From 596bbc4e0edfab05efc69313e09107caf5096a5c Mon Sep 17 00:00:00 2001 From: Gao Xiang Date: Wed, 9 Oct 2019 18:12:37 +0800 Subject: [PATCH] staging: erofs: some compressed cluster should be submitted for corrupted images commit ee45197c807895e156b2be0abcaebdfc116487c8 upstream. As reported by erofs_utils fuzzer, a logical page can belong to at most 2 compressed clusters, if one compressed cluster is corrupted, but the other has been ready in submitting chain. The chain needs to submit anyway in order to keep the page working properly (page unlocked with PG_error set, PG_uptodate not set). Let's fix it now. Fixes: 3883a79abd02 ("staging: erofs: introduce VLE decompression support") Cc: # 4.19+ Signed-off-by: Gao Xiang Reviewed-by: Chao Yu Link: https://lore.kernel.org/r/20190819103426.87579-2-gaoxiang25@huawei.com [ Gao Xiang: Manually backport to v4.19.y stable. ] Signed-off-by: Gao Xiang Signed-off-by: Greg Kroah-Hartman --- drivers/staging/erofs/unzip_vle.c | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/drivers/staging/erofs/unzip_vle.c b/drivers/staging/erofs/unzip_vle.c index ad6fe6d9d00a..fc44f5ce670b 100644 --- a/drivers/staging/erofs/unzip_vle.c +++ b/drivers/staging/erofs/unzip_vle.c @@ -1335,19 +1335,18 @@ static int z_erofs_vle_normalaccess_readpage(struct file *file, err = z_erofs_do_read_page(&f, page, &pagepool); (void)z_erofs_vle_work_iter_end(&f.builder); - if (err) { + /* if some compressed cluster ready, need submit them anyway */ + z_erofs_submit_and_unzip(&f, &pagepool, true); + + if (err) errln("%s, failed to read, err [%d]", __func__, err); - goto out; - } - z_erofs_submit_and_unzip(&f, &pagepool, true); -out: if (f.m_iter.mpage != NULL) put_page(f.m_iter.mpage); /* clean up the remaining free pages */ put_pages_list(&pagepool); - return 0; + return err; } static inline int __z_erofs_vle_normalaccess_readpages( -- GitLab