leases: fix write-open/read-lease race

In setlease, we use i_writecount to decide whether we can give out a
read lease.

In open, we break leases before incrementing i_writecount.

There is therefore a window between the break lease and the i_writecount
increment when setlease could add a new read lease.

This would leave us with a simultaneous write open and read lease, which
shouldn't happen.

Signed-off-by: J. Bruce Fields <bfields@redhat.com>
Signed-off-by: Christoph Hellwig <hch@lst.de>

2 files changed, 5 insertions, 4 deletions

diff --git a/fs/namei.c b/fs/namei.c
index 9061157e39d6..7657be4352bf 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -2035,10 +2035,7 @@ static int may_open(struct path *path, int acc_mode, int flag)
         if (flag & O_NOATIME && !inode_owner_or_capable(inode))
                 return -EPERM;
 
-        /*
-         * Ensure there are no outstanding leases on the file.
-         */
-        return break_lease(inode, flag);
+        return 0;
 }
 
 static int handle_truncate(struct file *filp)
diff --git a/fs/open.c b/fs/open.c
index f71192109457..22c41b543f2d 100644
--- a/fs/open.c
+++ b/fs/open.c
@@ -685,6 +685,10 @@ static struct file *__dentry_open(struct dentry *dentry, struct vfsmount *mnt,
         if (error)
                 goto cleanup_all;
 
+        error = break_lease(inode, f->f_flags);
+        if (error)
+                goto cleanup_all;
+
         if (!open && f->f_op)
                 open = f->f_op->open;
         if (open) {