[PATCH 3.12 078/155] shmdt: use i_size_read() instead of ->i_size

From: Jiri Slaby
Date: Tue Apr 07 2015 - 08:56:45 EST

From: Dave Hansen <dave.hansen@xxxxxxxxxxxxxxx>

3.12-stable review patch. If anyone has any objections, please let me know.


commit 07a46ed27dc6344de831a450df82336270a157a9 upstream.

Andrew Morton noted


that the shmdt uses inode->i_size outside of i_mutex being held.
There is one more case in shm.c in shm_destroy(). This converts
both users over to use i_size_read().

Signed-off-by: Dave Hansen <dave.hansen@xxxxxxxxxxxxxxx>
Cc: Manfred Spraul <manfred@xxxxxxxxxxxxxxxx>
Cc: Davidlohr Bueso <dave@xxxxxxxxxxxx>
Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
Signed-off-by: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
Signed-off-by: Jiri Slaby <jslaby@xxxxxxx>
ipc/shm.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/ipc/shm.c b/ipc/shm.c
index b039a85e2b8d..623bc3877118 100644
--- a/ipc/shm.c
+++ b/ipc/shm.c
@@ -218,7 +218,8 @@ static void shm_destroy(struct ipc_namespace *ns, struct shmid_kernel *shp)
if (!is_file_hugepages(shm_file))
shmem_lock(shm_file, 0, shp->mlock_user);
else if (shp->mlock_user)
- user_shm_unlock(file_inode(shm_file)->i_size, shp->mlock_user);
+ user_shm_unlock(i_size_read(file_inode(shm_file)),
+ shp->mlock_user);
ipc_rcu_putref(shp, shm_rcu_free);
@@ -1278,7 +1279,7 @@ SYSCALL_DEFINE1(shmdt, char __user *, shmaddr)
* in the range we are unmapping.
file = vma->vm_file;
- size = file_inode(file)->i_size;
+ size = i_size_read(file_inode(vma->vm_file));
do_munmap(mm, vma->vm_start, vma->vm_end - vma->vm_start);
* We discovered the size of the shm segment, so

To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/