git.proxmox.com Git - mirror_ubuntu-artful-kernel.git/commit

author	Omar Sandoval <osandov@fb.com>
	Sun, 17 Sep 2017 21:06:17 +0000 (14:06 -0700)
committer	Seth Forshee <seth.forshee@canonical.com>
	Wed, 20 Sep 2017 12:31:58 +0000 (07:31 -0500)
commit	1d1ce4b472e6718e00982b237ec69927a61c059c
tree	d8b72ed10bfe04d2dcdb51725806306562b3d01e	tree
parent	90ca6b5db21d75cb2faff804538581f2e681cae0	commit \| diff

xfs: check for race with xfs_reclaim_inode() in xfs_ifree_cluster()

BugLink: http://bugs.launchpad.net/bugs/1718412
commit f2e9ad212def50bcf4c098c6288779dd97fff0f0 upstream.

After xfs_ifree_cluster() finds an inode in the radix tree and verifies
that the inode number is what it expected, xfs_reclaim_inode() can swoop
in and free it. xfs_ifree_cluster() will then happily continue working
on the freed inode. Most importantly, it will mark the inode stale,
which will probably be overwritten when the inode slab object is
reallocated, but if it has already been reallocated then we can end up
with an inode spuriously marked stale.

In 8a17d7ddedb4 ("xfs: mark reclaimed inodes invalid earlier") we added
a second check to xfs_iflush_cluster() to detect this race, but the
similar RCU lookup in xfs_ifree_cluster() needs the same treatment.

Signed-off-by: Omar Sandoval <osandov@fb.com>
Reviewed-by: Brian Foster <bfoster@redhat.com>
Reviewed-by: Darrick J. Wong <darrick.wong@oracle.com>
Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Signed-off-by: Seth Forshee <seth.forshee@canonical.com>

fs/xfs/xfs_icache.c		diff \| blob \| blame \| history
fs/xfs/xfs_inode.c		diff \| blob \| blame \| history