mirrors
/
linux-stable
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
1
0
Fork 0
Code Issues Releases Wiki Activity
linux-stable/fs
History
David Howells 6c46fa5689 afs: Fix infinite loop found by xfstest generic/676 
[ Upstream commit 17eabd4256 ]

In AFS, a directory is handled as a file that the client downloads and
parses locally for the purposes of performing lookup and getdents
operations.  The in-kernel afs filesystem has a number of functions that
do this.

A directory file is arranged as a series of 2K blocks divided into
32-byte slots, where a directory entry occupies one or more slots, plus
each block starts with one or more metadata blocks.

When parsing a block, if the last slots are occupied by a dirent that
occupies more than a single slot and the file position points at a slot
that's not the initial one, the logic in afs_dir_iterate_block() that
skips over it won't advance the file pointer to the end of it.  This
will cause an infinite loop in getdents() as it will keep retrying that
block and failing to advance beyond the final entry.

Fix this by advancing the file pointer if the next entry will be beyond
it when we skip a block.

This was found by the generic/676 xfstest but can also be triggered with
something like:

	~/xfstests-dev/src/t_readdir_3 /xfstest.test/z 4000 1

Fixes: 1da177e4c3 ("Linux-2.6.12-rc2")
Signed-off-by: David Howells <dhowells@redhat.com>
Reviewed-by: Marc Dionne <marc.dionne@auristor.com>
Tested-by: Marc Dionne <marc.dionne@auristor.com>
cc: linux-afs@lists.infradead.org
Link: http://lore.kernel.org/r/165391973497.110268.2939296942213894166.stgit@warthog.procyon.org.uk/
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
 		2022-06-14 18:41:25 +02:00
..
9p Revert "fs/9p: search open fids first" 2022-01-30 22:13:37 +09:00
adfs fs/adfs: remove unneeded variable make code cleaner 2022-01-20 08:52:55 +02:00
affs
afs afs: Fix infinite loop found by xfstest generic/676 2022-06-14 18:41:25 +02:00
autofs
befs
bfs
btrfs btrfs: fix anon_dev leak in create_subvol() 2022-06-09 10:25:28 +02:00
cachefiles cachefiles: Fix KASAN slab-out-of-bounds in cachefiles_set_volume_xattr 2022-04-20 09:36:13 +02:00
ceph ceph: fix decoding of client session messages flags 2022-06-09 10:26:30 +02:00
cifs SMB3: EBADF/EIO errors in rename/open caused by race condition in smb2_compound_op 2022-06-09 10:26:30 +02:00
coda coda: bump module version to 7.2 2021-11-09 10:02:51 -08:00
configfs configfs: fix a race in configfs_{,un}register_subsystem() 2022-02-22 18:30:28 +01:00
cramfs
crypto
debugfs debugfs: lockdown: Allow reading debugfs files that are not world readable 2022-01-06 15:47:41 +01:00
devpts fsnotify: fix fsnotify hooks in pseudo filesystems 2022-01-24 14:17:02 +01:00
dlm dlm: fix missing lkb refcount handling 2022-06-09 10:26:21 +02:00
ecryptfs fs: add is_idmapped_mnt() helper 2021-12-03 18:44:06 +01:00
efivarfs
efs
erofs erofs: fix buffer copy overflow of ztailpacking feature 2022-06-09 10:25:54 +02:00
exfat exfat: check if cluster num is valid 2022-06-06 08:47:51 +02:00
exportfs exportfs: support idmapped mounts 2022-06-09 10:26:32 +02:00
ext2 ext2: correct max file size computing 2022-04-08 13:58:12 +02:00
ext4 ext4: only allow test_dummy_encryption when supported 2022-06-09 10:26:31 +02:00
f2fs f2fs: fix to do sanity check for inline inode 2022-06-09 10:26:16 +02:00
fat fat: add ratelimit to fat*_ent_bread() 2022-06-09 10:25:33 +02:00
freevxfs
fscache fscache: Fix the volume collision wait condition 2022-01-21 21:36:28 +00:00
fuse fuse: fix pipe buffer lifetime for direct_io 2022-03-07 16:30:44 +01:00
gfs2 gfs2: use i_lock spin_lock for inode qadata 2022-06-09 10:25:31 +02:00
hfs Merge branch 'akpm' (patches from Andrew) 2021-11-09 10:11:53 -08:00
hfsplus hfsplus: use struct_group_attr() for memcpy() region 2022-01-20 08:52:54 +02:00
hostfs hostfs: Fix writeback of dirty pages 2021-12-21 21:44:27 +01:00
hpfs
hugetlbfs hugetlbfs: fix hugetlbfs_statfs() locking 2022-06-09 10:26:07 +02:00
iomap iomap: iomap_write_failed fix 2022-06-09 10:25:48 +02:00
isofs
jbd2 jbd2: fix a potential race while discarding reserved buffers after an abort 2022-04-27 14:41:16 +02:00
jffs2 jffs2: fix memory leak in jffs2_do_fill_super 2022-06-14 18:41:21 +02:00
jfs fs: jfs: fix possible NULL pointer dereference in dbFree() 2022-06-09 10:25:32 +02:00
kernfs kernfs: fix NULL dereferencing in kernfs_remove 2022-05-09 09:16:14 +02:00
ksmbd ksmbd: fix reference count leak in smb_check_perm_dacl() 2022-06-14 18:41:17 +02:00
lockd Notable bug fixes: 2022-02-02 10:14:31 -08:00
minix minix: fix bug when opening a file with O_DIRECT 2022-04-13 19:27:23 +02:00
netfs netfs: Make ops->init_rreq() optional 2022-01-21 21:36:28 +00:00
nfs NFSv4.1 mark qualified async operations as MOVEABLE tasks 2022-06-09 10:26:15 +02:00
nfs_common
nfsd nfsd: destroy percpu stats counters after reply cache shutdown 2022-06-09 10:26:10 +02:00
nilfs2 nilfs2: fix lockdep warnings during disk space reclamation 2022-05-25 09:59:02 +02:00
nls
notify fsnotify: fix wrong lockdep annotations 2022-06-09 10:25:43 +02:00
ntfs ntfs: add sanity check on allocation size 2022-04-08 13:58:41 +02:00
ntfs3 fs/ntfs3: Fix invalid free in log_replay 2022-06-09 10:26:32 +02:00
ocfs2 ocfs2: dlmfs: fix error handling of user_dlm_destroy_lock 2022-06-09 10:26:21 +02:00
omfs
openpromfs
orangefs orangefs: Fix the size of a memory allocation in orangefs_bufmap_alloc() 2021-12-31 14:37:43 -05:00
overlayfs overlayfs fixes for 5.17-rc3 2022-02-01 11:23:02 -08:00
proc proc: fix dentry/inode overinstantiating under /proc/${pid}/net 2022-06-09 10:26:06 +02:00
pstore pstore: Don't use semaphores in always-atomic-context code 2022-04-08 13:57:27 +02:00
qnx4
qnx6
quota quota: make dquot_quota_sync return errors from ->sync_fs 2022-01-30 08:59:47 -08:00
ramfs Merge branch 'akpm' (patches from Andrew) 2021-11-09 10:11:53 -08:00
reiserfs reiserfs: don't use congestion_wait() 2021-11-18 11:52:22 +01:00
romfs
smbfs_common smb3: add new defines from protocol specification 2022-01-18 16:50:47 -06:00
squashfs squashfs: provide backing_dev_info in order to disable read-ahead 2022-01-15 16:30:24 +02:00
sysfs
sysv sysv: use BUILD_BUG_ON instead of runtime check 2021-11-09 10:02:52 -08:00
tracefs tracefs: Set the group ownership in apply_options() not parse_options() 2022-02-25 21:05:04 -05:00
ubifs ubifs: rename_whiteout: correct old_dir size computing 2022-04-08 13:58:53 +02:00
udf udf: Avoid using stale lengthOfImpUse 2022-05-15 20:20:52 +02:00
ufs
unicode Fix from Christoph Hellwig merging the CONFIG_UNICODE_UTF8_DATA into the 2022-02-01 11:13:24 -08:00
vboxsf
verity
xfs Bug fixes for 5.17-rc4: 2022-02-26 09:53:19 -08:00
zonefs zonefs: Clear inode information flags on inode creation 2022-05-09 09:16:29 +02:00
Kconfig ksmbd: add support for key exchange 2022-02-04 00:12:22 -06:00
Kconfig.binfmt
Makefile Fix from Christoph Hellwig merging the CONFIG_UNICODE_UTF8_DATA into the 2022-02-01 11:13:24 -08:00
aio.c aio: move aio sysctl to aio.c 2022-01-22 08:33:34 +02:00
anon_inodes.c
attr.c fs: handle circular mappings correctly 2021-11-17 09:26:09 +01:00
bad_inode.c
binfmt_aout.c
binfmt_elf.c revert "fs/binfmt_elf: use PT_LOAD p_align values for static PIE" 2022-04-20 09:36:24 +02:00
binfmt_elf_fdpic.c coredump: Snapshot the vmas in do_coredump 2022-04-08 13:59:04 +02:00
binfmt_flat.c binfmt_flat: do not stop relocating GOT entries prematurely on riscv 2022-06-09 10:25:12 +02:00
binfmt_misc.c Fix regression due to "fs: move binfmt_misc sysctl to its own file" 2022-02-09 09:50:02 -08:00
binfmt_script.c
buffer.c mm: fs: fix lru_cache_disabled race in bh_lru 2022-04-08 13:57:19 +02:00
char_dev.c
compat_binfmt_elf.c
coredump.c coredump: Use the vma snapshot in fill_files_note 2022-04-08 13:59:04 +02:00
d_path.c d_path: fix Kernel doc validator complaining 2021-11-06 13:30:32 -07:00
dax.c dax: fix cache flush on PMD-mapped pages 2022-06-09 10:26:04 +02:00
dcache.c fs: move dcache sysctls to its own file 2022-01-22 08:33:36 +02:00
direct-io.c
drop_caches.c
eventfd.c
eventpoll.c eventpoll: simplify sysctl declaration with register_sysctl() 2022-01-22 08:33:35 +02:00
exec.c kthread: Don't allocate kthread_struct for init and umh 2022-06-09 10:25:16 +02:00
fcntl.c
fhandle.c
file.c fs: fix fd table size alignment properly 2022-04-08 13:58:35 +02:00
file_table.c SUNRPC: Ensure we flush any closed sockets before xs_xprt_free() 2022-04-13 19:27:40 +02:00
filesystems.c
fs-writeback.c fs-writeback: writeback_sb_inodes:Recalculate 'wrote' according skipped pages 2022-06-09 10:26:17 +02:00
fs_context.c vfs: fs_context: fix up param length parsing in legacy_parse_param 2022-01-18 09:23:19 +02:00
fs_parser.c fs_parse: allow parameter value to be empty 2021-12-09 14:09:36 -05:00
fs_pin.c
fs_struct.c
fs_types.c
fsopen.c
init.c
inode.c fs: move inode sysctls to its own file 2022-01-22 08:33:35 +02:00
internal.h fs/buffer: Convert __block_write_begin_int() to take a folio 2021-12-16 15:49:51 -05:00
io-wq.c io_uring-5.17-2022-01-21 2022-01-21 16:07:21 +02:00
io-wq.h io_uring: stop using io_wq_work as an fd placeholder 2022-04-20 09:36:15 +02:00
io_uring.c io_uring: only wake when the correct events are set 2022-06-09 10:25:53 +02:00
ioctl.c fs: fix an infinite loop in iomap_fiemap 2022-05-25 09:59:01 +02:00
kernel_read_file.c
libfs.c unicode: clean up the Kconfig symbol confusion 2022-01-20 19:57:24 -05:00
locks.c fs: move locking sysctls where they are used 2022-01-22 08:33:36 +02:00
mbcache.c
mount.h
mpage.c mm: remove cleancache 2022-01-22 08:33:38 +02:00
namei.c fs: add two trivial lookup helpers 2022-06-09 10:26:32 +02:00
namespace.c fs: add kernel doc for mnt_{hold,unhold}_writers() 2022-02-14 08:35:32 +01:00
no-block.c
nsfs.c
open.c fs: support mapped mounts of mapped filesystems 2021-12-05 10:28:57 +01:00
pipe.c pipe: Fix missing lock in pipe_resize_ring() 2022-06-06 08:47:51 +02:00
pnode.c
pnode.h
posix_acl.c fs: fix acl translation 2022-04-27 14:41:14 +02:00
proc_namespace.c fs: add is_idmapped_mnt() helper 2021-12-03 18:44:06 +01:00
read_write.c
readdir.c
remap_range.c fs: Convert vfs_dedupe_file_range_compare to folios 2022-01-08 00:28:41 -05:00
select.c select: Fix indefinitely sleeping task in poll_schedule_timeout() 2022-01-11 09:03:05 -08:00
seq_file.c rxrpc: Fix locking issue 2022-06-09 10:25:57 +02:00
signalfd.c Merge branch 'signal-for-v5.17' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace 2022-01-17 05:49:30 +02:00
splice.c
stack.c
stat.c stat: fix inconsistency between struct stat and struct compat_stat 2022-04-27 14:41:10 +02:00
statfs.c
super.c vfs: make freeze_super abort when sync_filesystem returns error 2022-01-30 08:59:47 -08:00
sync.c vfs: make sync_filesystem return errors from ->sync_fs 2022-01-30 08:59:47 -08:00
sysctls.c fs: move namespace sysctls and declare fs base directory 2022-01-22 08:33:36 +02:00
timerfd.c
userfaultfd.c mm: refactor vm_area_struct::anon_vma_name usage code 2022-03-05 11:08:32 -08:00
utimes.c
xattr.c fs: fix acl translation 2022-04-27 14:41:14 +02:00