From 422138dd68202fbd8ca9fb0df65e92d733249374 Mon Sep 17 00:00:00 2001
From: Dmitry Bazhenov <atrey@emcraft.com>
Date: Fri, 5 May 2006 22:46:49 +0100
Subject: [PATCH] [JFFS2] Fix race in setting file attributes

It seems like there is a potential race in the function jffs2_do_setattr()
in the case when attributes of a symlink are updated. The symlink metadata
is read without having f->sem locked.

The following patch should fix the race.

Signed-off-by: Dmitry Bazhenov <atrey@emcraft.com>
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
---
 fs/jffs2/fs.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/fs/jffs2/fs.c b/fs/jffs2/fs.c
index 09e5d10..ea1f37d 100644
--- a/fs/jffs2/fs.c
+++ b/fs/jffs2/fs.c
@@ -56,15 +56,20 @@ static int jffs2_do_setattr (struct inode *inode, struct iattr *iattr)
 		mdatalen = sizeof(dev);
 		D1(printk(KERN_DEBUG "jffs2_setattr(): Writing %d bytes of kdev_t\n", mdatalen));
 	} else if (S_ISLNK(inode->i_mode)) {
+		down(&f->sem);
 		mdatalen = f->metadata->size;
 		mdata = kmalloc(f->metadata->size, GFP_USER);
-		if (!mdata)
+		if (!mdata) {
+			up(&f->sem);
 			return -ENOMEM;
+		}
 		ret = jffs2_read_dnode(c, f, f->metadata, mdata, 0, mdatalen);
 		if (ret) {
+			up(&f->sem);
 			kfree(mdata);
 			return ret;
 		}
+		up(&f->sem);
 		D1(printk(KERN_DEBUG "jffs2_setattr(): Writing %d bytes of symlink target\n", mdatalen));
 	}
 
-- 
2.7.4