[PATCH openEuler-1.0-LTS 2/3] nilfs2: return the mapped address from nilfs_get_page()

6 Aug 2024

From: "Matthew Wilcox (Oracle)" willy@infradead.org
stable inclusion
from stable-v4.19.319
commit 7ed62ec616a3441aa3859150d50fadf5fd117aa8
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/IAGEKP
CVE: CVE-2024-41034
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=...
--------------------------------
[ Upstream commit 09a46acb3697e50548bb265afa1d79163659dd85 ]
In prepartion for switching from kmap() to kmap_local(), return the kmap
address from nilfs_get_page() instead of having the caller look up
page_address().
[konishi.ryusuke: fixed a missing blank line after declaration]
Link: https://lkml.kernel.org/r/20231127143036.2425-7-konishi.ryusuke@gmail.com
Signed-off-by: Matthew Wilcox (Oracle) willy@infradead.org
Signed-off-by: Ryusuke Konishi konishi.ryusuke@gmail.com
Signed-off-by: Andrew Morton akpm@linux-foundation.org
Stable-dep-of: 7373a51e7998 ("nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors")
Signed-off-by: Sasha Levin sashal@kernel.org
Signed-off-by: Zhihao Cheng chengzhihao@huaweicloud.com
---
 fs/nilfs2/dir.c | 57 +++++++++++++++++++++++--------------------------
 1 file changed, 27 insertions(+), 30 deletions(-)

diff --git a/fs/nilfs2/dir.c b/fs/nilfs2/dir.c
index f7d32681be4a..aaadc4ae6399 100644
--- a/fs/nilfs2/dir.c
+++ b/fs/nilfs2/dir.c
@@ -192,19 +192,24 @@ static bool nilfs_check_page(struct page *page)
    return false;
 }
-static struct page *nilfs_get_page(struct inode *dir, unsigned long n)
+static void *nilfs_get_page(struct inode *dir, unsigned long n,
+		struct page **pagep)
 {
    struct address_space *mapping = dir->i_mapping;
    struct page *page = read_mapping_page(mapping, n, NULL);
+	void *kaddr;
-	if (!IS_ERR(page)) {
-		kmap(page);
-		if (unlikely(!PageChecked(page))) {
-			if (!nilfs_check_page(page))
-				goto fail;
-		}
+	if (IS_ERR(page))
+		return page;
+
+	kaddr = kmap(page);
+	if (unlikely(!PageChecked(page))) {
+		if (!nilfs_check_page(page))
+			goto fail;
    }
-	return page;
+
+	*pagep = page;
+	return kaddr;
fail:
    nilfs_put_page(page);
@@ -281,14 +286,14 @@ static int nilfs_readdir(struct file *file, struct dir_context *ctx)
    for ( ; n < npages; n++, offset = 0) {
    	char *kaddr, *limit;
    	struct nilfs_dir_entry *de;
-		struct page *page = nilfs_get_page(inode, n);
+		struct page *page;
-		if (IS_ERR(page)) {
+		kaddr = nilfs_get_page(inode, n, &page);
+		if (IS_ERR(kaddr)) {
    		nilfs_error(sb, "bad page in #%lu", inode->i_ino);
    		ctx->pos += PAGE_SIZE - offset;
    		return -EIO;
    	}
-		kaddr = page_address(page);
    	de = (struct nilfs_dir_entry *)(kaddr + offset);
    	limit = kaddr + nilfs_last_byte(inode, n) -
    		NILFS_DIR_REC_LEN(1);
@@ -351,11 +356,9 @@ nilfs_find_entry(struct inode *dir, const struct qstr *qstr,
    	start = 0;
    n = start;
    do {
-		char *kaddr;
+		char *kaddr = nilfs_get_page(dir, n, &page);
-		page = nilfs_get_page(dir, n);
-		if (!IS_ERR(page)) {
-			kaddr = page_address(page);
+		if (!IS_ERR(kaddr)) {
    		de = (struct nilfs_dir_entry *)kaddr;
    		kaddr += nilfs_last_byte(dir, n) - reclen;
    		while ((char *) de <= kaddr) {
@@ -393,15 +396,11 @@ nilfs_find_entry(struct inode *dir, const struct qstr *qstr,
struct nilfs_dir_entry *nilfs_dotdot(struct inode *dir, struct page **p)
 {
-	struct page *page = nilfs_get_page(dir, 0);
-	struct nilfs_dir_entry *de = NULL;
+	struct nilfs_dir_entry *de = nilfs_get_page(dir, 0, p);
-	if (!IS_ERR(page)) {
-		de = nilfs_next_entry(
-			(struct nilfs_dir_entry *)page_address(page));
-		*p = page;
-	}
-	return de;
+	if (IS_ERR(de))
+		return NULL;
+	return nilfs_next_entry(de);
 }
ino_t nilfs_inode_by_name(struct inode *dir, const struct qstr *qstr)
@@ -465,12 +464,11 @@ int nilfs_add_link(struct dentry *dentry, struct inode *inode)
    for (n = 0; n <= npages; n++) {
    	char *dir_end;
-		page = nilfs_get_page(dir, n);
-		err = PTR_ERR(page);
-		if (IS_ERR(page))
+		kaddr = nilfs_get_page(dir, n, &page);
+		err = PTR_ERR(kaddr);
+		if (IS_ERR(kaddr))
    		goto out;
    	lock_page(page);
-		kaddr = page_address(page);
    	dir_end = kaddr + nilfs_last_byte(dir, n);
    	de = (struct nilfs_dir_entry *)kaddr;
    	kaddr += PAGE_SIZE - reclen;
@@ -633,11 +631,10 @@ int nilfs_empty_dir(struct inode *inode)
    	char *kaddr;
    	struct nilfs_dir_entry *de;
-		page = nilfs_get_page(inode, i);
-		if (IS_ERR(page))
+		kaddr = nilfs_get_page(inode, i, &page);
+		if (IS_ERR(kaddr))
    		continue;
-		kaddr = page_address(page);
    	de = (struct nilfs_dir_entry *)kaddr;
    	kaddr += nilfs_last_byte(inode, i) - NILFS_DIR_REC_LEN(1);
-- 
2.31.1


    

2024

2023

2022

2021

2020

2019

[PATCH openEuler-1.0-LTS 2/3] nilfs2: return the mapped address from nilfs_get_page()