fat: Fix _fat_bmap() race
OGAWA Hirofumi [Thu, 6 Nov 2008 20:53:56 +0000 (12:53 -0800)]
fat_get_cluster() assumes the requested blocknr isn't truncated during
read. _fat_bmap() doesn't follow this rule.

This protects it by ->i_mutex.

Signed-off-by: OGAWA Hirofumi <hirofumi@mail.parknet.co.jp>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

fs/fat/inode.c

index 0da04e6..be88208 100644 (file)
@@ -199,7 +199,14 @@ static ssize_t fat_direct_IO(int rw, struct kiocb *iocb,
 
 static sector_t _fat_bmap(struct address_space *mapping, sector_t block)
 {
-       return generic_block_bmap(mapping, block, fat_get_block);
+       sector_t blocknr;
+
+       /* fat_get_cluster() assumes the requested blocknr isn't truncated. */
+       mutex_lock(&mapping->host->i_mutex);
+       blocknr = generic_block_bmap(mapping, block, fat_get_block);
+       mutex_unlock(&mapping->host->i_mutex);
+
+       return blocknr;
 }
 
 static const struct address_space_operations fat_aops = {