From: Greg Kroah-Hartman Date: Thu, 25 Jul 2024 13:47:36 +0000 (+0200) Subject: 4.19-stable patches X-Git-Tag: v4.19.319~18 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=426313f3a610875314ad0fd0901caf49f7ed8ebb;p=thirdparty%2Fkernel%2Fstable-queue.git 4.19-stable patches added patches: filelock-fix-fcntl-close-race-recovery-compat-path.patch --- diff --git a/queue-4.19/filelock-fix-fcntl-close-race-recovery-compat-path.patch b/queue-4.19/filelock-fix-fcntl-close-race-recovery-compat-path.patch new file mode 100644 index 00000000000..932d54e1fb4 --- /dev/null +++ b/queue-4.19/filelock-fix-fcntl-close-race-recovery-compat-path.patch @@ -0,0 +1,54 @@ +From f8138f2ad2f745b9a1c696a05b749eabe44337ea Mon Sep 17 00:00:00 2001 +From: Jann Horn +Date: Tue, 23 Jul 2024 17:03:56 +0200 +Subject: filelock: Fix fcntl/close race recovery compat path + +From: Jann Horn + +commit f8138f2ad2f745b9a1c696a05b749eabe44337ea upstream. + +When I wrote commit 3cad1bc01041 ("filelock: Remove locks reliably when +fcntl/close race is detected"), I missed that there are two copies of the +code I was patching: The normal version, and the version for 64-bit offsets +on 32-bit kernels. +Thanks to Greg KH for stumbling over this while doing the stable +backport... + +Apply exactly the same fix to the compat path for 32-bit kernels. + +Fixes: c293621bbf67 ("[PATCH] stale POSIX lock handling") +Cc: stable@kernel.org +Link: https://bugs.chromium.org/p/project-zero/issues/detail?id=2563 +Signed-off-by: Jann Horn +Link: https://lore.kernel.org/r/20240723-fs-lock-recover-compatfix-v1-1-148096719529@google.com +Signed-off-by: Christian Brauner +Signed-off-by: Greg Kroah-Hartman +--- + fs/locks.c | 9 ++++----- + 1 file changed, 4 insertions(+), 5 deletions(-) + +--- a/fs/locks.c ++++ b/fs/locks.c +@@ -2427,8 +2427,9 @@ int fcntl_setlk64(unsigned int fd, struc + error = do_lock_file_wait(filp, cmd, file_lock); + + /* +- * Attempt to detect a close/fcntl race and recover by releasing the +- * lock that was just acquired. There is no need to do that when we're ++ * Detect close/fcntl races and recover by zapping all POSIX locks ++ * associated with this file and our files_struct, just like on ++ * filp_flush(). There is no need to do that when we're + * unlocking though, or for OFD locks. + */ + if (!error && file_lock->fl_type != F_UNLCK && +@@ -2442,9 +2443,7 @@ int fcntl_setlk64(unsigned int fd, struc + f = fcheck(fd); + spin_unlock(¤t->files->file_lock); + if (f != filp) { +- file_lock->fl_type = F_UNLCK; +- error = do_lock_file_wait(filp, cmd, file_lock); +- WARN_ON_ONCE(error); ++ locks_remove_posix(filp, ¤t->files); + error = -EBADF; + } + } diff --git a/queue-4.19/series b/queue-4.19/series index 556489cb7bd..390046a8d8d 100644 --- a/queue-4.19/series +++ b/queue-4.19/series @@ -30,3 +30,4 @@ acpi-processor_idle-fix-invalid-comparison-with-insertion-sort-for-latency.patch net-relax-socket-state-check-at-accept-time.patch ocfs2-add-bounds-checking-to-ocfs2_check_dir_entry.patch jfs-don-t-walk-off-the-end-of-ealist.patch +filelock-fix-fcntl-close-race-recovery-compat-path.patch