From e64f4bfb14a14ccd061d3eaca7bd57be1a3231dd Mon Sep 17 00:00:00 2001
From: Christian Ebner <c.ebner@proxmox.com>
Date: Wed, 2 Oct 2024 16:36:24 +0200
Subject: [PATCH] fix #5683: netfs: reset subreq iov iter before tail clean

Fixes rare read corruption issues using the in kernel ceph client.

On incomplete read requests, the clean tail flag should make sure to
zero fill the remaining bytes for the subrequest.
If the iov iterator is not at the correct position, e.g., because the
subreq->transferred was not yet updated, this can however zero fill
downloaded data, corrupting the read content.

Link to issue:
https://bugzilla.proxmox.com/show_bug.cgi?id=5683

Link to upstream issue:
https://bugzilla.kernel.org/show_bug.cgi?id=219237

Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
 [ TL: mention an specific example for subreq misalignment ]
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
---
 ...et-subreq-iov-iter-before-tail-clean.patch | 31 +++++++++++++++++++
 1 file changed, 31 insertions(+)
 create mode 100644 patches/kernel/0021-netfs-reset-subreq-iov-iter-before-tail-clean.patch

diff --git a/patches/kernel/0021-netfs-reset-subreq-iov-iter-before-tail-clean.patch b/patches/kernel/0021-netfs-reset-subreq-iov-iter-before-tail-clean.patch
new file mode 100644
index 0000000..a87e722
--- /dev/null
+++ b/patches/kernel/0021-netfs-reset-subreq-iov-iter-before-tail-clean.patch
@@ -0,0 +1,31 @@
+From cd27abf0c555f39b12c05f9f6a8cb59ff25dfe45 Mon Sep 17 00:00:00 2001
+From: Christian Ebner <c.ebner@proxmox.com>
+Date: Wed, 2 Oct 2024 15:24:31 +0200
+Subject: [PATCH] netfs: reset subreq iov iter before tail clean
+
+Make sure the iter is at the correct location when cleaning up tail
+bytes for incomplete read subrequests.
+
+Fixes: 92b6cc5d ("netfs: Add iov_iters to (sub)requests to describe various buffers")
+Closes: https://bugzilla.kernel.org/show_bug.cgi?id=219237
+
+Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
+---
+ fs/netfs/io.c | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/fs/netfs/io.c b/fs/netfs/io.c
+index d6ada4eba744..500119285346 100644
+--- a/fs/netfs/io.c
++++ b/fs/netfs/io.c
+@@ -528,6 +528,7 @@ void netfs_subreq_terminated(struct netfs_io_subrequest *subreq,
+ 
+ incomplete:
+ 	if (test_bit(NETFS_SREQ_CLEAR_TAIL, &subreq->flags)) {
++		netfs_reset_subreq_iter(rreq, subreq);
+ 		netfs_clear_unread(subreq);
+ 		subreq->transferred = subreq->len;
+ 		goto complete;
+-- 
+2.39.5
+