diff options
author | Chris Mason <mason@suse.com> | 2006-08-05 15:15:10 -0400 |
---|---|---|
committer | Linus Torvalds <torvalds@g5.osdl.org> | 2006-08-06 11:57:49 -0400 |
commit | b4c76fa721c7c8a43655a74e508870d21d2e26d3 (patch) | |
tree | b8c69298a29e3476413da922f7fd6c13cb750f83 | |
parent | b5f3953c10b27fcd1c83e199e573b41d8327e22e (diff) |
[PATCH] reiserfs_write_full_page() should not get_block past eof
reiserfs_write_full_page does zero bytes in the file past eof, but it may
call get_block on those buffers as well. On machines where the page size
is larger than the blocksize, this can result in mmaped files incorrectly
growing up to a block boundary during writepage.
The fix is to avoid calling get_block for any blocks that are entirely past
eof
Signed-off-by: Chris Mason <mason@suse.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
-rw-r--r-- | fs/reiserfs/inode.c | 14 |
1 files changed, 12 insertions, 2 deletions
diff --git a/fs/reiserfs/inode.c b/fs/reiserfs/inode.c index ac57305b1afc..52f1e2136546 100644 --- a/fs/reiserfs/inode.c +++ b/fs/reiserfs/inode.c | |||
@@ -2340,6 +2340,7 @@ static int reiserfs_write_full_page(struct page *page, | |||
2340 | unsigned long end_index = inode->i_size >> PAGE_CACHE_SHIFT; | 2340 | unsigned long end_index = inode->i_size >> PAGE_CACHE_SHIFT; |
2341 | int error = 0; | 2341 | int error = 0; |
2342 | unsigned long block; | 2342 | unsigned long block; |
2343 | sector_t last_block; | ||
2343 | struct buffer_head *head, *bh; | 2344 | struct buffer_head *head, *bh; |
2344 | int partial = 0; | 2345 | int partial = 0; |
2345 | int nr = 0; | 2346 | int nr = 0; |
@@ -2387,10 +2388,19 @@ static int reiserfs_write_full_page(struct page *page, | |||
2387 | } | 2388 | } |
2388 | bh = head; | 2389 | bh = head; |
2389 | block = page->index << (PAGE_CACHE_SHIFT - s->s_blocksize_bits); | 2390 | block = page->index << (PAGE_CACHE_SHIFT - s->s_blocksize_bits); |
2391 | last_block = (i_size_read(inode) - 1) >> inode->i_blkbits; | ||
2390 | /* first map all the buffers, logging any direct items we find */ | 2392 | /* first map all the buffers, logging any direct items we find */ |
2391 | do { | 2393 | do { |
2392 | if ((checked || buffer_dirty(bh)) && (!buffer_mapped(bh) || | 2394 | if (block > last_block) { |
2393 | (buffer_mapped(bh) | 2395 | /* |
2396 | * This can happen when the block size is less than | ||
2397 | * the page size. The corresponding bytes in the page | ||
2398 | * were zero filled above | ||
2399 | */ | ||
2400 | clear_buffer_dirty(bh); | ||
2401 | set_buffer_uptodate(bh); | ||
2402 | } else if ((checked || buffer_dirty(bh)) && | ||
2403 | (!buffer_mapped(bh) || (buffer_mapped(bh) | ||
2394 | && bh->b_blocknr == | 2404 | && bh->b_blocknr == |
2395 | 0))) { | 2405 | 0))) { |
2396 | /* not mapped yet, or it points to a direct item, search | 2406 | /* not mapped yet, or it points to a direct item, search |