On Sun, Apr 12, 2020 at 06:10:24PM -0700, Darrick J. Wong wrote:
> From: Darrick J. Wong <darrick.wong@xxxxxxxxxx>
>
> In the reflink extent remap function, it turns out that uirec (the block
> mapping corresponding only to the part of the passed-in mapping that got
> unmapped) was not fully initialized. Specifically, br_state was not
> being copied from the passed-in struct to the uirec. This could lead to
> unpredictable results such as the reflinked mapping being marked
> unwritten in the destination file.
>
> Fixes: 862bb360ef569 ("xfs: reflink extents from one file to another")
> Signed-off-by: Darrick J. Wong <darrick.wong@xxxxxxxxxx>
> ---
Reviewed-by: Brian Foster <bfoster@xxxxxxxxxx>
> fs/xfs/xfs_reflink.c | 1 +
> 1 file changed, 1 insertion(+)
>
>
> diff --git a/fs/xfs/xfs_reflink.c b/fs/xfs/xfs_reflink.c
> index b0ce04ffd3cd..107bf2a2f344 100644
> --- a/fs/xfs/xfs_reflink.c
> +++ b/fs/xfs/xfs_reflink.c
> @@ -1051,6 +1051,7 @@ xfs_reflink_remap_extent(
> uirec.br_startblock = irec->br_startblock + rlen;
> uirec.br_startoff = irec->br_startoff + rlen;
> uirec.br_blockcount = unmap_len - rlen;
> + uirec.br_state = irec->br_state;
> unmap_len = rlen;
>
> /* If this isn't a real mapping, we're done. */
>
