From c7cb43b8ff1a8e5aa642d713bb8bc7df439f116c Mon Sep 17 00:00:00 2001
From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Mon, 24 Jan 2022 16:44:12 +0100
Subject: [PATCH] update fuse changes for 4.19

---
 queue-4.19/fuse-fix-bad-inode.patch           | 67 ++++++++++++++++---
 .../fuse-fix-live-lock-in-fuse_iget.patch     | 13 ++--
 queue-4.19/series                             |  4 +-
 3 files changed, 66 insertions(+), 18 deletions(-)

diff --git a/queue-4.19/fuse-fix-bad-inode.patch b/queue-4.19/fuse-fix-bad-inode.patch
index a565ca7b7bc..84ee8511938 100644
--- a/queue-4.19/fuse-fix-bad-inode.patch
+++ b/queue-4.19/fuse-fix-bad-inode.patch
@@ -1,7 +1,11 @@
-From 5d069dbe8aaf2a197142558b6fb2978189ba3454 Mon Sep 17 00:00:00 2001
-From: Miklos Szeredi <mszeredi@redhat.com>
-Date: Thu, 10 Dec 2020 15:33:14 +0100
+From foo@baz Mon Jan 24 04:43:15 PM CET 2022
+From: Ben Hutchings <ben@decadent.org.uk>
+Date: Mon, 24 Jan 2022 16:17:18 +0100
 Subject: fuse: fix bad inode
+To: stable@vger.kernel.org
+Cc: Miklos Szeredi <mszeredi@redhat.com>, Jan Kara <jack@suse.cz>
+Message-ID: <Ye7C/r2HAXqKeg/7@decadent.org.uk>
+Content-Disposition: inline
 
 From: Miklos Szeredi <mszeredi@redhat.com>
 
@@ -29,17 +33,21 @@ Reported-by: syzbot+f427adf9324b92652ccc@syzkaller.appspotmail.com
 Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
 Tested-by: Jan Kara <jack@suse.cz>
 Cc: <stable@vger.kernel.org>
-[adjusted for missing fs/fuse/readdir.c and changes in fuse_evict_inode() in 4.14]
-Signed-off-by: Samuel Mendoza-Jonas <samjonas@amazon.com>
+[bwh: Backported to 4.19:
+ - Drop changes in fuse_dir_fsync(), fuse_readahead(), fuse_evict_inode()
+ - In fuse_get_link(), return ERR_PTR(-EIO) for bad inodes
+ - Convert some additional calls to is_bad_inode()
+ - Adjust filename, context]
+Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
 Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 ---
  fs/fuse/acl.c    |    6 ++++++
- fs/fuse/dir.c    |   37 ++++++++++++++++++++++++++++++++-----
- fs/fuse/file.c   |   21 +++++++++++++++------
+ fs/fuse/dir.c    |   40 +++++++++++++++++++++++++++++++++++-----
+ fs/fuse/file.c   |   27 ++++++++++++++++++---------
  fs/fuse/fuse_i.h |   12 ++++++++++++
  fs/fuse/inode.c  |    2 +-
  fs/fuse/xattr.c  |    9 +++++++++
- 6 files changed, 75 insertions(+), 12 deletions(-)
+ 6 files changed, 81 insertions(+), 15 deletions(-)
 
 --- a/fs/fuse/acl.c
 +++ b/fs/fuse/acl.c
@@ -171,7 +179,17 @@ Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
  		return -EIO;
  
  	req = fuse_get_req(fc, 1);
-@@ -1718,7 +1739,7 @@ int fuse_do_setattr(struct dentry *dentr
+@@ -1420,6 +1441,9 @@ static const char *fuse_get_link(struct
+ 	if (!dentry)
+ 		return ERR_PTR(-ECHILD);
+ 
++	if (fuse_is_bad(inode))
++		return ERR_PTR(-EIO);
++
+ 	link = kmalloc(PAGE_SIZE, GFP_KERNEL);
+ 	if (!link)
+ 		return ERR_PTR(-ENOMEM);
+@@ -1718,7 +1742,7 @@ int fuse_do_setattr(struct dentry *dentr
  
  	if (fuse_invalid_attr(&outarg.attr) ||
  	    (inode->i_mode ^ outarg.attr.mode) & S_IFMT) {
@@ -180,7 +198,7 @@ Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
  		err = -EIO;
  		goto error;
  	}
-@@ -1774,6 +1795,9 @@ static int fuse_setattr(struct dentry *e
+@@ -1774,6 +1798,9 @@ static int fuse_setattr(struct dentry *e
  	struct file *file = (attr->ia_valid & ATTR_FILE) ? attr->ia_file : NULL;
  	int ret;
  
@@ -190,7 +208,7 @@ Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
  	if (!fuse_allow_current_process(get_fuse_conn(inode)))
  		return -EACCES;
  
-@@ -1832,6 +1856,9 @@ static int fuse_getattr(const struct pat
+@@ -1832,6 +1859,9 @@ static int fuse_getattr(const struct pat
  	struct inode *inode = d_inode(path->dentry);
  	struct fuse_conn *fc = get_fuse_conn(inode);
  
@@ -258,6 +276,15 @@ Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
  	/*
  	 * In auto invalidate mode, always update attributes on read.
  	 * Otherwise, only update if we attempt to read past EOF (to ensure
+@@ -1131,7 +1137,7 @@ static ssize_t fuse_perform_write(struct
+ 	int err = 0;
+ 	ssize_t res = 0;
+ 
+-	if (is_bad_inode(inode))
++	if (fuse_is_bad(inode))
+ 		return -EIO;
+ 
+ 	if (inode->i_size < pos + iov_iter_count(ii))
 @@ -1188,6 +1194,9 @@ static ssize_t fuse_file_write_iter(stru
  	ssize_t err;
  	loff_t endbyte = 0;
@@ -268,6 +295,24 @@ Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
  	if (get_fuse_conn(inode)->writeback_cache) {
  		/* Update size (EOF optimization) and mode (SUID clearing) */
  		err = fuse_update_attributes(mapping->host, file);
+@@ -1424,7 +1433,7 @@ static ssize_t __fuse_direct_read(struct
+ 	ssize_t res;
+ 	struct inode *inode = file_inode(io->iocb->ki_filp);
+ 
+-	if (is_bad_inode(inode))
++	if (fuse_is_bad(inode))
+ 		return -EIO;
+ 
+ 	res = fuse_direct_io(io, iter, ppos, 0);
+@@ -1446,7 +1455,7 @@ static ssize_t fuse_direct_write_iter(st
+ 	struct fuse_io_priv io = FUSE_IO_PRIV_SYNC(iocb);
+ 	ssize_t res;
+ 
+-	if (is_bad_inode(inode))
++	if (fuse_is_bad(inode))
+ 		return -EIO;
+ 
+ 	/* Don't allow parallel writes to the same file */
 @@ -1920,7 +1929,7 @@ static int fuse_writepages(struct addres
  	int err;
  
diff --git a/queue-4.19/fuse-fix-live-lock-in-fuse_iget.patch b/queue-4.19/fuse-fix-live-lock-in-fuse_iget.patch
index 275dbc1bf77..a9c5488107a 100644
--- a/queue-4.19/fuse-fix-live-lock-in-fuse_iget.patch
+++ b/queue-4.19/fuse-fix-live-lock-in-fuse_iget.patch
@@ -1,7 +1,11 @@
-From 775c5033a0d164622d9d10dd0f0a5531639ed3ed Mon Sep 17 00:00:00 2001
-From: Amir Goldstein <amir73il@gmail.com>
-Date: Thu, 4 Mar 2021 11:09:12 +0200
+From foo@baz Mon Jan 24 04:43:15 PM CET 2022
+From: Ben Hutchings <ben@decadent.org.uk>
+Date: Mon, 24 Jan 2022 16:18:28 +0100
 Subject: fuse: fix live lock in fuse_iget()
+To: stable@vger.kernel.org
+Cc: Amir Goldstein <amir73il@gmail.com>, Miklos Szeredi <mszeredi@redhat.com>, Jan Kara <jack@suse.cz>
+Message-ID: <Ye7DRM+jxoaske8/@decadent.org.uk>
+Content-Disposition: inline
 
 From: Amir Goldstein <amir73il@gmail.com>
 
@@ -32,10 +36,9 @@ kmsg snip:
 [ ]  fuse_iget+0x96/0x1b0
 
 Fixes: 5d069dbe8aaf ("fuse: fix bad inode")
-Cc: stable@vger.kernel.org # 5.10+
 Signed-off-by: Amir Goldstein <amir73il@gmail.com>
 Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
-Signed-off-by: Samuel Mendoza-Jonas <samjonas@amazon.com>
+Signed-off-by: Ben Hutchings <ben@decadent.org.uk>
 Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 ---
  fs/fuse/fuse_i.h |    1 +
diff --git a/queue-4.19/series b/queue-4.19/series
index 05b066e1016..357bf7009cf 100644
--- a/queue-4.19/series
+++ b/queue-4.19/series
@@ -207,8 +207,6 @@ ext4-don-t-use-the-orphan-list-when-migrating-an-inode.patch
 crypto-stm32-crc32-fix-kernel-bug-triggered-in-probe.patch
 asoc-dpcm-prevent-snd_soc_dpcm-use-after-free.patch
 regulator-core-let-boot-on-regulators-be-powered-off.patch
-fuse-fix-bad-inode.patch
-fuse-fix-live-lock-in-fuse_iget.patch
 drm-radeon-fix-error-handling-in-radeon_driver_open_kms.patch
 arm-dts-fix-vcsi-regulator-to-be-always-on-for-droid4-to-prevent-hangs.patch
 firmware-update-kconfig-help-text-for-google-firmware.patch
@@ -238,3 +236,5 @@ scripts-dtc-dtx_diff-remove-broken-example-from-help-text.patch
 lib82596-fix-irq-check-in-sni_82596_probe.patch
 mtd-nand-bbt-fix-corner-case-in-bad-block-table-handling.patch
 mips-s390-sh-sparc-gup-work-around-the-cow-can-break-either-way-issue.patch
+fuse-fix-bad-inode.patch
+fuse-fix-live-lock-in-fuse_iget.patch
-- 
2.47.2