[PATCH] fs: fix nobh data leak
authorNick Piggin <npiggin@suse.de>
Tue, 20 Feb 2007 21:58:09 +0000 (13:58 -0800)
committerLinus Torvalds <torvalds@woody.linux-foundation.org>
Wed, 21 Feb 2007 01:10:15 +0000 (17:10 -0800)
nobh_prepare_write leaks data similarly to how simple_prepare_write did. Fix
by not marking the page uptodate until nobh_commit_write time. Again, this
could break weird use-cases, but none appear to exist in the tree.

We can safely remove the set_page_dirty, because as the comment says,
nobh_commit_write does set_page_dirty. If a filesystem wants to allocate
backing store for a page dirtied via mmap, page_mkwrite is the suggested
approach.

Signed-off-by: Nick Piggin <npiggin@suse.de>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
fs/buffer.c

index e95fe4f8d11a69eccba7efb818d02f4f0af64288..e8504b65176c47a0f86eb3f439791dfd1562f0a2 100644 (file)
@@ -2248,7 +2248,6 @@ int nobh_prepare_write(struct page *page, unsigned from, unsigned to,
        int i;
        int ret = 0;
        int is_mapped_to_disk = 1;
-       int dirtied_it = 0;
 
        if (PageMappedToDisk(page))
                return 0;
@@ -2285,14 +2284,10 @@ int nobh_prepare_write(struct page *page, unsigned from, unsigned to,
                        continue;
                if (buffer_new(&map_bh) || !buffer_mapped(&map_bh)) {
                        kaddr = kmap_atomic(page, KM_USER0);
-                       if (block_start < from) {
+                       if (block_start < from)
                                memset(kaddr+block_start, 0, from-block_start);
-                               dirtied_it = 1;
-                       }
-                       if (block_end > to) {
+                       if (block_end > to)
                                memset(kaddr + to, 0, block_end - to);
-                               dirtied_it = 1;
-                       }
                        flush_dcache_page(page);
                        kunmap_atomic(kaddr, KM_USER0);
                        continue;
@@ -2347,17 +2342,6 @@ int nobh_prepare_write(struct page *page, unsigned from, unsigned to,
 
        if (is_mapped_to_disk)
                SetPageMappedToDisk(page);
-       SetPageUptodate(page);
-
-       /*
-        * Setting the page dirty here isn't necessary for the prepare_write
-        * function - commit_write will do that.  But if/when this function is
-        * used within the pagefault handler to ensure that all mmapped pages
-        * have backing space in the filesystem, we will need to dirty the page
-        * if its contents were altered.
-        */
-       if (dirtied_it)
-               set_page_dirty(page);
 
        return 0;
 
@@ -2387,6 +2371,7 @@ int nobh_commit_write(struct file *file, struct page *page,
        struct inode *inode = page->mapping->host;
        loff_t pos = ((loff_t)page->index << PAGE_CACHE_SHIFT) + to;
 
+       SetPageUptodate(page);
        set_page_dirty(page);
        if (pos > inode->i_size) {
                i_size_write(inode, pos);