From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Wed, 6 Nov 2024 07:00:52 +0000 (+0100)
Subject: 4.19-stable patches
X-Git-Tag: v4.19.323~45
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=d353fca2f3440e35a21e94fe7a11d418899ef232;p=thirdparty%2Fkernel%2Fstable-queue.git

4.19-stable patches

added patches:
	nilfs2-fix-kernel-bug-due-to-missing-clearing-of-checked-flag.patch
---

diff --git a/queue-4.19/nilfs2-fix-kernel-bug-due-to-missing-clearing-of-checked-flag.patch b/queue-4.19/nilfs2-fix-kernel-bug-due-to-missing-clearing-of-checked-flag.patch
new file mode 100644
index 00000000000..a3e90fec3df
--- /dev/null
+++ b/queue-4.19/nilfs2-fix-kernel-bug-due-to-missing-clearing-of-checked-flag.patch
@@ -0,0 +1,45 @@
+From 41e192ad2779cae0102879612dfe46726e4396aa Mon Sep 17 00:00:00 2001
+From: Ryusuke Konishi <konishi.ryusuke@gmail.com>
+Date: Fri, 18 Oct 2024 04:33:10 +0900
+Subject: nilfs2: fix kernel bug due to missing clearing of checked flag
+
+From: Ryusuke Konishi <konishi.ryusuke@gmail.com>
+
+commit 41e192ad2779cae0102879612dfe46726e4396aa upstream.
+
+Syzbot reported that in directory operations after nilfs2 detects
+filesystem corruption and degrades to read-only,
+__block_write_begin_int(), which is called to prepare block writes, may
+fail the BUG_ON check for accesses exceeding the folio/page size,
+triggering a kernel bug.
+
+This was found to be because the "checked" flag of a page/folio was not
+cleared when it was discarded by nilfs2's own routine, which causes the
+sanity check of directory entries to be skipped when the directory
+page/folio is reloaded.  So, fix that.
+
+This was necessary when the use of nilfs2's own page discard routine was
+applied to more than just metadata files.
+
+Link: https://lkml.kernel.org/r/20241017193359.5051-1-konishi.ryusuke@gmail.com
+Fixes: 8c26c4e2694a ("nilfs2: fix issue with flush kernel thread after remount in RO mode because of driver's internal error or metadata corruption")
+Signed-off-by: Ryusuke Konishi <konishi.ryusuke@gmail.com>
+Reported-by: syzbot+d6ca2daf692c7a82f959@syzkaller.appspotmail.com
+Closes: https://syzkaller.appspot.com/bug?extid=d6ca2daf692c7a82f959
+Cc: <stable@vger.kernel.org>
+Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ fs/nilfs2/page.c |    1 +
+ 1 file changed, 1 insertion(+)
+
+--- a/fs/nilfs2/page.c
++++ b/fs/nilfs2/page.c
+@@ -407,6 +407,7 @@ void nilfs_clear_dirty_page(struct page
+ 
+ 	ClearPageUptodate(page);
+ 	ClearPageMappedToDisk(page);
++	ClearPageChecked(page);
+ 
+ 	if (page_has_buffers(page)) {
+ 		struct buffer_head *bh, *head;
diff --git a/queue-4.19/series b/queue-4.19/series
index d6ca2d14cc2..14934492f36 100644
--- a/queue-4.19/series
+++ b/queue-4.19/series
@@ -345,3 +345,4 @@ wifi-ath10k-fix-memory-leak-in-management-tx.patch
 wifi-iwlegacy-clear-stale-interrupts-before-resuming-device.patch
 nilfs2-fix-potential-deadlock-with-newly-created-symlinks.patch
 ocfs2-pass-u64-to-ocfs2_truncate_inline-maybe-overfl.patch
+nilfs2-fix-kernel-bug-due-to-missing-clearing-of-checked-flag.patch