xfs: Close race between direct IO and xfs_break_layouts()
authorDave Jiang <dave.jiang@intel.com>
Fri, 10 Aug 2018 15:48:18 +0000 (08:48 -0700)
committerDarrick J. Wong <darrick.wong@oracle.com>
Sun, 12 Aug 2018 15:37:31 +0000 (08:37 -0700)
commite25ff835af89a80aa6a4de58f413e494b2b96bd1
tree0fc0f6bd0cc21537f79509bba4761bb0f74696b3
parent13942aa94a8b5df662d93c42c307b2f50cbe88b0
xfs: Close race between direct IO and xfs_break_layouts()

This patch is the duplicate of ross's fix for ext4 for xfs.

If the refcount of a page is lowered between the time that it is returned
by dax_busy_page() and when the refcount is again checked in
xfs_break_layouts() => ___wait_var_event(), the waiting function
xfs_wait_dax_page() will never be called.  This means that
xfs_break_layouts() will still have 'retry' set to false, so we'll stop
looping and never check the refcount of other pages in this inode.

Instead, always continue looping as long as dax_layout_busy_page() gives us
a page which it found with an elevated refcount.

Signed-off-by: Dave Jiang <dave.jiang@intel.com>
Reviewed-by: Jan Kara <jack@suse.cz>
Reviewed-by: Darrick J. Wong <darrick.wong@oracle.com>
Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com>
fs/xfs/xfs_file.c