From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Tue, 30 Apr 2024 07:58:58 +0000 (+0200)
Subject: 4.19-stable patches
X-Git-Tag: v4.19.313~19
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=b7ec74a73a6006376492ad76d82f5f9f1a204671;p=thirdparty%2Fkernel%2Fstable-queue.git

4.19-stable patches

added patches:
	revert-loop-remove-sector_t-truncation-checks.patch
	revert-y2038-rusage-use-__kernel_old_timeval.patch
---

diff --git a/queue-4.19/revert-loop-remove-sector_t-truncation-checks.patch b/queue-4.19/revert-loop-remove-sector_t-truncation-checks.patch
new file mode 100644
index 00000000000..02750e8850d
--- /dev/null
+++ b/queue-4.19/revert-loop-remove-sector_t-truncation-checks.patch
@@ -0,0 +1,92 @@
+From ben@decadent.org.uk  Tue Apr 30 09:49:44 2024
+From: Ben Hutchings <ben@decadent.org.uk>
+Date: Mon, 29 Apr 2024 23:40:53 +0200
+Subject: Revert "loop: Remove sector_t truncation checks"
+To: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+Cc: stable@vger.kernel.org, patches@lists.linux.dev, Martijn Coenen <maco@android.com>, Christoph Hellwig <hch@lst.de>, Jens Axboe <axboe@kernel.dk>, Genjian Zhang <zhanggenjian@kylinos.cn>
+Message-ID: <ZjAT5UeQ8fc7CY0w@decadent.org.uk>
+Content-Disposition: inline
+
+From: Ben Hutchings <ben@decadent.org.uk>
+
+This reverts commit f92a3b0d003b9f7eb1f452598966a08802183f47, which
+was commit 083a6a50783ef54256eec3499e6575237e0e3d53 upstream.  In 4.19
+there is still an option to use 32-bit sector_t on 32-bit
+architectures, so we need to keep checking for truncation.
+
+Since loop_set_status() was refactored by subsequent patches, this
+reintroduces its truncation check in loop_set_status_from_info()
+instead.
+
+I tested that the loop ioctl operations have the expected behaviour on
+x86_64, x86_32 with CONFIG_LBDAF=y, and (the special case) x86_32 with
+CONFIG_LBDAF=n.
+
+Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ drivers/block/loop.c |   19 +++++++++++++++----
+ 1 file changed, 15 insertions(+), 4 deletions(-)
+
+--- a/drivers/block/loop.c
++++ b/drivers/block/loop.c
+@@ -243,12 +243,16 @@ static void loop_set_size(struct loop_de
+ 	kobject_uevent(&disk_to_dev(bdev->bd_disk)->kobj, KOBJ_CHANGE);
+ }
+ 
+-static void
++static int
+ figure_loop_size(struct loop_device *lo, loff_t offset, loff_t sizelimit)
+ {
+ 	loff_t size = get_size(offset, sizelimit, lo->lo_backing_file);
++	sector_t x = (sector_t)size;
+ 
++	if (unlikely((loff_t)x != size))
++		return -EFBIG;
+ 	loop_set_size(lo, size);
++	return 0;
+ }
+ 
+ static inline int
+@@ -996,7 +1000,10 @@ static int loop_set_fd(struct loop_devic
+ 	    !file->f_op->write_iter)
+ 		lo_flags |= LO_FLAGS_READ_ONLY;
+ 
++	error = -EFBIG;
+ 	size = get_loop_size(lo, file);
++	if ((loff_t)(sector_t)size != size)
++		goto out_unlock;
+ 
+ 	error = loop_prepare_queue(lo);
+ 	if (error)
+@@ -1246,6 +1253,7 @@ loop_set_status_from_info(struct loop_de
+ 	int err;
+ 	struct loop_func_table *xfer;
+ 	kuid_t uid = current_uid();
++	loff_t new_size;
+ 
+ 	if ((unsigned int) info->lo_encrypt_key_size > LO_KEY_SIZE)
+ 		return -EINVAL;
+@@ -1273,6 +1281,11 @@ loop_set_status_from_info(struct loop_de
+ 	if (info->lo_offset > LLONG_MAX || info->lo_sizelimit > LLONG_MAX)
+ 		return -EOVERFLOW;
+ 
++	new_size = get_size(info->lo_offset, info->lo_sizelimit,
++			    lo->lo_backing_file);
++	if ((loff_t)(sector_t)new_size != new_size)
++		return -EFBIG;
++
+ 	lo->lo_offset = info->lo_offset;
+ 	lo->lo_sizelimit = info->lo_sizelimit;
+ 
+@@ -1531,9 +1544,7 @@ static int loop_set_capacity(struct loop
+ 	if (unlikely(lo->lo_state != Lo_bound))
+ 		return -ENXIO;
+ 
+-	figure_loop_size(lo, lo->lo_offset, lo->lo_sizelimit);
+-
+-	return 0;
++	return figure_loop_size(lo, lo->lo_offset, lo->lo_sizelimit);
+ }
+ 
+ static int loop_set_dio(struct loop_device *lo, unsigned long arg)
diff --git a/queue-4.19/revert-y2038-rusage-use-__kernel_old_timeval.patch b/queue-4.19/revert-y2038-rusage-use-__kernel_old_timeval.patch
new file mode 100644
index 00000000000..b87abbc2b10
--- /dev/null
+++ b/queue-4.19/revert-y2038-rusage-use-__kernel_old_timeval.patch
@@ -0,0 +1,64 @@
+From ben@decadent.org.uk  Tue Apr 30 09:50:12 2024
+From: Ben Hutchings <ben@decadent.org.uk>
+Date: Mon, 29 Apr 2024 23:44:50 +0200
+Subject: Revert "y2038: rusage: use __kernel_old_timeval"
+To: Greg KH <gregkh@linuxfoundation.org>, Guenter Roeck <linux@roeck-us.net>
+Cc: Sasha Levin <sashal@kernel.org>, linux-kernel@vger.kernel.org, stable@vger.kernel.org, torvalds@linux-foundation.org, akpm@linux-foundation.org, shuah@kernel.org, patches@kernelci.org, lkft-triage@lists.linaro.org, pavel@denx.de
+Message-ID: <ZjAU0hFgBDotATCy@decadent.org.uk>
+Content-Disposition: inline
+
+From: Ben Hutchings <ben@decadent.org.uk>
+
+This reverts commit d5e38d6b84d6d21a4f8a4f555a0908b6d9ffe224, which
+was commit bdd565f817a74b9e30edec108f7cb1dbc762b8a6 upstream.  It
+broke the build for alpha and that can't be fixed without backporting
+other more intrusive y2038 changes.
+
+This was not a completely clean revert as the affected code in
+getrusage() was moved by subsequent changes.
+
+Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ arch/alpha/kernel/osf_sys.c   |    2 +-
+ include/uapi/linux/resource.h |    4 ++--
+ kernel/sys.c                  |    4 ++--
+ 3 files changed, 5 insertions(+), 5 deletions(-)
+
+--- a/arch/alpha/kernel/osf_sys.c
++++ b/arch/alpha/kernel/osf_sys.c
+@@ -964,7 +964,7 @@ put_tv32(struct timeval32 __user *o, str
+ }
+ 
+ static inline long
+-put_tv_to_tv32(struct timeval32 __user *o, struct __kernel_old_timeval *i)
++put_tv_to_tv32(struct timeval32 __user *o, struct timeval *i)
+ {
+ 	return copy_to_user(o, &(struct timeval32){
+ 				.tv_sec = i->tv_sec,
+--- a/include/uapi/linux/resource.h
++++ b/include/uapi/linux/resource.h
+@@ -22,8 +22,8 @@
+ #define	RUSAGE_THREAD	1		/* only the calling thread */
+ 
+ struct	rusage {
+-	struct __kernel_old_timeval ru_utime;	/* user time used */
+-	struct __kernel_old_timeval ru_stime;	/* system time used */
++	struct timeval ru_utime;	/* user time used */
++	struct timeval ru_stime;	/* system time used */
+ 	__kernel_long_t	ru_maxrss;	/* maximum resident set size */
+ 	__kernel_long_t	ru_ixrss;	/* integral shared memory size */
+ 	__kernel_long_t	ru_idrss;	/* integral unshared data size */
+--- a/kernel/sys.c
++++ b/kernel/sys.c
+@@ -1795,8 +1795,8 @@ out_thread:
+ 
+ out_children:
+ 	r->ru_maxrss = maxrss * (PAGE_SIZE / 1024); /* convert pages to KBs */
+-	r->ru_utime = ns_to_kernel_old_timeval(utime);
+-	r->ru_stime = ns_to_kernel_old_timeval(stime);
++	r->ru_utime = ns_to_timeval(utime);
++	r->ru_stime = ns_to_timeval(stime);
+ }
+ 
+ SYSCALL_DEFINE2(getrusage, int, who, struct rusage __user *, ru)
diff --git a/queue-4.19/series b/queue-4.19/series
index 4e9f60d9d0a..edbf8afcdc1 100644
--- a/queue-4.19/series
+++ b/queue-4.19/series
@@ -71,3 +71,5 @@ dmaengine-owl-fix-register-access-functions.patch
 idma64-don-t-try-to-serve-interrupts-when-device-is-.patch
 i2c-smbus-fix-null-function-pointer-dereference.patch
 hid-i2c-hid-remove-i2c_hid_read_pending-flag-to-prevent-lock-up.patch
+revert-loop-remove-sector_t-truncation-checks.patch
+revert-y2038-rusage-use-__kernel_old_timeval.patch