CVE-2024-36001

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> netfs: Fix the pre-flush when appending to a file in writethrough mode<br /> <br /> In netfs_perform_write(), when the file is marked NETFS_ICTX_WRITETHROUGH<br /> or O_*SYNC or RWF_*SYNC was specified, write-through caching is performed<br /> on a buffered file. When setting up for write-through, we flush any<br /> conflicting writes in the region and wait for the write to complete,<br /> failing if there&amp;#39;s a write error to return.<br /> <br /> The issue arises if we&amp;#39;re writing at or above the EOF position because we<br /> skip the flush and - more importantly - the wait. This becomes a problem<br /> if there&amp;#39;s a partial folio at the end of the file that is being written out<br /> and we want to make a write to it too. Both the already-running write and<br /> the write we start both want to clear the writeback mark, but whoever is<br /> second causes a warning looking something like:<br /> <br /> ------------[ cut here ]------------<br /> R=00000012: folio 11 is not under writeback<br /> WARNING: CPU: 34 PID: 654 at fs/netfs/write_collect.c:105<br /> ...<br /> CPU: 34 PID: 654 Comm: kworker/u386:27 Tainted: G S ...<br /> ...<br /> Workqueue: events_unbound netfs_write_collection_worker<br /> ...<br /> RIP: 0010:netfs_writeback_lookup_folio<br /> <br /> Fix this by making the flush-and-wait unconditional. It will do nothing if<br /> there are no folios in the pagecache and will return quickly if there are<br /> no folios in the region specified.<br /> <br /> Further, move the WBC attachment above the flush call as the flush is going<br /> to attach a WBC and detach it again if it is not present - and since we<br /> need one anyway we might as well share it.