| From: Marco Nelissen <marco.nelissen@gmail.com> |
| Subject: filemap: avoid truncating 64-bit offset to 32 bits |
| Date: Thu, 2 Jan 2025 11:04:11 -0800 |
| |
| On 32-bit kernels, folio_seek_hole_data() was inadvertently truncating a |
| 64-bit value to 32 bits, leading to a possible infinite loop when writing |
| to an xfs filesystem. |
| |
| Link: https://lkml.kernel.org/r/20250102190540.1356838-1-marco.nelissen@gmail.com |
| Fixes: 54fa39ac2e00 ("iomap: use mapping_seek_hole_data") |
| Signed-off-by: Marco Nelissen <marco.nelissen@gmail.com> |
| Cc: Matthew Wilcox (Oracle) <willy@infradead.org> |
| Cc: <stable@vger.kernel.org> |
| Signed-off-by: Andrew Morton <akpm@linux-foundation.org> |
| --- |
| |
| mm/filemap.c | 2 +- |
| 1 file changed, 1 insertion(+), 1 deletion(-) |
| |
| --- a/mm/filemap.c~filemap-avoid-truncating-64-bit-offset-to-32-bits |
| +++ a/mm/filemap.c |
| @@ -2996,7 +2996,7 @@ static inline loff_t folio_seek_hole_dat |
| if (ops->is_partially_uptodate(folio, offset, bsz) == |
| seek_data) |
| break; |
| - start = (start + bsz) & ~(bsz - 1); |
| + start = (start + bsz) & ~((u64)bsz - 1); |
| offset += bsz; |
| } while (offset < folio_size(folio)); |
| unlock: |
| _ |
