From: Greg KH <gregkh@suse.de>
To: linux-kernel@vger.kernel.org, stable@kernel.org
Cc: Justin Forbes <jmforbes@linuxtx.org>,
Zwane Mwaikambo <zwane@arm.linux.org.uk>,
"Theodore Ts'o" <tytso@mit.edu>,
Randy Dunlap <rdunlap@xenotime.net>,
Dave Jones <davej@redhat.com>,
Chuck Wolber <chuckw@quantumlinux.com>,
Chris Wedgwood <reviews@ml.cw.f00f.org>,
Michael Krufky <mkrufky@linuxtv.org>,
Chuck Ebbert <cebbert@redhat.com>,
Domenico Andreoli <cavokz@gmail.com>, Willy Tarreau <w@1wt.eu>,
Rodrigo Rubira Branco <rbranco@la.checkpoint.com>,
Jake Edge <jake@lwn.net>, Eugene Teo <eteo@redhat.com>,
torvalds@linux-foundation.org, akpm@linux-foundation.org,
alan@lxorguk.ukuu.org.uk, linux-fsdevel@vger.kernel.org,
linux-mm@vger.kernel.org, Chris Mason <chris.mason@oracle.com>,
Nick Piggin <npiggin@suse.de>
Subject: [patch 10/28] fs: fix page_mkwrite error cases in core code and btrfs
Date: Thu, 14 May 2009 15:51:36 -0700 [thread overview]
Message-ID: <20090514225237.984186930@mini.kroah.org> (raw)
In-Reply-To: <20090514225413.GA705@kroah.com>
[-- Attachment #1: fs-fix-page_mkwrite-error-cases-in-core-code-and-btrfs.patch --]
[-- Type: text/plain, Size: 2330 bytes --]
2.6.27-stable review patch. If anyone has any objections, please let us know.
------------------
From: Nick Piggin <npiggin@suse.de>
commit 56a76f8275c379ed73c8a43cfa1dfa2f5e9cfa19 upstream
fs: fix page_mkwrite error cases in core code and btrfs
page_mkwrite is called with neither the page lock nor the ptl held. This
means a page can be concurrently truncated or invalidated out from
underneath it. Callers are supposed to prevent truncate races themselves,
however previously the only thing they can do in case they hit one is to
raise a SIGBUS. A sigbus is wrong for the case that the page has been
invalidated or truncated within i_size (eg. hole punched). Callers may
also have to perform memory allocations in this path, where again, SIGBUS
would be wrong.
The previous patch ("mm: page_mkwrite change prototype to match fault")
made it possible to properly specify errors. Convert the generic buffer.c
code and btrfs to return sane error values (in the case of page removed
from pagecache, VM_FAULT_NOPAGE will cause the fault handler to exit
without doing anything, and the fault will be retried properly).
This fixes core code, and converts btrfs as a template/example. All other
filesystems defining their own page_mkwrite should be fixed in a similar
manner.
Acked-by: Chris Mason <chris.mason@oracle.com>
Signed-off-by: Nick Piggin <npiggin@suse.de>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
---
fs/buffer.c | 12 ++++++++----
1 file changed, 8 insertions(+), 4 deletions(-)
--- a/fs/buffer.c
+++ b/fs/buffer.c
@@ -2409,7 +2409,7 @@ block_page_mkwrite(struct vm_area_struct
struct inode *inode = vma->vm_file->f_path.dentry->d_inode;
unsigned long end;
loff_t size;
- int ret = -EINVAL;
+ int ret = VM_FAULT_NOPAGE; /* make the VM retry the fault */
lock_page(page);
size = i_size_read(inode);
@@ -2429,10 +2429,14 @@ block_page_mkwrite(struct vm_area_struct
if (!ret)
ret = block_commit_write(page, 0, end);
-out_unlock:
- if (ret)
- ret = VM_FAULT_SIGBUS;
+ if (unlikely(ret)) {
+ if (ret == -ENOMEM)
+ ret = VM_FAULT_OOM;
+ else /* -ENOSPC, -EIO, etc */
+ ret = VM_FAULT_SIGBUS;
+ }
+out_unlock:
unlock_page(page);
return ret;
}
next prev parent reply other threads:[~2009-05-14 23:06 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20090514225126.907908936@mini.kroah.org>
2009-05-14 22:54 ` [patch 00/28] 2.6.27.24-stable review Greg KH
2009-05-14 22:51 ` [patch 01/28] md: fix loading of out-of-date bitmap Greg KH
2009-05-14 22:51 ` [patch 02/28] md: fix some (more) errors with bitmaps on devices larger than 2TB Greg KH
2009-05-14 22:51 ` [patch 03/28] md/raid10: dont clear bitmap during recovery if array will still be degraded Greg KH
2009-05-14 22:51 ` [patch 04/28] md: remove ability to explicit set an inactive array to clean Greg KH
2009-05-14 22:51 ` [patch 05/28] USB: Gadget: fix UTF conversion in the usbstring library Greg KH
2009-05-14 22:51 ` [patch 06/28] dup2: Fix return value with oldfd == newfd and invalid fd Greg KH
2009-05-14 22:51 ` [patch 07/28] i2c-algo-bit: Fix timeout test Greg KH
2009-05-14 22:51 ` [patch 08/28] i2c-algo-pca: Let PCA9564 recover from unacked data byte (state 0x30) Greg KH
2009-05-14 22:51 ` [patch 09/28] mm: page_mkwrite change prototype to match fault Greg KH
2009-05-14 22:51 ` Greg KH [this message]
2009-05-14 22:51 ` [patch 11/28] mm: close page_mkwrite races Greg KH
2009-05-14 22:51 ` [patch 12/28] GFS2: Fix page_mkwrite() return code Greg KH
2009-05-14 22:51 ` [patch 13/28] NFS: Fix the return value in nfs_page_mkwrite() Greg KH
2009-05-14 22:51 ` [patch 14/28] NFS: Close page_mkwrite() races Greg KH
2009-05-14 22:51 ` [patch 15/28] cifs: Fix buffer size for tcon->nativeFileSystem field Greg KH
2009-05-14 22:51 ` [patch 16/28] cifs: Increase size of tmp_buf in cifs_readdir to avoid potential overflows Greg KH
2009-05-14 22:51 ` [patch 17/28] cifs: Fix incorrect destination buffer size in cifs_strncpy_to_host Greg KH
2009-05-14 22:51 ` [patch 18/28] cifs: Fix buffer size in cifs_convertUCSpath Greg KH
2009-05-14 22:51 ` [patch 19/28] cifs: Fix unicode string area word alignment in session setup Greg KH
2009-05-14 22:51 ` [patch 20/28] epoll: fix size check in epoll_create() Greg KH
2009-05-14 22:51 ` [patch 21/28] nfsd4: check for negative dentry before use in nfsv4 readdir Greg KH
2009-05-14 22:51 ` [patch 22/28] NFS: Fix the notifications when renaming onto an existing file Greg KH
2009-05-14 22:51 ` [patch 23/28] ehea: fix invalid pointer access Greg KH
2009-05-14 22:51 ` [patch 24/28] powerpc/5200: Dont specify IRQF_SHARED in PSC UART driver Greg KH
2009-05-14 22:51 ` [patch 25/28] splice: split up __splice_from_pipe() Greg KH
2009-05-14 22:51 ` [patch 26/28] splice: remove i_mutex locking in splice_from_pipe() Greg KH
2009-05-14 22:51 ` [patch 27/28] splice: fix i_mutex locking in generic_splice_write() Greg KH
2009-05-14 22:51 ` [patch 28/28] ocfs2: fix i_mutex locking in ocfs2_splice_to_file() Greg KH
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20090514225237.984186930@mini.kroah.org \
--to=gregkh@suse.de \
--cc=akpm@linux-foundation.org \
--cc=alan@lxorguk.ukuu.org.uk \
--cc=cavokz@gmail.com \
--cc=cebbert@redhat.com \
--cc=chris.mason@oracle.com \
--cc=chuckw@quantumlinux.com \
--cc=davej@redhat.com \
--cc=eteo@redhat.com \
--cc=jake@lwn.net \
--cc=jmforbes@linuxtx.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@vger.kernel.org \
--cc=mkrufky@linuxtv.org \
--cc=npiggin@suse.de \
--cc=rbranco@la.checkpoint.com \
--cc=rdunlap@xenotime.net \
--cc=reviews@ml.cw.f00f.org \
--cc=stable@kernel.org \
--cc=torvalds@linux-foundation.org \
--cc=tytso@mit.edu \
--cc=w@1wt.eu \
--cc=zwane@arm.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox