[PATCH] JFFS2 Fix of panics caused by wrong condition for hole frag creation in write_begin
Jörn Engel
joern at logfs.org
Mon Apr 14 14:21:23 EDT 2008
On Mon, 14 April 2008 17:55:22 +0100, Alexey Korolev wrote:
>
> JFFS2 in Linux 2.6.24 fails to kernel panic on random read/write/truncate operatons. We investigated the issue it is caused by
> bug in conditions for hole fragment creation in write_begin function. Offset of starting offset which is used to identify should we create hole frag or not is calculated improperly.
> As result hole frags are not created when they must be - it leads to internal memory corruptions and kernel panic.
>
> The following patch fixes the bug in JFFS2 write_begin hole frag conditions.
> Please include the patch.
Description is rather wide.
Reviewed-By: Joern Engel <joern at logfs.org>
> Signed-off-by: Alexey Korolev <akorolev at infradead.org>
> Signed-off-by: Vasiliy Leonenko <vasiliy.leonenko at mail.ru>
> =========================================
> diff -aupNr a/fs/jffs2/file.c b/fs/jffs2/file.c
> --- a/fs/jffs2/file.c 2008-02-11 08:51:11.000000000 +0300
> +++ b/fs/jffs2/file.c 2008-04-11 13:54:08.000000000 +0400
> @@ -129,13 +129,14 @@ static int jffs2_write_begin(struct file
> struct inode *inode = mapping->host;
> struct jffs2_inode_info *f = JFFS2_INODE_INFO(inode);
> pgoff_t index = pos >> PAGE_CACHE_SHIFT;
> - uint32_t pageofs = pos & (PAGE_CACHE_SIZE - 1);
> + uint32_t pageofs;
> int ret = 0;
>
> pg = __grab_cache_page(mapping, index);
> if (!pg)
> return -ENOMEM;
> *pagep = pg;
> + pageofs = pg->index << PAGE_CACHE_SHIFT;
>
> D1(printk(KERN_DEBUG "jffs2_write_begin()\n"));
> =========================================
>
> Thanks,
> Alexey
Jörn
--
My second remark is that our intellectual powers are rather geared to
master static relations and that our powers to visualize processes
evolving in time are relatively poorly developed.
-- Edsger W. Dijkstra
More information about the linux-mtd
mailing list