summaryrefslogtreecommitdiff
path: root/fs/fscache/page.c
diff options
context:
space:
mode:
authorDavid Howells <dhowells@redhat.com>2015-11-04 18:20:42 +0300
committerAl Viro <viro@zeniv.linux.org.uk>2015-11-11 10:11:02 +0300
commit102f4d900c9c8f5ed89ae4746d493fe3ebd7ba64 (patch)
tree1478b45629f2cd2a499a4b06f9938c2ad3ed0942 /fs/fscache/page.c
parent95201a40604791bc4a2e8d066429be89fb82b46d (diff)
downloadlinux-102f4d900c9c8f5ed89ae4746d493fe3ebd7ba64.tar.xz
FS-Cache: Handle a write to the page immediately beyond the EOF marker
Handle a write being requested to the page immediately beyond the EOF marker on a cache object. Currently this gets an assertion failure in CacheFiles because the EOF marker is used there to encode information about a partial page at the EOF - which could lead to an unknown blank spot in the file if we extend the file over it. The problem is actually in fscache where we check the index of the page being written against store_limit. store_limit is set to the number of pages that we're allowed to store by fscache_set_store_limit() - which means it's one more than the index of the last page we're allowed to store. The problem is that we permit writing to a page with an index _equal_ to the store limit - when we should reject that case. Whilst we're at it, change the triggered assertion in CacheFiles to just return -ENOBUFS instead. The assertion failure looks something like this: CacheFiles: Assertion failed 1000 < 7b1 is false ------------[ cut here ]------------ kernel BUG at fs/cachefiles/rdwr.c:962! ... RIP: 0010:[<ffffffffa02c9e83>] [<ffffffffa02c9e83>] cachefiles_write_page+0x273/0x2d0 [cachefiles] Cc: stable@vger.kernel.org # v2.6.31+; earlier - that + backport of a17754f (at least) Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'fs/fscache/page.c')
-rw-r--r--fs/fscache/page.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/fs/fscache/page.c b/fs/fscache/page.c
index 79483b3d8c6f..6b35fc4860a0 100644
--- a/fs/fscache/page.c
+++ b/fs/fscache/page.c
@@ -816,7 +816,7 @@ static void fscache_write_op(struct fscache_operation *_op)
goto superseded;
page = results[0];
_debug("gang %d [%lx]", n, page->index);
- if (page->index > op->store_limit) {
+ if (page->index >= op->store_limit) {
fscache_stat(&fscache_n_store_pages_over_limit);
goto superseded;
}