From b2266688ac41189360b8f62ae8fb4304df63be11 Mon Sep 17 00:00:00 2001
From: Xiubo Li <xiubli@redhat.com>
Date: Wed, 20 Nov 2024 10:04:16 +0800
Subject: [PATCH] ceph: remove the incorrect Fw reference check when dirtying
 pages

stable inclusion
from stable-v5.10.227
commit f55e003d261baa7c57d51ae5c8ec1f5c26a35c89
category: bugfix
bugzilla: https://gitee.com/src-openeuler/kernel/issues/IB2YU2
CVE: CVE-2024-50179

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=f55e003d261baa7c57d51ae5c8ec1f5c26a35c89

--------------------------------

[ Upstream commit c08dfb1b49492c09cf13838c71897493ea3b424e ]

When doing the direct-io reads it will also try to mark pages dirty,
but for the read path it won't hold the Fw caps and there is case
will it get the Fw reference.

Fixes: 5dda377cf0a6 ("ceph: set i_head_snapc when getting CEPH_CAP_FILE_WR reference")
Signed-off-by: Xiubo Li <xiubli@redhat.com>
Reviewed-by: Patrick Donnelly <pdonnell@redhat.com>
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Signed-off-by: Baokun Li <libaokun1@huawei.com>
---
 fs/ceph/addr.c | 1 -
 1 file changed, 1 deletion(-)

diff --git a/fs/ceph/addr.c b/fs/ceph/addr.c
index 7402001e4c15..122b4129d1cd 100644
--- a/fs/ceph/addr.c
+++ b/fs/ceph/addr.c
@@ -91,7 +91,6 @@ static int ceph_set_page_dirty(struct page *page)
 
 	/* dirty the head */
 	spin_lock(&ci->i_ceph_lock);
-	BUG_ON(ci->i_wr_ref == 0); // caller should hold Fw reference
 	if (__ceph_have_pending_cap_snap(ci)) {
 		struct ceph_cap_snap *capsnap =
 				list_last_entry(&ci->i_cap_snaps,
-- 
Gitee