f2fs: avoid race in between read xattr & write xattr

Thread A:					Thread B:
-f2fs_getxattr
   -lookup_all_xattrs
      -xnid = F2FS_I(inode)->i_xattr_nid;
						-f2fs_setxattr
						    -__f2fs_setxattr
						        -write_all_xattrs
						            -truncate_xattr_node
							          ...  ...
						-write_checkpoint
								  ...  ...
						-alloc_nid   <- nid reuse
          -get_node_page
              -f2fs_bug_on  <- nid != node_footer->nid

It's need a rw_sem to avoid the race

Signed-off-by: Yunlei He <heyunlei@huawei.com>
Reviewed-by: Chao Yu <yuchao0@huawei.com>
Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>

diff --git a/fs/f2fs/f2fs.h b/fs/f2fs/f2fs.h
index 91fb749686f24f75efc49baa308e1861412bbfda..c0803b1873b36b5b007924ecc2904eb12514ffe9 100644 (file)
--- a/fs/f2fs/f2fs.h
+++ b/fs/f2fs/f2fs.h
@@ -589,6 +589,7 @@ struct f2fs_inode_info {
        struct extent_tree *extent_tree;        /* cached extent_tree entry */
        struct rw_semaphore dio_rwsem[2];/* avoid racing between dio and gc */
        struct rw_semaphore i_mmap_sem;
+       struct rw_semaphore i_xattr_sem; /* avoid racing between reading and changing EAs */
 
        int i_extra_isize;              /* size of extra space located in i_addr */
        kprojid_t i_projid;             /* id for project quota */

diff --git a/fs/f2fs/super.c b/fs/f2fs/super.c
index 7730316c19c64292618430595c6d4303109cd7b8..89f61eb3d1671c3c5686a002adca8c0c427abd1c 100644 (file)
--- a/fs/f2fs/super.c
+++ b/fs/f2fs/super.c
@@ -630,6 +630,7 @@ static struct inode *f2fs_alloc_inode(struct super_block *sb)
        init_rwsem(&fi->dio_rwsem[READ]);
        init_rwsem(&fi->dio_rwsem[WRITE]);
        init_rwsem(&fi->i_mmap_sem);
+       init_rwsem(&fi->i_xattr_sem);
 
 #ifdef CONFIG_QUOTA
        memset(&fi->i_dquot, 0, sizeof(fi->i_dquot));

diff --git a/fs/f2fs/xattr.c b/fs/f2fs/xattr.c
index ef3a3721ea6b7d7fad9d0ba0dd4a09030d8e2a80..7c65540148f8b1b787c54e8eaff3a6813f4a5f9e 100644 (file)
--- a/fs/f2fs/xattr.c
+++ b/fs/f2fs/xattr.c
@@ -473,8 +473,10 @@ int f2fs_getxattr(struct inode *inode, int index, const char *name,
        if (len > F2FS_NAME_LEN)
                return -ERANGE;
 
+       down_read(&F2FS_I(inode)->i_xattr_sem);
        error = lookup_all_xattrs(inode, ipage, index, len, name,
                                &entry, &base_addr);
+       up_read(&F2FS_I(inode)->i_xattr_sem);
        if (error)
                return error;
 
@@ -503,7 +505,9 @@ ssize_t f2fs_listxattr(struct dentry *dentry, char *buffer, size_t buffer_size)
        int error = 0;
        size_t rest = buffer_size;
 
+       down_read(&F2FS_I(inode)->i_xattr_sem);
        error = read_all_xattrs(inode, NULL, &base_addr);
+       up_read(&F2FS_I(inode)->i_xattr_sem);
        if (error)
                return error;
 
@@ -686,7 +690,9 @@ int f2fs_setxattr(struct inode *inode, int index, const char *name,
        f2fs_lock_op(sbi);
        /* protect xattr_ver */
        down_write(&F2FS_I(inode)->i_sem);
+       down_write(&F2FS_I(inode)->i_xattr_sem);
        err = __f2fs_setxattr(inode, index, name, value, size, ipage, flags);
+       up_write(&F2FS_I(inode)->i_xattr_sem);
        up_write(&F2FS_I(inode)->i_sem);
        f2fs_unlock_op(sbi);