Linux kernel stable tree (mirror) https://git.radix-linux.su/kernel/linux.git/atom?h=v6.12.80 2025-07-10T14:05:08+00:00 2025-07-10T14:05:08+00:00 Al Viro viro@zeniv.linux.org.uk 2025-01-24T03:51:04+00:00 urn:sha1:e036efbe5822dd679e475432743c32dbe4bd63a6 [ Upstream commit c1feab95e0b2e9fce7e4f4b2739baf40d84543af ] Quite a few places want to build a struct qstr by given string; it would be convenient to have a primitive doing that, rather than open-coding it via QSTR_INIT(). The closest approximation was in bcachefs, but that expands to initializer list - {.len = strlen(string), .name = string}. It would be more useful to have it as compound literal - (struct qstr){.len = strlen(string), .name = string}. Unlike initializer list it's a valid expression. What's more, it's a valid lvalue - it's an equivalent of anonymous local variable with such initializer, so the things like path->dentry = d_alloc_pseudo(mnt->mnt_sb, &QSTR(name)); are valid. It can also be used as initializer, with identical effect - struct qstr x = (struct qstr){.name = s, .len = strlen(s)}; is equivalent to struct qstr anon_variable = {.name = s, .len = strlen(s)}; struct qstr x = anon_variable; // anon_variable is never used after that point and any even remotely sane compiler will manage to collapse that into struct qstr x = {.name = s, .len = strlen(s)}; What compound literals can't be used for is initialization of global variables, but those are covered by QSTR_INIT(). This commit lifts definition(s) of QSTR() into linux/dcache.h, converts it to compound literal (all bcachefs users are fine with that) and converts assorted open-coded instances to using that. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Stable-dep-of: cbe4134ea4bc ("fs: export anon_inode_make_secure_inode() and fix secretmem LSM bypass") Signed-off-by: Sasha Levin <sashal@kernel.org> 2025-05-09T07:50:49+00:00 Alan Huang mmpgouride@gmail.com 2025-05-01T20:01:31+00:00 urn:sha1:6b6cd389104c2dc34dbdea2b1ba48fea8c39b24e commit 6846100b00d97d3d6f05766ae86a0d821d849e78 upstream. This actually reverts 86e92eeeb237 ("bcachefs: Annotate struct bch_xattr with __counted_by()"). After the x_name, there is a value. According to the disscussion[1], __counted_by assumes that the flexible array member contains exactly the amount of elements that are specified. Now there are users came across a false positive detection of an out of bounds write caused by the __counted_by here[2], so revert that. [1] https://lore.kernel.org/lkml/Zv8VDKWN1GzLRT-_@archlinux/T/#m0ce9541c5070146320efd4f928cc1ff8de69e9b2 [2] https://privatebin.net/?a0d4e97d590d71e1#9bLmp2Kb5NU6X6cZEucchDcu88HzUQwHUah8okKPReEt Signed-off-by: Alan Huang <mmpgouride@gmail.com> Signed-off-by: Kent Overstreet <kent.overstreet@linux.dev> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2025-04-07T08:08:37+00:00 Kent Overstreet kent.overstreet@linux.dev 2025-03-29T23:01:09+00:00 urn:sha1:9e6e83e1e2d01b99e70cd7812d7f758a8def9fc8 [ Upstream commit 707549600c4a012ed71c0204a7992a679880bf33 ] bch2_evict_subvolume_inodes() was getting stuck - due to incorrectly pruning the dcache. Also, fix missing permissions checks. Reported-by: Alexander Viro <viro@zeniv.linux.org.uk> Signed-off-by: Kent Overstreet <kent.overstreet@linux.dev> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> 2024-11-12T08:46:57+00:00 Kent Overstreet kent.overstreet@linux.dev 2024-11-11T21:15:15+00:00 urn:sha1:840c2fbcc5cd33ba8fab180f09da0bb7f354ea71 This runs on extents that haven't yet been validated, so we don't want to assert that we have a valid entry type. Reported-by: syzbot+4f29c3f12f864d8a8d17@syzkaller.appspotmail.com Signed-off-by: Kent Overstreet <kent.overstreet@linux.dev> 2024-11-12T08:46:57+00:00 Kent Overstreet kent.overstreet@linux.dev 2024-11-11T21:01:38+00:00 urn:sha1:657d4282d8c4ac2349472529c9a6f20c503d1aee If the jset_entry_dev_usage is malformed, and too small, our nr_entries calculation will be incorrect - just bail out. Reported-by: syzbot+05d7520be047c9be86e0@syzkaller.appspotmail.com Signed-off-by: Kent Overstreet <kent.overstreet@linux.dev> 2024-11-11T05:37:19+00:00 Kent Overstreet kent.overstreet@linux.dev 2024-11-11T04:28:33+00:00 urn:sha1:2642084f26b5a5e9353fa530efb30f49e752185d We can't assume that btrees only contain keys of a given type - even if they only have a single key type listed in the allowed key types for that btree; this is a forwards compatibility issue. Reported-by: syzbot+a27c3aaa3640dd3e1dfb@syzkaller.appspotmail.com Signed-off-by: Kent Overstreet <kent.overstreet@linux.dev> 2024-11-11T05:37:18+00:00 Kent Overstreet kent.overstreet@linux.dev 2024-11-11T03:01:04+00:00 urn:sha1:0b6ec0c5ac6c9e80a6157cbc5631802c81a674d7 Fixes: baefd3f849ed ("bcachefs: btree_cache.freeable list fixes") Signed-off-by: Kent Overstreet <kent.overstreet@linux.dev> 2024-11-08T19:07:12+00:00 Kent Overstreet kent.overstreet@linux.dev 2024-11-08T05:25:18+00:00 urn:sha1:bcf77a05fb3d6210026483703bcacb22ed961c99 We silence btree errors in btree_node_scan, since it's probing and errors are expected: add a fake pass so that btree_node_scan is no longer recovery pass 0, and we don't think we're in btree node scan when reading btree roots. Signed-off-by: Kent Overstreet <kent.overstreet@linux.dev> 2024-11-08T19:07:11+00:00 Kent Overstreet kent.overstreet@linux.dev 2024-11-08T05:00:19+00:00 urn:sha1:dc537189b5cf09e61839491fc6a465c5659d7dbd When we truncate a bset (due to it extending past the end of the btree node), we can't skip the rest of the validation for e.g. the packed format (if it's the first bset in the node). Reported-by: syzbot+4d722d3c539d77c7bc82@syzkaller.appspotmail.com Signed-off-by: Kent Overstreet <kent.overstreet@linux.dev> 2024-11-08T05:05:53+00:00 Kent Overstreet kent.overstreet@linux.dev 2024-11-08T03:18:02+00:00 urn:sha1:f8f1dde6868139f2294786365c56d7ff5cc3f4e7 This fixes an assertion pop where we try to navigate to the target of the backpointer, and the path level isn't what we expect. Reported-by: syzbot+b17df21b4d370f2dc330@syzkaller.appspotmail.com Signed-off-by: Kent Overstreet <kent.overstreet@linux.dev>