6.10-stable patches

added patches:
	revert-dm-verity-restart-or-panic-on-an-i-o-error.patch

diff --git a/queue-6.10/revert-dm-verity-restart-or-panic-on-an-i-o-error.patch b/queue-6.10/revert-dm-verity-restart-or-panic-on-an-i-o-error.patch
new file mode 100644 (file)
index 0000000..4b64aa9
--- /dev/null
+++ b/queue-6.10/revert-dm-verity-restart-or-panic-on-an-i-o-error.patch
@@ -0,0 +1,72 @@
+From 462763212dd71c41f092b48eaa352bc1f5ed5d66 Mon Sep 17 00:00:00 2001
+From: Mikulas Patocka <mpatocka@redhat.com>
+Date: Wed, 2 Oct 2024 15:56:18 +0200
+Subject: Revert: "dm-verity: restart or panic on an I/O error"
+
+From: Mikulas Patocka <mpatocka@redhat.com>
+
+commit 462763212dd71c41f092b48eaa352bc1f5ed5d66 upstream.
+
+This reverts commit e6a3531dd542cb127c8de32ab1e54a48ae19962b.
+
+The problem that the commit e6a3531dd542cb127c8de32ab1e54a48ae19962b
+fixes was reported as a security bug, but Google engineers working on
+Android and ChromeOS didn't want to change the default behavior, they
+want to get -EIO rather than restarting the system, so I am reverting
+that commit.
+
+Note also that calling machine_restart from the I/O handling code is
+potentially unsafe (the reboot notifiers may wait for the bio that
+triggered the restart), but Android uses the reboot notifiers to store
+the reboot reason into the PMU microcontroller, so machine_restart must
+be used.
+
+Signed-off-by: Mikulas Patocka <mpatocka@redhat.com>
+Cc: stable@vger.kernel.org
+Fixes: e6a3531dd542 ("dm-verity: restart or panic on an I/O error")
+Suggested-by: Sami Tolvanen <samitolvanen@google.com>
+Suggested-by: Will Drewry <wad@chromium.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ drivers/md/dm-verity-target.c |   23 ++---------------------
+ 1 file changed, 2 insertions(+), 21 deletions(-)
+
+--- a/drivers/md/dm-verity-target.c
++++ b/drivers/md/dm-verity-target.c
+@@ -265,10 +265,8 @@ out:
+       if (v->mode == DM_VERITY_MODE_LOGGING)
+               return 0;
+ 
+-      if (v->mode == DM_VERITY_MODE_RESTART) {
+-              pr_emerg("dm-verity device corrupted\n");
+-              emergency_restart();
+-      }
++      if (v->mode == DM_VERITY_MODE_RESTART)
++              kernel_restart("dm-verity device corrupted");
+ 
+       if (v->mode == DM_VERITY_MODE_PANIC)
+               panic("dm-verity device corrupted");
+@@ -693,23 +691,6 @@ static void verity_finish_io(struct dm_v
+       if (!static_branch_unlikely(&use_bh_wq_enabled) || !io->in_bh)
+               verity_fec_finish_io(io);
+ 
+-      if (unlikely(status != BLK_STS_OK) &&
+-          unlikely(!(bio->bi_opf & REQ_RAHEAD)) &&
+-          !verity_is_system_shutting_down()) {
+-              if (v->mode == DM_VERITY_MODE_RESTART ||
+-                  v->mode == DM_VERITY_MODE_PANIC)
+-                      DMERR_LIMIT("%s has error: %s", v->data_dev->name,
+-                                      blk_status_to_str(status));
+-
+-              if (v->mode == DM_VERITY_MODE_RESTART) {
+-                      pr_emerg("dm-verity device corrupted\n");
+-                      emergency_restart();
+-              }
+-
+-              if (v->mode == DM_VERITY_MODE_PANIC)
+-                      panic("dm-verity device corrupted");
+-      }
+-
+       bio_endio(bio);
+ }
+ 

diff --git a/queue-6.10/series b/queue-6.10/series
index ca7a5e691179fee35f61b12e7b7bad80a23c39c0..c4434bec1e8a43c3e880cb4db72084c3218d9d18 100644 (file)
--- a/queue-6.10/series
+++ b/queue-6.10/series
@@ -632,3 +632,4 @@ i2c-isch-add-missed-else.patch
 documentation-kvm-fix-warning-in-make-htmldocs.patch
 bpf-fix-use-after-free-in-bpf_uprobe_multi_link_attach.patch
 spi-atmel-quadspi-fix-wrong-register-value-written-to-mr.patch
+revert-dm-verity-restart-or-panic-on-an-i-o-error.patch