udf: Fix deadlock in udf_release_file()
authorJan Kara <jack@suse.cz>
Mon, 20 Feb 2012 16:49:56 +0000 (17:49 +0100)
committerJan Kara <jack@suse.cz>
Wed, 29 Feb 2012 20:53:48 +0000 (21:53 +0100)
udf_release_file() can be called from munmap() path with mmap_sem held.  Thus
we cannot take i_mutex there because that ranks above mmap_sem. Luckily,
i_mutex is not needed in udf_release_file() anymore since protection by
i_data_sem is enough to protect from races with write and truncate.

CC: stable@vger.kernel.org (2.6.38 & later)
Reported-by: Al Viro <viro@ZenIV.linux.org.uk>
Reviewed-by: Namjae Jeon <linkinjeon@gmail.com>
Signed-off-by: Jan Kara <jack@suse.cz>
fs/udf/file.c

index dca0c3881e82df76352b4254c520b7bcc9ee2928..d567b8448dfca100c9c221488f86a3c3c4268cd7 100644 (file)
@@ -201,12 +201,10 @@ out:
 static int udf_release_file(struct inode *inode, struct file *filp)
 {
        if (filp->f_mode & FMODE_WRITE) {
-               mutex_lock(&inode->i_mutex);
                down_write(&UDF_I(inode)->i_data_sem);
                udf_discard_prealloc(inode);
                udf_truncate_tail_extent(inode);
                up_write(&UDF_I(inode)->i_data_sem);
-               mutex_unlock(&inode->i_mutex);
        }
        return 0;
 }