[PATCH] VFS: fix a race in lease-breaking during truncate

[PATCH] VFS: fix a race in lease-breaking during truncate

[J. Bruce Fields]

From: David M. Richter <richterd@citi.umich.edu>

It is possible that another process could acquire a new file lease right
after break_lease() is called during a truncate, but before lease-granting
is disabled by the subsequent get_write_access().  Merely switching the
order of the break_lease() and get_write_access() calls prevents this race.

Signed-off-by: David M. Richter <richterd@citi.umich.edu>
Signed-off-by: "J. Bruce Fields" <bfields@citi.umich.edu>
---
 fs/open.c |   16 +++++++++-------
 1 files changed, 9 insertions(+), 7 deletions(-)

diff --git a/fs/open.c b/fs/open.c
index 0d515d1..c32aba0 100644
--- a/fs/open.c
+++ b/fs/open.c
@@ -255,24 +255,26 @@ static long do_sys_truncate(const char __user * path, loff_t length)
 	if (IS_IMMUTABLE(inode) || IS_APPEND(inode))
 		goto dput_and_out;
 
-	/*
-	 * Make sure that there are no leases.
-	 */
-	error = break_lease(inode, FMODE_WRITE);
+	error = get_write_access(inode);
 	if (error)
 		goto dput_and_out;
 
-	error = get_write_access(inode);
+	/*
+	 * Make sure that there are no leases.  get_write_access() protects
+	 * against the truncate racing with a lease-granting setlease().
+	 */
+	error = break_lease(inode, FMODE_WRITE);
 	if (error)
-		goto dput_and_out;
+		goto put_write_and_out;
 
 	error = locks_verify_truncate(inode, NULL, length);
 	if (!error) {
 		DQUOT_INIT(inode);
 		error = do_truncate(nd.dentry, length, 0, NULL);
 	}
-	put_write_access(inode);
 
+put_write_and_out:
+	put_write_access(inode);
 dput_and_out:
 	path_release(&nd);
 out:
-- 
1.5.2.rc3

[PATCH] VFS: fix a race in lease-breaking during truncate

[J. Bruce Fields]

From: david m. richter <richterd@citi.umich.edu>

It is possible that another process could acquire a new file lease right
after break_lease() is called during a truncate, but before lease-granting
is disabled by the subsequent get_write_access().  Merely switching the
order of the break_lease() and get_write_access() calls prevents this race.

Signed-off-by: David M. Richter <richterd@citi.umich.edu>
Signed-off-by: "J. Bruce Fields" <bfields@citi.umich.edu>
---
 fs/open.c |   16 +++++++++-------
 1 files changed, 9 insertions(+), 7 deletions(-)

I posted this patch to linux-fsdevel last week and nobody said anything.
Thus, it is perfect.

--b.

diff --git a/fs/open.c b/fs/open.c
index 0d515d1..c32aba0 100644
--- a/fs/open.c
+++ b/fs/open.c
@@ -255,24 +255,26 @@ static long do_sys_truncate(const char __user * path, loff_t length)
 	if (IS_IMMUTABLE(inode) || IS_APPEND(inode))
 		goto dput_and_out;
 
-	/*
-	 * Make sure that there are no leases.
-	 */
-	error = break_lease(inode, FMODE_WRITE);
+	error = get_write_access(inode);
 	if (error)
 		goto dput_and_out;
 
-	error = get_write_access(inode);
+	/*
+	 * Make sure that there are no leases.  get_write_access() protects
+	 * against the truncate racing with a lease-granting setlease().
+	 */
+	error = break_lease(inode, FMODE_WRITE);
 	if (error)
-		goto dput_and_out;
+		goto put_write_and_out;
 
 	error = locks_verify_truncate(inode, NULL, length);
 	if (!error) {
 		DQUOT_INIT(inode);
 		error = do_truncate(nd.dentry, length, 0, NULL);
 	}
-	put_write_access(inode);
 
+put_write_and_out:
+	put_write_access(inode);
 dput_and_out:
 	path_release(&nd);
 out:
-- 
1.5.3.rc0.63.gc956