[PATCH v2] reiserfs: Fix inode mutex - reiserfs lock misordering

[Frederic Weisbecker]

reiserfs_unpack() locks the inode mutex with
reiserfs_mutex_lock_safe() to protect against reiserfs lock
dependency. However this protection requires to have the
reiserfs lock to be locked.

This is the case if reiserfs_unpack() is called by reiserfs_ioctl
but not from reiserfs_quota_on() when it tries to unpack tails of
quota files.

Fix the ordering of the two locks in reiserfs_unpack() to
fix this issue.

Reported-by: Markus Gapp <markus.gapp@xxxxxxx>
Reported-by: Jan Kara <jack@xxxxxxx>
Signed-off-by: Frederic Weisbecker <fweisbec@xxxxxxxxx>
Cc: 2.6.36.x <stable@xxxxxxxxxx>
---
 fs/reiserfs/ioctl.c |    7 +++----
 1 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/fs/reiserfs/ioctl.c b/fs/reiserfs/ioctl.c
index adf22b4..d2a7955 100644
--- a/fs/reiserfs/ioctl.c
+++ b/fs/reiserfs/ioctl.c
@@ -184,12 +184,11 @@ int reiserfs_unpack(struct inode *inode, struct file *filp)
 		return 0;
 	}
 
-	/* we need to make sure nobody is changing the file size beneath
-	 ** us
-	 */
-	reiserfs_mutex_lock_safe(&inode->i_mutex, inode->i_sb);
 	depth = reiserfs_write_lock_once(inode->i_sb);
 
+	/* we need to make sure nobody is changing the file size beneath us */
+	reiserfs_mutex_lock_safe(&inode->i_mutex, inode->i_sb);
+
 	write_from = inode->i_size & (blocksize - 1);
 	/* if we are on a block boundary, we are already unpacked.  */
 	if (write_from == 0) {
-- 
1.6.2.3

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/