ovl: protect copying of realinode attributes to ovl inode

ovl_copyattr() may be called concurrently from aio completion context
without any lock and that could lead to overlay inode attributes getting
permanently out of sync with real inode attributes.

Use ovl inode spinlock to protect ovl_copyattr().

Signed-off-by: Amir Goldstein <amir73il@gmail.com>

diff --git a/fs/overlayfs/util.c b/fs/overlayfs/util.c
index 868afd8..4a9e7ef 100644 (file)
--- a/fs/overlayfs/util.c
+++ b/fs/overlayfs/util.c
@@ -1403,6 +1403,7 @@ void ovl_copyattr(struct inode *inode)
        realinode = ovl_i_path_real(inode, &realpath);
        real_idmap = mnt_idmap(realpath.mnt);
 
+       spin_lock(&inode->i_lock);
        vfsuid = i_uid_into_vfsuid(real_idmap, realinode);
        vfsgid = i_gid_into_vfsgid(real_idmap, realinode);
 
@@ -1413,4 +1414,5 @@ void ovl_copyattr(struct inode *inode)
        inode_set_mtime_to_ts(inode, inode_get_mtime(realinode));
        inode_set_ctime_to_ts(inode, inode_get_ctime(realinode));
        i_size_write(inode, i_size_read(realinode));
+       spin_unlock(&inode->i_lock);
 }