From: David Howells <dhowells@redhat.com>
To: Christian Brauner <christian@brauner.io>
Cc: David Howells <dhowells@redhat.com>,
Paulo Alcantara <pc@manguebit.org>,
netfs@lists.linux.dev, linux-afs@lists.infradead.org,
linux-cifs@vger.kernel.org, ceph-devel@vger.kernel.org,
linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: [PATCH v3 00/19] netfs: Miscellaneous fixes
Date: Sat, 25 Apr 2026 13:54:04 +0100 [thread overview]
Message-ID: <20260425125426.3855807-1-dhowells@redhat.com> (raw)
Hi Christian,
Here are the outstanding miscellaneous fixes for netfslib gathered together
and with some fixes-to-fixes folded down and one rearrangement. Various
Sashiko review comments[1][2] are addressed:
(1) Fix triggering of a VM_BUG_ON_FOLIO() in netfs_write_begin().
(2) Fix error handling in netfs_extract_user_iter().
(3) Fix netfs_invalidate_folio() to clear the folio dirty bit if all dirty
data removed.
(4) Defer the emission of trace_netfs_folio() in netfs_perform_write().
This allows the next patch to emit the correct traces.
(5) Fix the handling of a partially failed copy (ie. EFAULT) into a
streaming write folio. Also remove the netfs_folio if a streaming
write folio is entirely overwritten.
(6) Fix netfs_read_gaps() to remove the netfs_folio from a filled folio.
(7) Fix the calculation of zero_point in netfs_release_folio() to limit it
to ->remote_i_size, not ->i_size.
(8) Fix netfs_perform_write() to not disable streaming writes when writing
to an fd that's open O_RDWR.
(9) Fix an early put of the sink page used in netfs_read_gaps(), before
the request has completed.
(10) Fix request leak in netfs_write_begin() error handling.
(11) Fix a potential UAF in netfs_unlock_abandoned_read_pages() due to
trying to check index of each folio we're abandoning to see if that
folio is actually owned by the caller (in which case, we're not
actually allowed to dereference it).
(12) Fix a potentially uninitialised error value in
netfs_extract_user_iter().
(13) Fix incorrect adjustment of dirty region when partially invalidating a
streaming write folio.
(14) Fix the handling of folio->private in netfs_perform_write() and the
attached netfs_folio and/or group when a streaming write folio is
modified.
(15) Fix the potential for 64-bit tearing on a 32-bit machine when reading
netfs_inode->remote_i_size and ->zero_point by using much the same
mechanism as is used for ->i_size.
(16) Fix netfs_read_folio() to wait on writeback first (it holds the folio
lock) otherwise we aren't allowed to look at the netfs_folio struct as
that could be modified at any time by the writeback collector.
(17) Fix read and write result collection to use barriering correctly to
access a request's subrequest lists without taking a lock.
This adds list_add_tail_release() and list_first_entry_acquire() to
appropriate incorporate barriering into some list functions.
(18) Fix afs_get_link() to take the vnode->validate_lock around
afs_read_single() to prevent a race with another caller of
afs_get_link() also trying to read the symlink content.
(19) Fix the RCU handling of symlinks in RCU pathwalk. The problems were
that afs_get_link() didn't use proper RCU pointer dereferencing and
that AFS symlinks can be updated remotely, potentially causing the
buffer memory to be changed.
These are applied on top of your vfs.fixes branch.
The patches can also be found here:
https://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git/log/?h=netfs-fixes
Thanks,
David
[1] https://sashiko.dev/#/patchset/20260414082004.3756080-1-dhowells%40redhat.com
[2] https://sashiko.dev/#/patchset/20260326104544.509518-1-dhowells%40redhat.com
Changes
=======
ver #3)
- Rebase on linus/master.
- Consolidate the various sets of fixes for reposting.
- Fold down fixes-to-fixes.
- Move the tracing change in netfs_perform_write() down to below the patch
it primarily affects.
base-commit: 27d128c1cff64c3b8012cc56dd5a1391bb4f1821
David Howells (17):
netfs: Fix netfs_invalidate_folio() to clear dirty bit if all changes
gone
netfs: Defer the emission of trace_netfs_folio()
netfs: Fix streaming write being overwritten
netfs: Fix read-gaps to remove netfs_folio from filled folio
netfs: Fix zeropoint update where i_size > remote_i_size
netfs: Fix write streaming disablement if fd open O_RDWR
netfs: Fix early put of sink folio in netfs_read_gaps()
netfs: Fix leak of request in netfs_write_begin() error handling
netfs: Fix potential UAF in netfs_unlock_abandoned_read_pages()
netfs: Fix potential uninitialised var in netfs_extract_user_iter()
netfs: Fix partial invalidation of streaming-write folio
netfs: Fix folio->private handling in netfs_perform_write()
netfs: Fix potential for tearing in ->remote_i_size and ->zero_point
netfs: Fix netfs_read_folio() to wait on writeback
netfs: Fix missing barriers when accessing stream->subrequests
locklessly
afs: Fix afs_get_link() to take validate_lock around afs_read_single()
afs: Fix RCU handling of symlinks in RCU pathwalk
Paulo Alcantara (1):
netfs: fix error handling in netfs_extract_user_iter()
Viacheslav Dubeyko (1):
netfs: fix VM_BUG_ON_FOLIO() issue in netfs_write_begin() call
fs/9p/vfs_inode.c | 2 +-
fs/9p/vfs_inode_dotl.c | 4 +-
fs/afs/Makefile | 1 +
fs/afs/dir.c | 33 +++-
fs/afs/fsclient.c | 4 +-
fs/afs/inode.c | 104 +-----------
fs/afs/internal.h | 35 +++-
fs/afs/symlink.c | 242 ++++++++++++++++++++++++++++
fs/afs/write.c | 2 +-
fs/afs/yfsclient.c | 4 +-
fs/netfs/buffered_read.c | 39 +++--
fs/netfs/buffered_write.c | 111 ++++++++-----
fs/netfs/direct_read.c | 15 +-
fs/netfs/direct_write.c | 4 +-
fs/netfs/internal.h | 3 +
fs/netfs/iterator.c | 15 +-
fs/netfs/misc.c | 21 ++-
fs/netfs/read_collect.c | 6 +-
fs/netfs/read_retry.c | 11 +-
fs/netfs/read_single.c | 12 +-
fs/netfs/write_collect.c | 7 +-
fs/netfs/write_issue.c | 3 +-
fs/smb/client/cifsfs.c | 24 +--
fs/smb/client/cifssmb.c | 2 +-
fs/smb/client/file.c | 9 +-
fs/smb/client/inode.c | 9 +-
fs/smb/client/readdir.c | 3 +-
fs/smb/client/smb2ops.c | 16 +-
fs/smb/client/smb2pdu.c | 2 +-
include/linux/list.h | 37 +++++
include/linux/netfs.h | 298 +++++++++++++++++++++++++++++++++--
include/trace/events/netfs.h | 8 +
32 files changed, 826 insertions(+), 260 deletions(-)
create mode 100644 fs/afs/symlink.c
next reply other threads:[~2026-04-25 12:54 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-04-25 12:54 David Howells [this message]
2026-04-25 12:54 ` [PATCH v3 01/19] netfs: fix VM_BUG_ON_FOLIO() issue in netfs_write_begin() call David Howells
2026-04-25 12:54 ` [PATCH v3 02/19] netfs: fix error handling in netfs_extract_user_iter() David Howells
2026-04-25 12:54 ` [PATCH v3 03/19] netfs: Fix netfs_invalidate_folio() to clear dirty bit if all changes gone David Howells
2026-04-25 12:54 ` [PATCH v3 04/19] netfs: Defer the emission of trace_netfs_folio() David Howells
2026-04-25 12:54 ` [PATCH v3 05/19] netfs: Fix streaming write being overwritten David Howells
2026-04-25 12:54 ` [PATCH v3 06/19] netfs: Fix read-gaps to remove netfs_folio from filled folio David Howells
2026-04-25 12:54 ` [PATCH v3 07/19] netfs: Fix zeropoint update where i_size > remote_i_size David Howells
2026-04-25 12:54 ` [PATCH v3 08/19] netfs: Fix write streaming disablement if fd open O_RDWR David Howells
2026-04-25 12:54 ` [PATCH v3 09/19] netfs: Fix early put of sink folio in netfs_read_gaps() David Howells
2026-04-25 12:54 ` [PATCH v3 10/19] netfs: Fix leak of request in netfs_write_begin() error handling David Howells
2026-04-25 12:54 ` [PATCH v3 11/19] netfs: Fix potential UAF in netfs_unlock_abandoned_read_pages() David Howells
2026-04-25 12:54 ` [PATCH v3 12/19] netfs: Fix potential uninitialised var in netfs_extract_user_iter() David Howells
2026-04-25 12:54 ` [PATCH v3 13/19] netfs: Fix partial invalidation of streaming-write folio David Howells
2026-04-25 12:54 ` [PATCH v3 14/19] netfs: Fix folio->private handling in netfs_perform_write() David Howells
2026-04-25 12:54 ` [PATCH v3 15/19] netfs: Fix potential for tearing in ->remote_i_size and ->zero_point David Howells
2026-04-25 12:54 ` [PATCH v3 16/19] netfs: Fix netfs_read_folio() to wait on writeback David Howells
2026-04-25 12:54 ` [PATCH v3 17/19] netfs: Fix missing barriers when accessing stream->subrequests locklessly David Howells
2026-04-25 12:54 ` [PATCH v3 18/19] afs: Fix afs_get_link() to take validate_lock around afs_read_single() David Howells
2026-04-25 12:54 ` [PATCH v3 19/19] afs: Fix RCU handling of symlinks in RCU pathwalk David Howells
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260425125426.3855807-1-dhowells@redhat.com \
--to=dhowells@redhat.com \
--cc=ceph-devel@vger.kernel.org \
--cc=christian@brauner.io \
--cc=linux-afs@lists.infradead.org \
--cc=linux-cifs@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=netfs@lists.linux.dev \
--cc=pc@manguebit.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox