From 8c66f86b421c36b6d031b5261939ca3ee94b89a0 Mon Sep 17 00:00:00 2001
From: Jaegeuk Kim <jaegeuk@kernel.org>
Date: Mon, 30 Aug 2021 13:30:45 -0700
Subject: [PATCH] f2fs: should put a page beyond EOF when preparing a write
Git-commit: 9605f75cf36e0bcc0f4ada07b5be712d30107607
Patch-mainline: v5.15-rc1
References: stable-5.14.6

[ Upstream commit 9605f75cf36e0bcc0f4ada07b5be712d30107607 ]

The prepare_compress_overwrite() gets/locks a page to prepare a read, and calls
f2fs_read_multi_pages() which checks EOF first. If there's any page beyond EOF,
we unlock the page and set cc->rpages[i] = NULL, which we can't put the page
anymore. This makes page leak, so let's fix by putting that page.

Fixes: a949dc5f2c5c ("f2fs: compress: fix race condition of overwrite vs truncate")
Reviewed-by: Chao Yu <chao@kernel.org>
Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Acked-by: Takashi Iwai <tiwai@suse.de>

---
 fs/f2fs/data.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/fs/f2fs/data.c b/fs/f2fs/data.c
index f2498e4ad89d..a86f004c0c07 100644
--- a/fs/f2fs/data.c
+++ b/fs/f2fs/data.c
@@ -2153,6 +2153,8 @@ int f2fs_read_multi_pages(struct compress_ctx *cc, struct bio **bio_ret,
 			continue;
 		}
 		unlock_page(page);
+		if (for_write)
+			put_page(page);
 		cc->rpages[i] = NULL;
 		cc->nr_rpages--;
 	}
-- 
2.26.2