git.baikalelectronics.ru Git - kernel.git/commit

author	Filipe Manana <fdmanana@suse.com>
	Mon, 14 Sep 2020 08:01:04 +0000 (09:01 +0100)
committer	David Sterba <dsterba@suse.com>
	Mon, 14 Sep 2020 15:27:16 +0000 (17:27 +0200)
commit	ee0a1737cdbf4f17c23da3b52d5127eb44ee90cf
tree	da7a2e73d516f9401062f9e82f34dfa351513af1	tree \| snapshot
parent	323edea2b48008dc5f15be4a9d254295c0389681	commit \| diff

btrfs: fix wrong address when faulting in pages in the search ioctl

When faulting in the pages for the user supplied buffer for the search
ioctl, we are passing only the base address of the buffer to the function
fault_in_pages_writeable(). This means that after the first iteration of
the while loop that searches for leaves, when we have a non-zero offset,
stored in 'sk_offset', we try to fault in a wrong page range.

So fix this by adding the offset in 'sk_offset' to the base address of the
user supplied buffer when calling fault_in_pages_writeable().

Several users have reported that the applications compsize and bees have
started to operate incorrectly since commit 24a9a655bdf08d ("btrfs: fix
potential deadlock in the search ioctl") was added to stable trees, and
these applications make heavy use of the search ioctls. This fixes their
issues.

Link: https://lore.kernel.org/linux-btrfs/632b888d-a3c3-b085-cdf5-f9bb61017d92@lechevalier.se/
Link: https://github.com/kilobyte/compsize/issues/34
Fixes: 24a9a655bdf08d ("btrfs: fix potential deadlock in the search ioctl")
CC: stable@vger.kernel.org # 4.4+
Tested-by: A L <mail@lechevalier.se>
Reviewed-by: Josef Bacik <josef@toxicpanda.com>
Signed-off-by: Filipe Manana <fdmanana@suse.com>
Reviewed-by: David Sterba <dsterba@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>