, 0 insertions, 0 deletions