From 2a0a903a5eee287145b3ae6e31f5adbce0e7dcac Mon Sep 17 00:00:00 2001 From: Leah Rowe Date: Sun, 15 Mar 2026 01:43:35 +0000 Subject: nvmutil: stronger race-condition check on prw do it per read, in the fallback pread/pwrite per read/write that is Signed-off-by: Leah Rowe --- util/nvmutil/nvmutil.c | 39 ++++++++++++++++++++++----------------- 1 file changed, 22 insertions(+), 17 deletions(-) (limited to 'util/nvmutil') diff --git a/util/nvmutil/nvmutil.c b/util/nvmutil/nvmutil.c index a869e604..f1ea171b 100644 --- a/util/nvmutil/nvmutil.c +++ b/util/nvmutil/nvmutil.c @@ -2097,25 +2097,30 @@ real_pread_pwrite: return -1; } - verified = lseek_loop(fd, (off_t)0, SEEK_CUR, - loop_eagain, loop_eintr); + do { + /* + * Verify again before I/O + * (even with OFF_ERR) + * + * This implements the first check + * even with OFF_ERR, but without + * the recovery. On ERR_RESET, if + * the check fails again, then we + * know something else is touching + * the file, so it's best that we + * probably leave it alone and err. + * + * In other words, ERR_RESET only + * tolerates one change. Any more + * will cause an exit, including + * per EINTR/EAGAIN re-spin. + */ + verified = lseek_loop(fd, (off_t)0, SEEK_CUR, + loop_eagain, loop_eintr); - /* - * Verify again before I/O - * (even with OFF_ERR) - * - * This implements the first check - * even with OFF_ERR, but without - * the recovery. On ERR_RESET, if - * the check fails again, then we - * know something else is touching - * the file, so it's best that we - * probably leave it alone and err. - */ - if (verified != off) - goto err_prw; + if (verified != off) + goto err_prw; - do { if (rw_type == IO_PREAD) r = read(fd, mem, nrw); else if (rw_type == IO_PWRITE) -- cgit v1.2.1