NTFS: Fix read regression.
authorAnton Altaparmakov <aia21@cam.ac.uk>
Sat, 3 Nov 2007 07:38:59 +0000 (07:38 +0000)
committerLinus Torvalds <torvalds@woody.linux-foundation.org>
Sat, 3 Nov 2007 19:27:21 +0000 (12:27 -0700)
The regression was caused by:
        commit[a32ea1e1f925399e0d81ca3f7394a44a6dafa12c] Fix read/truncate race

This causes ntfs_readpage() to be called for a zero i_size inode, which
failed when the file was compressed and non-resident.

Thanks a lot to Mike Galbraith for reporting the issue and tracking down
the commit that caused the regression.

Looking into it I found three bugs which the patch fixes.

Signed-off-by: Anton Altaparmakov <aia21@cantab.net>
Tested-by: Mike Galbraith <efault@gmx.de>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
fs/ntfs/aops.c
fs/ntfs/attrib.c
fs/ntfs/compress.c

index cfdc7900d2710f70bee9aa7d591d8b8fb4c85c31..ad87cb01299b6d8febb7ae670fddb36ce33cc666 100644 (file)
@@ -405,6 +405,15 @@ static int ntfs_readpage(struct file *file, struct page *page)
 
 retry_readpage:
        BUG_ON(!PageLocked(page));
+       vi = page->mapping->host;
+       i_size = i_size_read(vi);
+       /* Is the page fully outside i_size? (truncate in progress) */
+       if (unlikely(page->index >= (i_size + PAGE_CACHE_SIZE - 1) >>
+                       PAGE_CACHE_SHIFT)) {
+               zero_user_page(page, 0, PAGE_CACHE_SIZE, KM_USER0);
+               ntfs_debug("Read outside i_size - truncated?");
+               goto done;
+       }
        /*
         * This can potentially happen because we clear PageUptodate() during
         * ntfs_writepage() of MstProtected() attributes.
@@ -413,7 +422,6 @@ retry_readpage:
                unlock_page(page);
                return 0;
        }
-       vi = page->mapping->host;
        ni = NTFS_I(vi);
        /*
         * Only $DATA attributes can be encrypted and only unnamed $DATA
index 92dabdcf2b80b2c0d8f1f5832e9eb0043be391d3..50d3b0c258e37cd0413568aef6d4216086a6bb02 100644 (file)
@@ -179,10 +179,7 @@ int ntfs_map_runlist_nolock(ntfs_inode *ni, VCN vcn, ntfs_attr_search_ctx *ctx)
         * ntfs_mapping_pairs_decompress() fails.
         */
        end_vcn = sle64_to_cpu(a->data.non_resident.highest_vcn) + 1;
-       if (!a->data.non_resident.lowest_vcn && end_vcn == 1)
-               end_vcn = sle64_to_cpu(a->data.non_resident.allocated_size) >>
-                               ni->vol->cluster_size_bits;
-       if (unlikely(vcn >= end_vcn)) {
+       if (unlikely(vcn && vcn >= end_vcn)) {
                err = -ENOENT;
                goto err_out;
        }
index d98daf59e0b64ac91bf3c950594ba6685e6ca737..d1619d05eb23bce83bea2d9f005e663625fa1f2e 100644 (file)
@@ -561,6 +561,16 @@ int ntfs_read_compressed_block(struct page *page)
        read_unlock_irqrestore(&ni->size_lock, flags);
        max_page = ((i_size + PAGE_CACHE_SIZE - 1) >> PAGE_CACHE_SHIFT) -
                        offset;
+       /* Is the page fully outside i_size? (truncate in progress) */
+       if (xpage >= max_page) {
+               kfree(bhs);
+               kfree(pages);
+               zero_user_page(page, 0, PAGE_CACHE_SIZE, KM_USER0);
+               ntfs_debug("Compressed read outside i_size - truncated?");
+               SetPageUptodate(page);
+               unlock_page(page);
+               return 0;
+       }
        if (nr_pages < max_page)
                max_page = nr_pages;
        for (i = 0; i < max_page; i++, offset++) {