github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-05-12 16:18:45 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity
v7.0-rc7
linux/fs/udf
History
Jan Kara 102e57d56f udf: Fix race between file type conversion and writeback 
udf_setsize() can race with udf_writepages() as follows:

udf_setsize()			udf_writepages()
				  if (iinfo->i_alloc_type ==
						ICBTAG_FLAG_AD_IN_ICB)
  err = udf_expand_file_adinicb(inode);
  err = udf_extend_file(inode, newsize);
				    udf_adinicb_writepages()
				      memcpy_from_file_folio() - crash
					because inode size is too big.

Fix the problem by checking the file type under folio lock in
udf_handle_page_wb() handler called from __mpage_writepages() which
properly serializes with udf_expand_file_adinicb().

Reported-by: Jianzhou Zhao <luckd0g@163.com>
Link: https://lore.kernel.org/all/f622c01.67ac.19cdbdd777d.Coremail.luckd0g@163.com
Reviewed-by: Christoph Hellwig <hch@lst.de>
Link: https://patch.msgid.link/20260326140635.15895-4-jack@suse.cz
Signed-off-by: Jan Kara <jack@suse.cz>
2026-03-27 17:01:40 +01:00
..
balloc.c udf: refactor udf_next_aext() to handle error 2024-10-02 14:10:50 +02:00
dir.c udf: add setlease file operation 2026-01-12 10:55:47 +01:00
directory.c udf: refactor inode_bmap() to handle error 2024-10-02 14:32:29 +02:00
ecma_167.h udf: Avoid unneeded variable length array in struct fileIdentDesc 2023-10-03 11:27:52 +02:00
file.c udf: add setlease file operation 2026-01-12 10:55:47 +01:00
ialloc.c udf: convert to new timestamp accessors 2023-10-18 14:08:28 +02:00
inode.c udf: Fix race between file type conversion and writeback 2026-03-27 17:01:40 +01:00
Kconfig fs: add CONFIG_BUFFER_HEAD 2023-08-02 09:13:09 -06:00
lowlevel.c fs: udf: Replace GPL 2.0 boilerplate license notice with SPDX identifier 2023-05-30 15:39:13 +02:00
Makefile
misc.c fs: udf: Replace GPL 2.0 boilerplate license notice with SPDX identifier 2023-05-30 15:39:13 +02:00
namei.c Change inode_operations.mkdir to return struct dentry * 2025-02-27 20:00:17 +01:00
osta_udf.h udf: Get rid of 0-length arrays 2021-08-11 16:54:44 +02:00
partition.c udf: refactor inode_bmap() to handle error 2024-10-02 14:32:29 +02:00
super.c Convert remaining multi-line kmalloc_obj/flex GFP_KERNEL uses 2026-02-22 08:26:33 -08:00
symlink.c udf: Convert udf_symlink_getattr() to use a folio 2024-04-23 15:37:02 +02:00
truncate.c udf: Make sure i_lenExtents is uptodate on inode eviction 2025-05-07 12:04:07 +02:00
udf_i.h udf: Preserve link count of system files 2023-01-09 10:39:53 +01:00
udf_sb.h uapi: promote EFSCORRUPTED and EUCLEAN to errno.h 2026-01-13 09:58:01 +01:00
udfdecl.h udf: refactor inode_bmap() to handle error 2024-10-02 14:32:29 +02:00
udfend.h
udftime.c udf: udftime: prevent overflow in udf_disk_stamp_to_time() 2024-04-10 13:10:12 +02:00
unicode.c kernel.h: drop hex.h and update all hex.h users 2026-01-20 19:44:19 -08:00