From: Steve French stfrench@microsoft.com
stable inclusion from stable-5.10.56 commit bfc8e67c60b911ee5605c1234fcb58239e5c20de bugzilla: 176004 https://gitee.com/openeuler/kernel/issues/I4DYZ4
Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=...
--------------------------------
commit f2a26a3cff27dfa456fef386fe5df56dcb4b47b6 upstream.
readpage was calculating the offset of the page incorrectly for the case of large swapcaches.
loff_t offset = (loff_t)page->index << PAGE_SHIFT;
As pointed out by Matthew Wilcox, this needs to use page_file_offset() to calculate the offset instead. Pages coming from the swap cache have page->index set to their index within the swapcache, not within the backing file. For a sufficiently large swapcache, we could have overlapping values of page->index within the same backing file.
Suggested by: Matthew Wilcox (Oracle) willy@infradead.org Cc: stable@vger.kernel.org # v5.7+ Reviewed-by: Ronnie Sahlberg lsahlber@redhat.com Signed-off-by: Steve French stfrench@microsoft.com Signed-off-by: Greg Kroah-Hartman gregkh@linuxfoundation.org
Signed-off-by: Chen Jun chenjun102@huawei.com Acked-by: Weilong Chen chenweilong@huawei.com Signed-off-by: Chen Jun chenjun102@huawei.com --- fs/cifs/file.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/cifs/file.c b/fs/cifs/file.c index da057570bb93..f46904a4ead3 100644 --- a/fs/cifs/file.c +++ b/fs/cifs/file.c @@ -4550,7 +4550,7 @@ static int cifs_readpage_worker(struct file *file, struct page *page,
static int cifs_readpage(struct file *file, struct page *page) { - loff_t offset = (loff_t)page->index << PAGE_SHIFT; + loff_t offset = page_file_offset(page); int rc = -EACCES; unsigned int xid;