Commit f098aeba authored Mar 14, 2025 by Yeongjin Gil Committed by Jaegeuk Kim Mar 17, 2025

f2fs: fix to avoid atomicity corruption of atomic file



In the case of the following call stack for an atomic file,
FI_DIRTY_INODE is set, but FI_ATOMIC_DIRTIED is not subsequently set.

f2fs_file_write_iter
  f2fs_map_blocks
    f2fs_reserve_new_blocks
      inc_valid_block_count
        __mark_inode_dirty(dquot)
          f2fs_dirty_inode

If FI_ATOMIC_DIRTIED is not set, atomic file can encounter corruption
due to a mismatch between old file size and new data.

To resolve this issue, I changed to set FI_ATOMIC_DIRTIED when
FI_DIRTY_INODE is set. This ensures that FI_DIRTY_INODE, which was
previously cleared by the Writeback thread during the commit atomic, is
set and i_size is updated.

Cc: <stable@vger.kernel.org>
Fixes: fccaa81d ("f2fs: prevent atomic file from being dirtied before commit")
Reviewed-by: Sungjong Seo <sj1557.seo@samsung.com>
Reviewed-by: Sunmin Jeong <s_min.jeong@samsung.com>
Signed-off-by: Yeongjin Gil <youngjin.gil@samsung.com>
Reviewed-by: Daeho Jeong <daehojeong@google.com>
Reviewed-by: Chao Yu <chao@kernel.org>
Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>

parent 71e9bd3d

fs/f2fs/inode.c

+1 −3

Original line number	Diff line number	Diff line
		@@ -34,10 +34,8 @@ void f2fs_mark_inode_dirty_sync(struct inode *inode, bool sync)
		if (f2fs_inode_dirtied(inode, sync))
		return;

		if (f2fs_is_atomic_file(inode)) {
		set_inode_flag(inode, FI_ATOMIC_DIRTIED);
		if (f2fs_is_atomic_file(inode))
		return;
		}

		mark_inode_dirty_sync(inode);
		}

fs/f2fs/super.c

+4 −0

Original line number	Diff line number	Diff line
		@@ -1530,6 +1530,10 @@ int f2fs_inode_dirtied(struct inode *inode, bool sync)
		inc_page_count(sbi, F2FS_DIRTY_IMETA);
		}
		spin_unlock(&sbi->inode_lock[DIRTY_META]);

		if (!ret && f2fs_is_atomic_file(inode))
		set_inode_flag(inode, FI_ATOMIC_DIRTIED);

		return ret;
		}