From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id E996EC02193 for ; Thu, 30 Jan 2025 09:00:05 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 18799280279; Thu, 30 Jan 2025 04:00:04 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 0C3532800CF; Thu, 30 Jan 2025 04:00:03 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id D1E72280279; Thu, 30 Jan 2025 04:00:03 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id ACE6D2800CF for ; Thu, 30 Jan 2025 04:00:03 -0500 (EST) Received: from smtpin14.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay03.hostedemail.com (Postfix) with ESMTP id 2DA0EA0B9B for ; Thu, 30 Jan 2025 09:00:03 +0000 (UTC) X-FDA: 83063521086.14.BFE3E16 Received: from nyc.source.kernel.org (nyc.source.kernel.org [147.75.193.91]) by imf11.hostedemail.com (Postfix) with ESMTP id 8803840006 for ; Thu, 30 Jan 2025 09:00:01 +0000 (UTC) Authentication-Results: imf11.hostedemail.com; dkim=pass header.d=linuxfoundation.org header.s=korg header.b=WEaBFcz2; spf=pass (imf11.hostedemail.com: domain of gregkh@linuxfoundation.org designates 147.75.193.91 as permitted sender) smtp.mailfrom=gregkh@linuxfoundation.org; dmarc=pass (policy=none) header.from=linuxfoundation.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1738227601; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:dkim-signature; bh=sbWVbKqqhIiUzV8Oza0SDFJWfYeS8gVo+/oFkqNi43w=; b=BBXjc7g053UQcJJMo21Vo6pfc/DJhbsWE9vE09F2DulGq4F6G9m9UudWuZ9kxSLeknxzNJ cgWEZNVF/5h2rzyAwilq38mgGLkYKPLThMBu1ZnRmL4BYhH40P4CfrnZEog+Qnsx4sUhkh xztNX24kq1HCcSB/pRvdALwIUhL316I= ARC-Authentication-Results: i=1; imf11.hostedemail.com; dkim=pass header.d=linuxfoundation.org header.s=korg header.b=WEaBFcz2; spf=pass (imf11.hostedemail.com: domain of gregkh@linuxfoundation.org designates 147.75.193.91 as permitted sender) smtp.mailfrom=gregkh@linuxfoundation.org; dmarc=pass (policy=none) header.from=linuxfoundation.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1738227601; a=rsa-sha256; cv=none; b=Qp8+8LC6PF6sgHR4J4IPrAYhqWvB5eZpzfxDBNZb+U1CmcF6ASmK8I1W+7xHj9k9g0nkxe MGV5foXqlLYsMtr5zC6FHegbjP8jtBbM/HWfc13CY711gBIuYvBQcHcUfAme6WD7R/XHQE kKmzo4FNvSZjmdNDd3xri54CE3e9qbc= Received: from smtp.kernel.org (transwarp.subspace.kernel.org [100.75.92.58]) by nyc.source.kernel.org (Postfix) with ESMTP id 2CB6CA41C16; Thu, 30 Jan 2025 08:58:14 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 3502BC4CED2; Thu, 30 Jan 2025 09:00:00 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1738227600; bh=3jKeo5dieqZNX37Am8knZGy7fyJCjNRxekLpDBbCAOU=; h=Subject:To:Cc:From:Date:In-Reply-To:From; b=WEaBFcz2ScboX2eNkFrF8YbqePeYvtdusA6VluUt2u9AGrzCcJDmoomVpYWdlEnwY nijRFxlTrf5gTblkXNl9rQE+wwLzjsdLHfffjN8k8VeZmzwuVFW8EvEkO8Wt++GISR 5J1hNfF1yMS6hIWXp9UhQsaYcjqj3Owkk66yrfmw= Subject: Patch "libfs: Replace simple_offset end-of-directory detection" has been added to the 6.6-stable tree To: akpm@linux-foundation.org,brauner@kernel.org,cel@kernel.org,chuck.lever@oracle.com,gregkh@linuxfoundation.org,hughd@google.com,linux-mm@kvack.org,sashal@kernel.org,viro@zeniv.linux.org.uk,yangerkun@huawei.com,yukuai3@huawei.com Cc: From: Date: Thu, 30 Jan 2025 09:59:31 +0100 In-Reply-To: <20250124191946.22308-10-cel@kernel.org> Message-ID: <2025013031-struck-ablaze-42c6@gregkh> MIME-Version: 1.0 Content-Type: text/plain; charset=ANSI_X3.4-1968 Content-Transfer-Encoding: 8bit X-stable: commit X-Patchwork-Hint: ignore X-Rspam-User: X-Rspamd-Server: rspam09 X-Rspamd-Queue-Id: 8803840006 X-Stat-Signature: i6egt33tfwkacjuigc46akd1oukat7nd X-HE-Tag: 1738227601-909111 X-HE-Meta: U2FsdGVkX1/niZ6TQCEeBbX+Fiy6IX97OopNq3641kod6lWEgBIV4kiqe/v744B02b6E3IyO/dQP2CeG3RpeFs3le+/U4A/mGKXAGZTXXU/qnnWgq9XAuQNBNZ1BGNN3fSHfRWFkcRIdQIM66tt+yi5p/mQ4mGWa1hxhuVsZDmwf3iHJkkZ/ePt6lsWzBPGTwNYe9eafyy8GhVcycx5EWWXhGEfhxTB37zk63Asc9eNb0cpuCVsEnlgTMCZMwIx7+XyTGIa7YGnQQtPAxMatsPF7Dr3tzdl0aCo8m6QtJw5Pg3A2OjUdhW2T0FKWZNvFCLfS8ZDX1rK97PqAm9BLCYNCioNjfq5VLC337yvPcDo+X5qDSEcn2U5qGgRUkgZUU4LDKcGvWcTFJrGwf2/TrXkC+SGI+C+M9APi0MuFb6KZiUIQd3VZt60trIf+fSDWD3TDutclbEcukso+lH1ynpQR/lcJlgKkd+D0XQVB9NKkV2V3TQm0C5fCFhlSHn0XmMyhhMSL0600nBxzd0qd5wnStzcBJ+IIXJ5yMu/HqnZzHJSn2ZMr3oGJ9zaStkgxvqfLBEPwvPdaZIWZi8YaZracZmx7mVdoZOQkAeWVdy5o21rxK6DRlqVLF9LPXd8ndoe5VoxfrJ9PVA6sppHPKBiLaWywnSxQLZ2I9EFHmpXy/pHzhFamG9FpbEkAc5hErLnwdSpfU14GOGc5+iUEWIEVBzfREJdV/dKIS76V16ouYm0aXy10Rxncis1DRvwIOe9CUSnq8NY+kVMWhtQoSYD0lfNsp3Pkaq9/T7L1AdcnfQFMXm7lmjsBHE+JkKcIrQd79QgNgJADfJ8xR6yMkVg++tGnWI6W/gRnuXCkwffSHWUxJLweZS+z2EDDA3HZq3ROh2th0pXuiUIp5RPZNy9mzpNKCG14dZr+a+JDQ7klk0t2Sp/Lw8Ds/Ar4EUoSDwiWeL4GSB6uUJ15Hil OVCUg08c MxSdSSTOPymBpOOsKEME0+o91zW+tn6G0eypLdS78VFGGdLRd6eBEsVVhFGmPMbBFo4OHyHyMCxPzwrempW9/AYYN4kHx2/sGWuR5TC14hmEBzUIVqRnFcai/VoN5aisqFxzx3hdQwCee1lkE+qgNbnQRdBmYu5XLg6C7l/FFm2+0Lfrc92TfVVvtkiNg5KV+4OnRR9diTaof8IwEHk/RxCEKOUGtc5ABHzGO3Zuio6WwbS/MO+js6dmERlZZHqByBttGS2EYwDJgSygslbQYC3+wRfZrsZcPs1Wk12TqKpWdYFBaI7eGoqUBkfyuZMd6l87LvRuKJiecFEY5e65QIRlfodETeMQn2SnAhE7oK/yNksiCW2q7DDpD60GUus8u+GGcDAsyDcGcTw+8GExsbmDeFtZa2THsJp0q2a/PyeYvl7gCDp8Gr+2WBkQMWDmX2IquHRU1HyMHWPdtEI824MDlEusK7dfNpgEZwXdwwgbn4yF0HcoZ9E/B66EETCsRY9wccETCrHPSiHUHKlvN0rfjAVTX1bZ8sJEBtNxo6sZlJVdzZ88OUHmDRxgDebXgIFBeNSayoJ0KDasw/nUOGef/83OP5SGd/tnHbkt3CdD2NnMTVVsTxNimNYwbbCz0yWC2EkITib9ow9h6xB0Sui8nDB5EMUpy1HckIGB5V9UGJzR5kPsXwSLO7okC7FMI7Zrb X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: This is a note to let you know that I've just added the patch titled libfs: Replace simple_offset end-of-directory detection to the 6.6-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: libfs-replace-simple_offset-end-of-directory-detection.patch and it can be found in the queue-6.6 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let know about it. >From stable+bounces-110409-greg=kroah.com@vger.kernel.org Fri Jan 24 20:22:03 2025 From: cel@kernel.org Date: Fri, 24 Jan 2025 14:19:44 -0500 Subject: libfs: Replace simple_offset end-of-directory detection To: Hugh Dickins , Andrew Morten , Christian Brauner , Al Viro , Greg Kroah-Hartman , Sasha Levin Cc: , , , yukuai3@huawei.com, yangerkun@huawei.com, Chuck Lever Message-ID: <20250124191946.22308-10-cel@kernel.org> From: Chuck Lever [ Upstream commit 68a3a65003145644efcbb651e91db249ccd96281 ] According to getdents(3), the d_off field in each returned directory entry points to the next entry in the directory. The d_off field in the last returned entry in the readdir buffer must contain a valid offset value, but if it points to an actual directory entry, then readdir/getdents can loop. This patch introduces a specific fixed offset value that is placed in the d_off field of the last entry in a directory. Some user space applications assume that the EOD offset value is larger than the offsets of real directory entries, so the largest valid offset value is reserved for this purpose. This new value is never allocated by simple_offset_add(). When ->iterate_dir() returns, getdents{64} inserts the ctx->pos value into the d_off field of the last valid entry in the readdir buffer. When it hits EOD, offset_readdir() sets ctx->pos to the EOD offset value so the last entry is updated to point to the EOD marker. When trying to read the entry at the EOD offset, offset_readdir() terminates immediately. It is worth noting that using a Maple tree for directory offset value allocation does not guarantee a 63-bit range of values -- on platforms where "long" is a 32-bit type, the directory offset value range is still 0..(2^31 - 1). For broad compatibility with 32-bit user space, the largest tmpfs directory cookie value is now S32_MAX. Fixes: 796432efab1e ("libfs: getdents() should return 0 after reaching EOD") Signed-off-by: Chuck Lever Link: https://lore.kernel.org/r/20241228175522.1854234-5-cel@kernel.org Signed-off-by: Christian Brauner [ cel: adjusted to apply to origin/linux-6.6.y ] Signed-off-by: Chuck Lever Signed-off-by: Greg Kroah-Hartman --- fs/libfs.c | 37 +++++++++++++++++++++---------------- 1 file changed, 21 insertions(+), 16 deletions(-) --- a/fs/libfs.c +++ b/fs/libfs.c @@ -239,9 +239,15 @@ const struct inode_operations simple_dir }; EXPORT_SYMBOL(simple_dir_inode_operations); -/* 0 is '.', 1 is '..', so always start with offset 2 or more */ +/* simple_offset_add() never assigns these to a dentry */ enum { - DIR_OFFSET_MIN = 2, + DIR_OFFSET_EOD = S32_MAX, +}; + +/* simple_offset_add() allocation range */ +enum { + DIR_OFFSET_MIN = 2, + DIR_OFFSET_MAX = DIR_OFFSET_EOD - 1, }; static void offset_set(struct dentry *dentry, u32 offset) @@ -278,7 +284,8 @@ void simple_offset_init(struct offset_ct */ int simple_offset_add(struct offset_ctx *octx, struct dentry *dentry) { - static const struct xa_limit limit = XA_LIMIT(DIR_OFFSET_MIN, U32_MAX); + static const struct xa_limit limit = XA_LIMIT(DIR_OFFSET_MIN, + DIR_OFFSET_MAX); u32 offset; int ret; @@ -442,8 +449,6 @@ static loff_t offset_dir_llseek(struct f return -EINVAL; } - /* In this case, ->private_data is protected by f_pos_lock */ - file->private_data = NULL; return vfs_setpos(file, offset, U32_MAX); } @@ -453,7 +458,7 @@ static struct dentry *offset_find_next(s XA_STATE(xas, &octx->xa, offset); rcu_read_lock(); - child = xas_next_entry(&xas, U32_MAX); + child = xas_next_entry(&xas, DIR_OFFSET_MAX); if (!child) goto out; spin_lock(&child->d_lock); @@ -474,7 +479,7 @@ static bool offset_dir_emit(struct dir_c inode->i_ino, fs_umode_to_dtype(inode->i_mode)); } -static void *offset_iterate_dir(struct inode *inode, struct dir_context *ctx) +static void offset_iterate_dir(struct inode *inode, struct dir_context *ctx) { struct offset_ctx *octx = inode->i_op->get_offset_ctx(inode); struct dentry *dentry; @@ -482,7 +487,7 @@ static void *offset_iterate_dir(struct i while (true) { dentry = offset_find_next(octx, ctx->pos); if (!dentry) - return ERR_PTR(-ENOENT); + goto out_eod; if (!offset_dir_emit(ctx, dentry)) { dput(dentry); @@ -492,7 +497,10 @@ static void *offset_iterate_dir(struct i ctx->pos = dentry2offset(dentry) + 1; dput(dentry); } - return NULL; + return; + +out_eod: + ctx->pos = DIR_OFFSET_EOD; } /** @@ -512,6 +520,8 @@ static void *offset_iterate_dir(struct i * * On return, @ctx->pos contains an offset that will read the next entry * in this directory when offset_readdir() is called again with @ctx. + * Caller places this value in the d_off field of the last entry in the + * user's buffer. * * Return values: * %0 - Complete @@ -524,13 +534,8 @@ static int offset_readdir(struct file *f if (!dir_emit_dots(file, ctx)) return 0; - - /* In this case, ->private_data is protected by f_pos_lock */ - if (ctx->pos == DIR_OFFSET_MIN) - file->private_data = NULL; - else if (file->private_data == ERR_PTR(-ENOENT)) - return 0; - file->private_data = offset_iterate_dir(d_inode(dir), ctx); + if (ctx->pos != DIR_OFFSET_EOD) + offset_iterate_dir(d_inode(dir), ctx); return 0; } Patches currently in stable-queue which might be from cel@kernel.org are queue-6.6/libfs-replace-simple_offset-end-of-directory-detection.patch queue-6.6/libfs-re-arrange-locking-in-offset_iterate_dir.patch queue-6.6/libfs-add-simple_offset_empty.patch queue-6.6/shmem-fix-shmem_rename2.patch queue-6.6/revert-libfs-add-simple_offset_empty.patch queue-6.6/libfs-use-d_children-list-to-iterate-simple_offset-directories.patch queue-6.6/libfs-define-a-minimum-directory-offset.patch queue-6.6/libfs-return-enospc-when-the-directory-offset-range-is-exhausted.patch queue-6.6/libfs-fix-simple_offset_rename_exchange.patch queue-6.6/libfs-add-simple_offset_rename-api.patch