From: Anthony Romano <[email protected]>
3.12-stable review patch. If anyone has any objections, please let me know.
===============
commit b9b4bb26af017dbe930cd4df7f9b2fc3a0497bfe upstream.
When fallocate is interrupted it will undo a range that extends one byte
past its range of allocated pages. This can corrupt an in-use page by
zeroing out its first byte. Instead, undo using the inclusive byte
range.
Fixes: 1635f6a74152f1d ("tmpfs: undo fallocation on failure")
Link:
http://lkml.kernel.org/r/[email protected]
Signed-off-by: Anthony Romano <[email protected]>
Cc: Vlastimil Babka <[email protected]>
Cc: Hugh Dickins <[email protected]>
Cc: Brandon Philips <[email protected]>
Signed-off-by: Andrew Morton <[email protected]>
Signed-off-by: Linus Torvalds <[email protected]>
Signed-off-by: Jiri Slaby <[email protected]>
---
mm/shmem.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/mm/shmem.c b/mm/shmem.c
index e9502a67e300..ff42f161fc32 100644
--- a/mm/shmem.c
+++ b/mm/shmem.c
@@ -1897,7 +1897,7 @@ static long shmem_fallocate(struct file *file, int mode,
loff_t offset,
/* Remove the !PageUptodate pages we added */
shmem_undo_range(inode,
(loff_t)start << PAGE_CACHE_SHIFT,
- (loff_t)index << PAGE_CACHE_SHIFT, true);
+ ((loff_t)index << PAGE_CACHE_SHIFT) - 1, true);
goto undone;
}
--
2.9.3
