From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Mon, 22 Mar 2021 09:49:50 +0000 (+0100)
Subject: 4.4-stable patches
X-Git-Tag: v4.4.263~20
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=b8a460d24cafaaecb573498cdae9579fec261cd4;p=thirdparty%2Fkernel%2Fstable-queue.git

4.4-stable patches

added patches:
	ext4-find-old-entry-again-if-failed-to-rename-whiteout.patch
	ext4-fix-potential-error-in-ext4_do_update_inode.patch
---

diff --git a/queue-4.4/ext4-find-old-entry-again-if-failed-to-rename-whiteout.patch b/queue-4.4/ext4-find-old-entry-again-if-failed-to-rename-whiteout.patch
new file mode 100644
index 00000000000..e7c26170264
--- /dev/null
+++ b/queue-4.4/ext4-find-old-entry-again-if-failed-to-rename-whiteout.patch
@@ -0,0 +1,73 @@
+From b7ff91fd030dc9d72ed91b1aab36e445a003af4f Mon Sep 17 00:00:00 2001
+From: "zhangyi (F)" <yi.zhang@huawei.com>
+Date: Wed, 3 Mar 2021 21:17:02 +0800
+Subject: ext4: find old entry again if failed to rename whiteout
+
+From: zhangyi (F) <yi.zhang@huawei.com>
+
+commit b7ff91fd030dc9d72ed91b1aab36e445a003af4f upstream.
+
+If we failed to add new entry on rename whiteout, we cannot reset the
+old->de entry directly, because the old->de could have moved from under
+us during make indexed dir. So find the old entry again before reset is
+needed, otherwise it may corrupt the filesystem as below.
+
+  /dev/sda: Entry '00000001' in ??? (12) has deleted/unused inode 15. CLEARED.
+  /dev/sda: Unattached inode 75
+  /dev/sda: UNEXPECTED INCONSISTENCY; RUN fsck MANUALLY.
+
+Fixes: 6b4b8e6b4ad ("ext4: fix bug for rename with RENAME_WHITEOUT")
+Cc: stable@vger.kernel.org
+Signed-off-by: zhangyi (F) <yi.zhang@huawei.com>
+Link: https://lore.kernel.org/r/20210303131703.330415-1-yi.zhang@huawei.com
+Signed-off-by: Theodore Ts'o <tytso@mit.edu>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ fs/ext4/namei.c |   29 +++++++++++++++++++++++++++--
+ 1 file changed, 27 insertions(+), 2 deletions(-)
+
+--- a/fs/ext4/namei.c
++++ b/fs/ext4/namei.c
+@@ -3375,6 +3375,31 @@ static int ext4_setent(handle_t *handle,
+ 	return 0;
+ }
+ 
++static void ext4_resetent(handle_t *handle, struct ext4_renament *ent,
++			  unsigned ino, unsigned file_type)
++{
++	struct ext4_renament old = *ent;
++	int retval = 0;
++
++	/*
++	 * old->de could have moved from under us during make indexed dir,
++	 * so the old->de may no longer valid and need to find it again
++	 * before reset old inode info.
++	 */
++	old.bh = ext4_find_entry(old.dir, &old.dentry->d_name, &old.de, NULL);
++	if (IS_ERR(old.bh))
++		retval = PTR_ERR(old.bh);
++	if (!old.bh)
++		retval = -ENOENT;
++	if (retval) {
++		ext4_std_error(old.dir->i_sb, retval);
++		return;
++	}
++
++	ext4_setent(handle, &old, ino, file_type);
++	brelse(old.bh);
++}
++
+ static int ext4_find_delete_entry(handle_t *handle, struct inode *dir,
+ 				  const struct qstr *d_name)
+ {
+@@ -3674,8 +3699,8 @@ static int ext4_rename(struct inode *old
+ end_rename:
+ 	if (whiteout) {
+ 		if (retval) {
+-			ext4_setent(handle, &old,
+-				old.inode->i_ino, old_file_type);
++			ext4_resetent(handle, &old,
++				      old.inode->i_ino, old_file_type);
+ 			drop_nlink(whiteout);
+ 		}
+ 		unlock_new_inode(whiteout);
diff --git a/queue-4.4/ext4-fix-potential-error-in-ext4_do_update_inode.patch b/queue-4.4/ext4-fix-potential-error-in-ext4_do_update_inode.patch
new file mode 100644
index 00000000000..c32069fde6e
--- /dev/null
+++ b/queue-4.4/ext4-fix-potential-error-in-ext4_do_update_inode.patch
@@ -0,0 +1,47 @@
+From 7d8bd3c76da1d94b85e6c9b7007e20e980bfcfe6 Mon Sep 17 00:00:00 2001
+From: Shijie Luo <luoshijie1@huawei.com>
+Date: Fri, 12 Mar 2021 01:50:51 -0500
+Subject: ext4: fix potential error in ext4_do_update_inode
+
+From: Shijie Luo <luoshijie1@huawei.com>
+
+commit 7d8bd3c76da1d94b85e6c9b7007e20e980bfcfe6 upstream.
+
+If set_large_file = 1 and errors occur in ext4_handle_dirty_metadata(),
+the error code will be overridden, go to out_brelse to avoid this
+situation.
+
+Signed-off-by: Shijie Luo <luoshijie1@huawei.com>
+Link: https://lore.kernel.org/r/20210312065051.36314-1-luoshijie1@huawei.com
+Cc: stable@kernel.org
+Reviewed-by: Jan Kara <jack@suse.cz>
+Signed-off-by: Theodore Ts'o <tytso@mit.edu>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ fs/ext4/inode.c |    8 ++++----
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+
+--- a/fs/ext4/inode.c
++++ b/fs/ext4/inode.c
+@@ -4626,7 +4626,7 @@ static int ext4_do_update_inode(handle_t
+ 	struct ext4_inode_info *ei = EXT4_I(inode);
+ 	struct buffer_head *bh = iloc->bh;
+ 	struct super_block *sb = inode->i_sb;
+-	int err = 0, rc, block;
++	int err = 0, block;
+ 	int need_datasync = 0, set_large_file = 0;
+ 	uid_t i_uid;
+ 	gid_t i_gid;
+@@ -4726,9 +4726,9 @@ static int ext4_do_update_inode(handle_t
+ 					      bh->b_data);
+ 
+ 	BUFFER_TRACE(bh, "call ext4_handle_dirty_metadata");
+-	rc = ext4_handle_dirty_metadata(handle, NULL, bh);
+-	if (!err)
+-		err = rc;
++	err = ext4_handle_dirty_metadata(handle, NULL, bh);
++	if (err)
++		goto out_brelse;
+ 	ext4_clear_inode_state(inode, EXT4_STATE_NEW);
+ 	if (set_large_file) {
+ 		BUFFER_TRACE(EXT4_SB(sb)->s_sbh, "get write access");
diff --git a/queue-4.4/series b/queue-4.4/series
index c6c93456e1b..0dad3b8dfe7 100644
--- a/queue-4.4/series
+++ b/queue-4.4/series
@@ -9,3 +9,5 @@ usb-replace-hardcode-maximum-usb-string-length-by-definition.patch
 usb-gadget-configfs-fix-kasan-use-after-free.patch
 pci-rpadlpar-fix-potential-drc_name-corruption-in-store-functions.patch
 x86-ioapic-ignore-irq2-again.patch
+ext4-find-old-entry-again-if-failed-to-rename-whiteout.patch
+ext4-fix-potential-error-in-ext4_do_update_inode.patch