From: Huang Ying Date: Fri, 12 Sep 2014 11:21:11 +0000 (+0800) Subject: f2fs: fix a race condition in next_free_nid X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=c6e489305eb5ed029002b037e36800032a994bb4;p=GitHub%2FLineageOS%2FG12%2Fandroid_kernel_amlogic_linux-4.9.git f2fs: fix a race condition in next_free_nid The nm_i->fcnt checking is executed before spin_lock, so if another thread delete the last free_nid from the list, the wrong nid may be gotten. So fix the race condition by moving the nm_i->fnct checking into spin_lock. Signed-off-by: Huang, Ying Signed-off-by: Jaegeuk Kim --- diff --git a/fs/f2fs/node.h b/fs/f2fs/node.h index b24f588a0fe4..324917d757f7 100644 --- a/fs/f2fs/node.h +++ b/fs/f2fs/node.h @@ -115,9 +115,11 @@ static inline int next_free_nid(struct f2fs_sb_info *sbi, nid_t *nid) struct f2fs_nm_info *nm_i = NM_I(sbi); struct free_nid *fnid; - if (nm_i->fcnt <= 0) - return -1; spin_lock(&nm_i->free_nid_list_lock); + if (nm_i->fcnt <= 0) { + spin_unlock(&nm_i->free_nid_list_lock); + return -1; + } fnid = list_entry(nm_i->free_nid_list.next, struct free_nid, list); *nid = fnid->nid; spin_unlock(&nm_i->free_nid_list_lock);