On Tue, Jul 09, 2024 at 02:33:18PM +0900, Ryusuke Konishi wrote:
> commit 93aef9eda1cea9e84ab2453fcceb8addad0e46f1 upstream.
>
> If the bitmap block that manages the inode allocation status is corrupted,
> nilfs_ifile_create_inode() may allocate a new inode from the reserved
> inode area where it should not be allocated.
>
> Previous fix commit d325dc6eb763 ("nilfs2: fix use-after-free bug of
> struct nilfs_root"), fixed the problem that reserved inodes with inode
> numbers less than NILFS_USER_INO (=11) were incorrectly reallocated due to
> bitmap corruption, but since the start number of non-reserved inodes is
> read from the super block and may change, in which case inode allocation
> may occur from the extended reserved inode area.
>
> If that happens, access to that inode will cause an IO error, causing the
> file system to degrade to an error state.
>
> Fix this potential issue by adding a wraparound option to the common
> metadata object allocation routine and by modifying
> nilfs_ifile_create_inode() to disable the option so that it only allocates
> inodes with inode numbers greater than or equal to the inode number read
> in "nilfs->ns_first_ino", regardless of the bitmap status of reserved
> inodes.
>
> Link: https://lkml.kernel.org/r/20240623051135.4180-4-konishi.ryusuke@xxxxxxxxx
> Signed-off-by: Ryusuke Konishi <konishi.ryusuke@xxxxxxxxx>
> Cc: Hillf Danton <hdanton@xxxxxxxx>
> Cc: Jan Kara <jack@xxxxxxx>
> Cc: Matthew Wilcox (Oracle) <willy@xxxxxxxxxxxxx>
> Cc: <stable@xxxxxxxxxxxxxxx>
> Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
> ---
> Please apply this patch to the stable trees indicated by the subject
> prefix instead of the patch that failed.
>
> This patch is tailored to avoid conflicts with a series involving
> extensive conversions and can be applied from v4.8 to v6.8.
>
> Also, all the builds and tests I did on each stable tree passed.
Now queued up, thanks.
greg k-h
