From: Chi Zhiling Writeback does not hold i_rwsem and can race with truncate or other operations that change the file's block mapping. This may leave cached iomaps stale, causing writeback to write data to blocks that no longer belong to the file. Track iomap validity with exfat's cache_valid_id and implement iomap_valid() so cached iomaps are revalidated after the folio is locked. If the mapping has changed, a new iomap is obtained before writeback continues. This matches the iomap validity model used by XFS and prevents data corruption from stale cached iomaps. IOMAP_F_MERGED is set twice in __exfat_iomap_begin(), this patch also drops the redundant setting. Signed-off-by: Chi Zhiling --- fs/exfat/file.c | 4 ++-- fs/exfat/iomap.c | 15 +++++++++++++-- fs/exfat/iomap.h | 1 + 3 files changed, 16 insertions(+), 4 deletions(-) diff --git a/fs/exfat/file.c b/fs/exfat/file.c index 5fc13378d35f..4258398ca641 100644 --- a/fs/exfat/file.c +++ b/fs/exfat/file.c @@ -772,8 +772,8 @@ static ssize_t exfat_file_write_iter(struct kiocb *iocb, struct iov_iter *iter) if (iocb->ki_flags & IOCB_DIRECT) ret = exfat_dio_write_iter(iocb, iter); else - ret = iomap_file_buffered_write(iocb, iter, - &exfat_write_iomap_ops, NULL, NULL); + ret = iomap_file_buffered_write(iocb, iter, &exfat_write_iomap_ops, + &exfat_iomap_write_ops, NULL); if (ret < 0) goto unlock; diff --git a/fs/exfat/iomap.c b/fs/exfat/iomap.c index 1aac38e63fe6..e417116f0084 100644 --- a/fs/exfat/iomap.c +++ b/fs/exfat/iomap.c @@ -56,6 +56,7 @@ static int __exfat_iomap_begin(struct inode *inode, loff_t offset, loff_t length iomap->addr = IOMAP_NULL_ADDR; iomap->offset = offset; iomap->length = length; + iomap->validity_cookie = ei->cache_valid_id; return 0; } @@ -133,7 +134,7 @@ static int __exfat_iomap_begin(struct inode *inode, loff_t offset, loff_t length } } - iomap->flags |= IOMAP_F_MERGED; + iomap->validity_cookie = ei->cache_valid_id; out: mutex_unlock(&sbi->s_lock); return err; @@ -201,7 +202,8 @@ static ssize_t exfat_writeback_range(struct iomap_writepage_ctx *wpc, struct folio *folio, u64 offset, unsigned int len, u64 end_pos) { if (offset < wpc->iomap.offset || - offset >= wpc->iomap.offset + wpc->iomap.length) { + offset >= wpc->iomap.offset + wpc->iomap.length || + !exfat_iomap_valid(wpc->inode, &wpc->iomap)) { int error; error = __exfat_iomap_begin(wpc->inode, offset, len, @@ -269,3 +271,12 @@ int exfat_iomap_swap_activate(struct swap_info_struct *sis, { return iomap_swapfile_activate(sis, file, span, &exfat_iomap_ops); } + +static bool exfat_iomap_valid(struct inode *inode, const struct iomap *iomap) +{ + return EXFAT_I(inode)->cache_valid_id == iomap->validity_cookie; +} + +const struct iomap_write_ops exfat_iomap_write_ops = { + .iomap_valid = exfat_iomap_valid, +}; diff --git a/fs/exfat/iomap.h b/fs/exfat/iomap.h index fd8a913f7794..2ea387f2b179 100644 --- a/fs/exfat/iomap.h +++ b/fs/exfat/iomap.h @@ -11,6 +11,7 @@ extern const struct iomap_ops exfat_iomap_ops; extern const struct iomap_ops exfat_write_iomap_ops; extern const struct iomap_writeback_ops exfat_writeback_ops; extern const struct iomap_read_ops exfat_iomap_bio_read_ops; +extern const struct iomap_write_ops exfat_iomap_write_ops; int exfat_iomap_swap_activate(struct swap_info_struct *sis, struct file *file, sector_t *span); -- 2.43.0