On Fri, Oct 19, 2018 at 11:28:53AM -0400, Olga Kornievskaia wrote: > From: Anna Schumaker <Anna.Schumaker@xxxxxxxxxx> I have some idea we've had some discussion about this before, but if so I've forgotten the conclusion. Could we have more of a changelog?: - isn't there a race condition, or is there something preventing the file size from changing here? - why are we doing this? Does this change the behavior of copy_file_range()? --b. > > Signed-off-by: Anna Schumaker <Anna.Schumaker@xxxxxxxxxx> > --- > fs/read_write.c | 3 +++ > 1 file changed, 3 insertions(+) > > diff --git a/fs/read_write.c b/fs/read_write.c > index 39b4a21..c60790f 100644 > --- a/fs/read_write.c > +++ b/fs/read_write.c > @@ -1570,6 +1570,9 @@ ssize_t vfs_copy_file_range(struct file *file_in, loff_t pos_in, > if (unlikely(ret)) > return ret; > > + if (pos_in >= i_size_read(inode_in)) > + return -EINVAL; > + > if (!(file_in->f_mode & FMODE_READ) || > !(file_out->f_mode & FMODE_WRITE) || > (file_out->f_flags & O_APPEND)) > -- > 1.8.3.1
