From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 19C6DC30658 for ; Tue, 2 Jul 2024 17:18:06 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 935C06B0095; Tue, 2 Jul 2024 13:18:06 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 8BE2C6B0096; Tue, 2 Jul 2024 13:18:06 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 7384F6B0098; Tue, 2 Jul 2024 13:18:06 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id 517C26B0095 for ; Tue, 2 Jul 2024 13:18:06 -0400 (EDT) Received: from smtpin11.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay08.hostedemail.com (Postfix) with ESMTP id D009014043D for ; Tue, 2 Jul 2024 17:18:05 +0000 (UTC) X-FDA: 82295470530.11.320EBEC Received: from dfw.source.kernel.org (dfw.source.kernel.org [139.178.84.217]) by imf11.hostedemail.com (Postfix) with ESMTP id 9635840014 for ; Tue, 2 Jul 2024 17:18:03 +0000 (UTC) Authentication-Results: imf11.hostedemail.com; dkim=pass header.d=linuxfoundation.org header.s=korg header.b=IvCiZ+TA; spf=pass (imf11.hostedemail.com: domain of gregkh@linuxfoundation.org designates 139.178.84.217 as permitted sender) smtp.mailfrom=gregkh@linuxfoundation.org; dmarc=pass (policy=none) header.from=linuxfoundation.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1719940662; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=+AXDcJminmVF6Y1HjJOZb5ByIagS2CsMGEy+LxSdinI=; b=WFvRyh1hA+BPWYDx9OgGySieGhjP/ZdMA/+Uo9VrNQj1V+kFbNwEkq4mR+uX08SS185smw At5IEXrEY/Om0FnfuY7j+2+3IdTn5F8FveV9EXkX9IDjBOcIan8PqVXoeiQyuV+M+dZ2Df /elSVdw8zaGNNL6lfHJf9B3VmkzlALE= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1719940662; a=rsa-sha256; cv=none; b=deMRdXBt40Sl38APX6aiE3aRb7uYQDJOkQxupXXP1I3ZftGUkLY71WWVREYbDHtnr3Yd5j IMtPUEGAabngPVezvuVcGe7W8/xp91oyeqPmOy6GR/nLc5uy1/jCBAyCbQBB0Pnd91VGD5 WV/E7DoIJkId54CIGl8d4Jb3AtwRKtQ= ARC-Authentication-Results: i=1; imf11.hostedemail.com; dkim=pass header.d=linuxfoundation.org header.s=korg header.b=IvCiZ+TA; spf=pass (imf11.hostedemail.com: domain of gregkh@linuxfoundation.org designates 139.178.84.217 as permitted sender) smtp.mailfrom=gregkh@linuxfoundation.org; dmarc=pass (policy=none) header.from=linuxfoundation.org Received: from smtp.kernel.org (transwarp.subspace.kernel.org [100.75.92.58]) by dfw.source.kernel.org (Postfix) with ESMTP id 763E561F31; Tue, 2 Jul 2024 17:18:02 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 7A48FC116B1; Tue, 2 Jul 2024 17:18:01 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1719940682; bh=xYuhDM0qnN8IfxCRnGM/W7DHSuvjwI8r4s+KWI0SZ/0=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=IvCiZ+TAt9cpZRpRKauh2Acwidr+Q0221ErGsC2Z8KS9lCJshOPpD/BoEOWNnAzyy eTI55EkDpzLOYEg1NJncYAIx71bJjqgZhmIYlb3S7eCU6iMy2PpAptGQQM+AxQTNtb D5XGrJrhw/TDIE1zzM7ZOvZ6mpfD3fySyRkoPiAY= From: Greg Kroah-Hartman To: stable@vger.kernel.org Cc: Greg Kroah-Hartman , patches@lists.linux.dev, David Howells , Jeff Layton , Matthew Wilcox , netfs@lists.linux.dev, v9fs@lists.linux.dev, linux-afs@lists.infradead.org, linux-cifs@vger.kernel.org, linux-mm@kvack.org, linux-fsdevel@vger.kernel.org, Christian Brauner , Sasha Levin Subject: [PATCH 6.9 221/222] netfs: Fix netfs_page_mkwrite() to check folio->mapping is valid Date: Tue, 2 Jul 2024 19:04:19 +0200 Message-ID: <20240702170252.435728996@linuxfoundation.org> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20240702170243.963426416@linuxfoundation.org> References: <20240702170243.963426416@linuxfoundation.org> User-Agent: quilt/0.67 X-stable: review X-Patchwork-Hint: ignore MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 9635840014 X-Stat-Signature: winw7hmkqjrpkzs8h1xigz7mnzf41ke9 X-Rspamd-Server: rspam09 X-Rspam-User: X-HE-Tag: 1719940683-354317 X-HE-Meta: U2FsdGVkX19I5YRMUgaRU5oCCdcJLnNTvrRDa3vM4Bf1oyrrziy+0ATUSXvNKb50AD+z4bEONh1u09S+8kdWyMlisSi+NjluAcv0ol97vbxK4EQrzCyMLCh/bY3RBFLtAdj76DheAdX8Bs6BrFqDt3/dVR0kTmGgin75QANek9vt+d4TmtWpQ/6fmSaSAR8fnrmVRv3B+24RBWh21xSlxjJQJMNG6KNksaa+2jDUEdq/uwRJFpk8vxosvtRve6aGlfo9GVYAL9Ib9gERckgmknffegTHPc4QLONgha56M8pMrmWFXsvtfSv1b34xe2ByqjVl2nOnoLvpOu7Z3wPUyPL1khhsfAZ7XPE7cPDi+UeBb9qCuHhKh0y68B5i3aU4J10X1xaFkWzBBLxBmGy8OIqD8Ms7491EqFwzpPAuAabRE/fTBJDvFs+HJ6DucvJSGNwmGWMWK7D3ED5p3vXuZnnry3z0UKis2jxDNzUnYTx1hUl2rd75SK+c2J9q/YXZwJFB4jp6yXH7yhWDOxtKxMuKa3mEvTIwgtbD55jUogHb6eyzgHkk2F6biUWH6i4asdvAxOKZOKJGi+kik3xH55hAr/8WzvHzYv7wMX/A5t9LbInmpcJG5xIor6gKn3xoPM7YVX+ybP8ktLKs6uhwngUgGHA7fU/UP/vrCRewERQ5LCai852CANwsK2f3EhgKWuWhDUz6yy0LceFDUsYN4mRCzZhJf2cXukia9Xxi+w5Ahrf59YPrb3rNh3nL0QvhCJvd00/TYP61cGl0+lQxLw9u113094EWKHrKj3FWkSfXDPpcVhuFA1/Gq9mvj1flyrp4R9l+WM7uWcoeXoJ1eT83T9xi4vnlNEKemQ3+1ZY4R+hU3sjUO6N5mkdxLfqJG/luAknmWyNvHoJA7qreitCyXe80onCzARmfZ8GRGXXzZT67R5z3lhfDsYnu0vlFZqUEUDdMNjCLUTW3v52 p1TfTg0Q sakt4p5hl4v46fAALh6fynBY+ZhdcDyMYym6defoRok+/i+aoQsfo8Urrfi9kESnMSkGHsCtGwTGpSZhn7YxdsgzTp5jJ4RM6XS0/Yc/P3RHJMWtQEgDvq5DAw96ESvhYJNV0E/gTdnYObEQKh+QCqriwYziGFZ94nfB4zpKSrntJxTrlewNEO/09knpQjtywxvdeP4BgX2sNyyT5FAzR1FffhvJzpI0PvwJf+kZMPY/VNxSe7jk8E2cYCP/lvT7H5ZDR4Xa7xKQ2YECLryQIyCT664w5mnG7vQ8OzwwjBMWgCVHfPV+XYyVbAML0dFxA+hL+0Ux//jplLakoTa5fv6DKcpNQvC9Qntp57mRONkUnLUBoIJ07IxJWIw0hSwxQBtaP9f9/4QRVozML7GDIqNxhJNQFzX9pvz24QPhTzDz1KAnX+uL9zL/ivt04zl/bAj2bAVnDVYEt9B15fuF35gkllqkvBpkjHAyoJTmHw/IgOaWh8iYkk2FcvMaZVdb+n6sc9LmZQ+IEy6M= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: 6.9-stable review patch. If anyone has any objections, please let me know. ------------------ From: David Howells [ Upstream commit a81c98bfa40c11f8ea79b5a9b3f5fda73bfbb4d2 ] Fix netfs_page_mkwrite() to check that folio->mapping is valid once it has taken the folio lock (as filemap_page_mkwrite() does). Without this, generic/247 occasionally oopses with something like the following: BUG: kernel NULL pointer dereference, address: 0000000000000000 #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page RIP: 0010:trace_event_raw_event_netfs_folio+0x61/0xc0 ... Call Trace: ? __die_body+0x1a/0x60 ? page_fault_oops+0x6e/0xa0 ? exc_page_fault+0xc2/0xe0 ? asm_exc_page_fault+0x22/0x30 ? trace_event_raw_event_netfs_folio+0x61/0xc0 trace_netfs_folio+0x39/0x40 netfs_page_mkwrite+0x14c/0x1d0 do_page_mkwrite+0x50/0x90 do_pte_missing+0x184/0x200 __handle_mm_fault+0x42d/0x500 handle_mm_fault+0x121/0x1f0 do_user_addr_fault+0x23e/0x3c0 exc_page_fault+0xc2/0xe0 asm_exc_page_fault+0x22/0x30 This is due to the invalidate_inode_pages2_range() issued at the end of the DIO write interfering with the mmap'd writes. Fixes: 102a7e2c598c ("netfs: Allow buffered shared-writeable mmap through netfs_page_mkwrite()") Signed-off-by: David Howells Link: https://lore.kernel.org/r/780211.1719318546@warthog.procyon.org.uk Reviewed-by: Jeff Layton cc: Matthew Wilcox cc: Jeff Layton cc: netfs@lists.linux.dev cc: v9fs@lists.linux.dev cc: linux-afs@lists.infradead.org cc: linux-cifs@vger.kernel.org cc: linux-mm@kvack.org cc: linux-fsdevel@vger.kernel.org Signed-off-by: Christian Brauner Signed-off-by: Sasha Levin --- fs/netfs/buffered_write.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/fs/netfs/buffered_write.c b/fs/netfs/buffered_write.c index 912ad0a1df021..72e4fa233c526 100644 --- a/fs/netfs/buffered_write.c +++ b/fs/netfs/buffered_write.c @@ -507,6 +507,7 @@ vm_fault_t netfs_page_mkwrite(struct vm_fault *vmf, struct netfs_group *netfs_gr { struct folio *folio = page_folio(vmf->page); struct file *file = vmf->vma->vm_file; + struct address_space *mapping = file->f_mapping; struct inode *inode = file_inode(file); vm_fault_t ret = VM_FAULT_RETRY; int err; @@ -520,6 +521,11 @@ vm_fault_t netfs_page_mkwrite(struct vm_fault *vmf, struct netfs_group *netfs_gr if (folio_lock_killable(folio) < 0) goto out; + if (folio->mapping != mapping) { + folio_unlock(folio); + ret = VM_FAULT_NOPAGE; + goto out; + } /* Can we see a streaming write here? */ if (WARN_ON(!folio_test_uptodate(folio))) { @@ -529,7 +535,7 @@ vm_fault_t netfs_page_mkwrite(struct vm_fault *vmf, struct netfs_group *netfs_gr if (netfs_folio_group(folio) != netfs_group) { folio_unlock(folio); - err = filemap_fdatawait_range(inode->i_mapping, + err = filemap_fdatawait_range(mapping, folio_pos(folio), folio_pos(folio) + folio_size(folio)); switch (err) { -- 2.43.0