~hc/RK356X_SDK_RELEASE.git

..	..	@@ -391,25 +391,27 @@
391	391	goto out_drop_write;
392	392
393	393	err = enable_verity(filp, &arg);
394		- if (err)
395		- goto out_allow_write_access;
396	394
397	395	/*
398		- * Some pages of the file may have been evicted from pagecache after
399		- * being used in the Merkle tree construction, then read into pagecache
400		- * again by another process reading from the file concurrently. Since
401		- * these pages didn't undergo verification against the file digest which
402		- * fs-verity now claims to be enforcing, we have to wipe the pagecache
403		- * to ensure that all future reads are verified.
	396	+ * We no longer drop the inode's pagecache after enabling verity. This
	397	+ * used to be done to try to avoid a race condition where pages could be
	398	+ * evicted after being used in the Merkle tree construction, then
	399	+ * re-instantiated by a concurrent read. Such pages are unverified, and
	400	+ * the backing storage could have filled them with different content, so
	401	+ * they shouldn't be used to fulfill reads once verity is enabled.
	402	+ *
	403	+ * But, dropping the pagecache has a big performance impact, and it
	404	+ * doesn't fully solve the race condition anyway. So for those reasons,
	405	+ * and also because this race condition isn't very important relatively
	406	+ * speaking (especially for small-ish files, where the chance of a page
	407	+ * being used, evicted, and re-instantiated all while enabling verity
	408	+ * is quite small), we no longer drop the inode's pagecache.
404	409	*/
405		- filemap_write_and_wait(inode->i_mapping);
406		- invalidate_inode_pages2(inode->i_mapping);
407	410
408	411	/*
409	412	* allow_write_access() is needed to pair with deny_write_access().
410	413	* Regardless, the filesystem won't allow writing to verity files.
411	414	*/
412		-out_allow_write_access:
413	415	allow_write_access(filp);
414	416	out_drop_write:
415	417	mnt_drop_write_file(filp);