]> git.ipfire.org Git - thirdparty/kernel/stable.git/commitdiff
projects / thirdparty / kernel / stable.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 1e134c3)
f2fs: add READ_ONCE() for i_blocks in f2fs_update_inode()
authorCen Zhang <zzzccc427@gmail.com>
Wed, 18 Mar 2026 07:32:53 +0000 (15:32 +0800)
committerJaegeuk Kim <jaegeuk@kernel.org>
Tue, 24 Mar 2026 17:21:01 +0000 (17:21 +0000)
f2fs_update_inode() reads inode->i_blocks without holding i_lock to
serialize it to the on-disk inode, while concurrent truncate or
allocation paths may modify i_blocks under i_lock.  Since blkcnt_t is
u64, this risks torn reads on 32-bit architectures.

Following the approach in ext4_inode_blocks_set(), add READ_ONCE() to prevent
potential compiler-induced tearing.

Fixes: 19f99cee206c ("f2fs: add core inode operations")
Cc: stable@vger.kernel.org
Signed-off-by: Cen Zhang <zzzccc427@gmail.com>
Reviewed-by: Chao Yu <chao@kernel.org>
Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
fs/f2fs/inode.c patch | blob | blame | history

diff --git a/fs/f2fs/inode.c b/fs/f2fs/inode.c
index e0f850b3f0c38797fbba726af424161a147ee4f7..89240be8cc59b0dc301859a10d81e23d7f36f81a 100644 (file)
--- a/fs/f2fs/inode.c
+++ b/fs/f2fs/inode.c
@@ -687,7 +687,7 @@ void f2fs_update_inode(struct inode *inode, struct folio *node_folio)
        ri->i_uid = cpu_to_le32(i_uid_read(inode));
        ri->i_gid = cpu_to_le32(i_gid_read(inode));
        ri->i_links = cpu_to_le32(inode->i_nlink);
-       ri->i_blocks = cpu_to_le64(SECTOR_TO_BLOCK(inode->i_blocks) + 1);
+       ri->i_blocks = cpu_to_le64(SECTOR_TO_BLOCK(READ_ONCE(inode->i_blocks)) + 1);
 
        if (!f2fs_is_atomic_file(inode) ||
                        is_inode_flag_set(inode, FI_ATOMIC_COMMITTED))
Mirror https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git