From: Greg Kroah-Hartman Date: Thu, 3 Oct 2024 07:19:54 +0000 (+0200) Subject: 6.6-stable patches X-Git-Tag: v6.6.54~3 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=c574942fb666e28b87e4880e9391d6f808afbfc2;p=thirdparty%2Fkernel%2Fstable-queue.git 6.6-stable patches added patches: revert-dm-verity-restart-or-panic-on-an-i-o-error.patch --- diff --git a/queue-6.6/revert-dm-verity-restart-or-panic-on-an-i-o-error.patch b/queue-6.6/revert-dm-verity-restart-or-panic-on-an-i-o-error.patch new file mode 100644 index 00000000000..da99938ee56 --- /dev/null +++ b/queue-6.6/revert-dm-verity-restart-or-panic-on-an-i-o-error.patch @@ -0,0 +1,72 @@ +From 462763212dd71c41f092b48eaa352bc1f5ed5d66 Mon Sep 17 00:00:00 2001 +From: Mikulas Patocka +Date: Wed, 2 Oct 2024 15:56:18 +0200 +Subject: Revert: "dm-verity: restart or panic on an I/O error" + +From: Mikulas Patocka + +commit 462763212dd71c41f092b48eaa352bc1f5ed5d66 upstream. + +This reverts commit e6a3531dd542cb127c8de32ab1e54a48ae19962b. + +The problem that the commit e6a3531dd542cb127c8de32ab1e54a48ae19962b +fixes was reported as a security bug, but Google engineers working on +Android and ChromeOS didn't want to change the default behavior, they +want to get -EIO rather than restarting the system, so I am reverting +that commit. + +Note also that calling machine_restart from the I/O handling code is +potentially unsafe (the reboot notifiers may wait for the bio that +triggered the restart), but Android uses the reboot notifiers to store +the reboot reason into the PMU microcontroller, so machine_restart must +be used. + +Signed-off-by: Mikulas Patocka +Cc: stable@vger.kernel.org +Fixes: e6a3531dd542 ("dm-verity: restart or panic on an I/O error") +Suggested-by: Sami Tolvanen +Suggested-by: Will Drewry +Signed-off-by: Greg Kroah-Hartman +--- + drivers/md/dm-verity-target.c | 23 ++--------------------- + 1 file changed, 2 insertions(+), 21 deletions(-) + +--- a/drivers/md/dm-verity-target.c ++++ b/drivers/md/dm-verity-target.c +@@ -264,10 +264,8 @@ out: + if (v->mode == DM_VERITY_MODE_LOGGING) + return 0; + +- if (v->mode == DM_VERITY_MODE_RESTART) { +- pr_emerg("dm-verity device corrupted\n"); +- emergency_restart(); +- } ++ if (v->mode == DM_VERITY_MODE_RESTART) ++ kernel_restart("dm-verity device corrupted"); + + if (v->mode == DM_VERITY_MODE_PANIC) + panic("dm-verity device corrupted"); +@@ -691,23 +689,6 @@ static void verity_finish_io(struct dm_v + if (!static_branch_unlikely(&use_tasklet_enabled) || !io->in_tasklet) + verity_fec_finish_io(io); + +- if (unlikely(status != BLK_STS_OK) && +- unlikely(!(bio->bi_opf & REQ_RAHEAD)) && +- !verity_is_system_shutting_down()) { +- if (v->mode == DM_VERITY_MODE_RESTART || +- v->mode == DM_VERITY_MODE_PANIC) +- DMERR_LIMIT("%s has error: %s", v->data_dev->name, +- blk_status_to_str(status)); +- +- if (v->mode == DM_VERITY_MODE_RESTART) { +- pr_emerg("dm-verity device corrupted\n"); +- emergency_restart(); +- } +- +- if (v->mode == DM_VERITY_MODE_PANIC) +- panic("dm-verity device corrupted"); +- } +- + bio_endio(bio); + } + diff --git a/queue-6.6/series b/queue-6.6/series index 37202c1cea6..1647b0c5275 100644 --- a/queue-6.6/series +++ b/queue-6.6/series @@ -530,3 +530,4 @@ thunderbolt-fix-minimum-allocated-usb-3.x-and-pcie-bandwidth.patch thunderbolt-fix-null-pointer-dereference-in-tb_port_update_credits.patch x86-tdx-fix-in-kernel-mmio-check.patch spi-atmel-quadspi-fix-wrong-register-value-written-to-mr.patch +revert-dm-verity-restart-or-panic-on-an-i-o-error.patch