filemap: avoid truncating 64-bit offset to 32 bits

commit f505e6c91e7a22d10316665a86d79f84d9f0ba76 upstream.

On 32-bit kernels, folio_seek_hole_data() was inadvertently truncating a
64-bit value to 32 bits, leading to a possible infinite loop when writing
to an xfs filesystem.

Link: https://lkml.kernel.org/r/20250102190540.1356838-1-marco.nelissen@gmail.com
Fixes: 54fa39ac2e00 ("iomap: use mapping_seek_hole_data")
Signed-off-by: Marco Nelissen <marco.nelissen@gmail.com>
Cc: Matthew Wilcox (Oracle) <willy@infradead.org>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

diff --git a/mm/filemap.c b/mm/filemap.c
index b76deb24aeea0eaea07f0ec815fdd1ac222eefef..c71e86c12418ea39139ef6b24c1f96cafedf3d45 100644 (file)
--- a/mm/filemap.c
+++ b/mm/filemap.c
@@ -2818,7 +2818,7 @@ static inline loff_t page_seek_hole_data(struct xa_state *xas,
        do {
                if (ops->is_partially_uptodate(page, offset, bsz) == seek_data)
                        break;
-               start = (start + bsz) & ~(bsz - 1);
+               start = (start + bsz) & ~((u64)bsz - 1);
                offset += bsz;
        } while (offset < thp_size(page));
 unlock: