Fix shmem_splice_read() to use the inode from in->f_mapping->host rather than file_inode(in) and to skip the splice if it starts after s_maxbytes, analogously with fixes to filemap_splice_read(). Fixes: bd194b187115 ("shmem: Implement splice-read") Signed-off-by: David Howells <dhowells@xxxxxxxxxx> cc: Hugh Dickins <hughd@xxxxxxxxxx> cc: Christoph Hellwig <hch@xxxxxx> cc: Jens Axboe <axboe@xxxxxxxxx> cc: Al Viro <viro@xxxxxxxxxxxxxxxxxx> cc: John Hubbard <jhubbard@xxxxxxxxxx> cc: David Hildenbrand <david@xxxxxxxxxx> cc: Matthew Wilcox <willy@xxxxxxxxxxxxx> cc: Chuck Lever <chuck.lever@xxxxxxxxxx> cc: linux-block@xxxxxxxxxxxxxxx cc: linux-fsdevel@xxxxxxxxxxxxxxx cc: linux-mm@xxxxxxxxx --- mm/shmem.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/mm/shmem.c b/mm/shmem.c index 0164cccdcd71..8a16d4c7092b 100644 --- a/mm/shmem.c +++ b/mm/shmem.c @@ -2780,13 +2780,16 @@ static ssize_t shmem_file_splice_read(struct file *in, loff_t *ppos, struct pipe_inode_info *pipe, size_t len, unsigned int flags) { - struct inode *inode = file_inode(in); + struct inode *inode = in->f_mapping->host; struct address_space *mapping = inode->i_mapping; struct folio *folio = NULL; size_t total_spliced = 0, used, npages, n, part; loff_t isize; int error = 0; + if (unlikely(*ppos >= inode->i_sb->s_maxbytes)) + return 0; + /* Work out how much data we can actually add into the pipe */ used = pipe_occupancy(pipe->head, pipe->tail); npages = max_t(ssize_t, pipe->max_usage - used, 0);