Update inode under range lock

After a successful write the inode must be updated under the range
lock.  If it is updated after dropping the lock there exists a race
where the znode and inode wile disagree about the file size.  This
could result in narrow window of time where read(2) is able to access
data beyond what fstat(2) reports as the file size.

Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Ned Bass <bass6@llnl.gov>
Closes #3601

diff --git a/module/zfs/zfs_vnops.c b/module/zfs/zfs_vnops.c
index 7780fe902eb61d15449eefaeb2a45072daf7f88f..d69b34f18e928eb042d6f809abb8b055d979a2be 100644 (file)
--- a/module/zfs/zfs_vnops.c
+++ b/module/zfs/zfs_vnops.c
@@ -897,6 +897,7 @@ zfs_write(struct inode *ip, uio_t *uio, int ioflag, cred_t *cr)
                        uio_prefaultpages(MIN(n, max_blksz), uio);
        }
 
+       zfs_inode_update(zp);
        zfs_range_unlock(rl);
 
        /*
@@ -912,7 +913,6 @@ zfs_write(struct inode *ip, uio_t *uio, int ioflag, cred_t *cr)
            zsb->z_os->os_sync == ZFS_SYNC_ALWAYS)
                zil_commit(zilog, zp->z_id);
 
-       zfs_inode_update(zp);
        ZFS_EXIT(zsb);
        return (0);
 }