From mboxrd@z Thu Jan 1 00:00:00 1970 From: Ross Zwisler Subject: [PATCH 1/2] dax: dax_pfn_mkwrite() truncate race check Date: Fri, 9 Oct 2015 16:02:07 -0600 Message-ID: <1444428128-12200-2-git-send-email-ross.zwisler@linux.intel.com> References: <1444428128-12200-1-git-send-email-ross.zwisler@linux.intel.com> Cc: Ross Zwisler , Alexander Viro , Matthew Wilcox , linux-fsdevel@vger.kernel.org, Andrew Morton , Dan Williams , Dave Chinner , Jan Kara , linux-nvdimm@lists.01.org, Matthew Wilcox , Andreas Dilger To: linux-kernel@vger.kernel.org Return-path: In-Reply-To: <1444428128-12200-1-git-send-email-ross.zwisler@linux.intel.com> Sender: linux-kernel-owner@vger.kernel.org List-Id: linux-fsdevel.vger.kernel.org Update dax_pfn_mkwrite() so that it validates i_size before returning. This is necessary to ensure that the page fault has not raced with truncate and is now pointing to a region beyond the end of the current file. This change is based on a similar outstanding patch for XFS from Dave Chinner entitled "xfs: add ->pfn_mkwrite support for DAX". Signed-off-by: Ross Zwisler --- fs/dax.c | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/fs/dax.c b/fs/dax.c index 131fd35a..82be6e4 100644 --- a/fs/dax.c +++ b/fs/dax.c @@ -693,12 +693,21 @@ EXPORT_SYMBOL_GPL(dax_pmd_fault); */ int dax_pfn_mkwrite(struct vm_area_struct *vma, struct vm_fault *vmf) { - struct super_block *sb = file_inode(vma->vm_file)->i_sb; + struct inode *inode = file_inode(vma->vm_file); + struct super_block *sb = inode->i_sb; + int ret = VM_FAULT_NOPAGE; + loff_t size; sb_start_pagefault(sb); file_update_time(vma->vm_file); + + /* check that the faulting page hasn't raced with truncate */ + size = (i_size_read(inode) + PAGE_SIZE - 1) >> PAGE_SHIFT; + if (vmf->pgoff >= size) + ret = VM_FAULT_SIGBUS; + sb_end_pagefault(sb); - return VM_FAULT_NOPAGE; + return ret; } EXPORT_SYMBOL_GPL(dax_pfn_mkwrite); -- 2.1.0