AcoSail/kernel_optimize_test
8
0
Fork 0
forked from luck/tmp_suning_uos_patched
Code Pull Requests Activity
abe487a88a
kernel_optimize_test/fs/ext4
History
Zhang Yi bfd004a1d3 ext4: add reserved GDT blocks check 
commit b55c3cd102a6f48b90e61c44f7f3dda8c290c694 upstream.

We capture a NULL pointer issue when resizing a corrupt ext4 image which
is freshly clear resize_inode feature (not run e2fsck). It could be
simply reproduced by following steps. The problem is because of the
resize_inode feature was cleared, and it will convert the filesystem to
meta_bg mode in ext4_resize_fs(), but the es->s_reserved_gdt_blocks was
not reduced to zero, so could we mistakenly call reserve_backup_gdb()
and passing an uninitialized resize_inode to it when adding new group
descriptors.

 mkfs.ext4 /dev/sda 3G
 tune2fs -O ^resize_inode /dev/sda #forget to run requested e2fsck
 mount /dev/sda /mnt
 resize2fs /dev/sda 8G

 ========
 BUG: kernel NULL pointer dereference, address: 0000000000000028
 CPU: 19 PID: 3243 Comm: resize2fs Not tainted 5.18.0-rc7-00001-gfde086c5ebfd #748
 ...
 RIP: 0010:ext4_flex_group_add+0xe08/0x2570
 ...
 Call Trace:
  <TASK>
  ext4_resize_fs+0xbec/0x1660
  __ext4_ioctl+0x1749/0x24e0
  ext4_ioctl+0x12/0x20
  __x64_sys_ioctl+0xa6/0x110
  do_syscall_64+0x3b/0x90
  entry_SYSCALL_64_after_hwframe+0x44/0xae
 RIP: 0033:0x7f2dd739617b
 ========

The fix is simple, add a check in ext4_resize_begin() to make sure that
the es->s_reserved_gdt_blocks is zero when the resize_inode feature is
disabled.

Cc: stable@kernel.org
Signed-off-by: Zhang Yi <yi.zhang@huawei.com>
Reviewed-by: Ritesh Harjani <ritesh.list@gmail.com>
Reviewed-by: Jan Kara <jack@suse.cz>
Link: https://lore.kernel.org/r/20220601092717.763694-1-yi.zhang@huawei.com
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2022-06-22 14:13:19 +02:00
..
acl.c ext4: main fast-commit commit path 2020-10-21 23:22:37 -04:00
acl.h ext4: fix up remaining files with SPDX cleanups 2017-12-17 22:00:59 -05:00
balloc.c ext4: shrink race window in ext4_should_retry_alloc() 2021-04-07 15:00:03 +02:00
bitmap.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
block_validity.c ext4: rename system_blks to s_system_blks inside ext4_sb_info 2020-10-18 10:36:59 -04:00
dir.c ext4: fix potential infinite loop in ext4_dx_readdir() 2021-10-06 15:56:02 +02:00
ext4_extents.h ext4: fix EXT_MAX_EXTENT/INDEX to check for zeroed eh_max 2020-06-03 23:16:49 -04:00
ext4_jbd2.c ext4: fix null-ptr-deref in '__ext4_journal_ensure_credits' 2022-01-27 10:54:28 +01:00
ext4_jbd2.h ext4: drop ext4_journal_free_reserved() 2020-06-03 23:16:53 -04:00
ext4.h ext4: only allow test_dummy_encryption when supported 2022-06-09 10:21:31 +02:00
extents_status.c ext4: remove check for zero nr_to_scan in ext4_es_scan() 2021-07-14 16:55:41 +02:00
extents_status.h ext4: fix extent_status trace points 2020-01-25 02:03:03 -05:00
extents.c ext4: fix bug_on in __es_tree_search 2022-06-09 10:21:23 +02:00
fast_commit.c ext4: fix incorrect type issue during replay_del_range 2022-02-08 18:30:41 +01:00
fast_commit.h ext4: fix fast commit alignment issues 2021-06-10 13:39:26 +02:00
file.c ext4: Fix occasional generic/418 failure 2021-05-11 14:47:38 +02:00
fsmap.c treewide: Change list_sort to use const pointers 2021-09-30 10:11:04 +02:00
fsmap.h ext4: fix up remaining files with SPDX cleanups 2017-12-17 22:00:59 -05:00
fsync.c ext4: make s_mount_flags modifications atomic 2020-11-06 23:01:05 -05:00
hash.c ext4: use generic casefolding support 2020-10-28 13:43:13 -04:00
ialloc.c ext4: fix avefreec in find_group_orlov 2021-07-14 16:55:41 +02:00
indirect.c ext4: use ext4_sb_bread() instead of sb_bread() 2020-10-18 10:37:14 -04:00
inline.c ext4: fix bug_on in ext4_writepages 2022-06-09 10:21:22 +02:00
inode-test.c kunit: allow kunit tests to be loaded as a module 2020-01-09 16:42:29 -07:00
inode.c ext4: fix warning in ext4_handle_inode_extension 2022-06-09 10:21:22 +02:00
ioctl.c ext4: avoid trim error on fs with small groups 2022-01-27 10:54:04 +01:00
Kconfig ext: EXT4_KUNIT_TESTS should depend on EXT4_FS instead of selecting it 2021-03-04 11:38:15 +01:00
Makefile ext4 / jbd2: add fast commit initialization 2020-10-21 23:22:26 -04:00
mballoc.c ext4: fix bug_on ext4_mb_use_inode_pa 2022-06-22 14:13:19 +02:00
mballoc.h ext4: limit the length of per-inode prealloc list 2020-08-19 12:04:36 -04:00
migrate.c ext4: don't use the orphan list when migrating an inode 2022-01-27 10:54:28 +01:00
mmp.c ext4: fix possible UAF when remounting r/o a mmp-protected file system 2021-11-02 19:48:18 +01:00
move_extent.c ext4: use common helpers in all places reading metadata buffers 2020-10-18 10:37:14 -04:00
namei.c ext4: make variable "count" signed 2022-06-22 14:13:19 +02:00
page-io.c ext4: fix symlink file size not match to file content 2022-04-27 13:53:56 +02:00
readpage.c Improvements to ext4's block allocator performance for very large file 2020-08-21 11:03:38 -07:00
resize.c ext4: add reserved GDT blocks check 2022-06-22 14:13:19 +02:00
super.c ext4: only allow test_dummy_encryption when supported 2022-06-09 10:21:31 +02:00
symlink.c ext4: report correct st_size for encrypted symlinks 2021-09-08 08:48:59 +02:00
sysfs.c ext4: shrink race window in ext4_should_retry_alloc() 2021-04-07 15:00:03 +02:00
truncate.h ext4: handle layout changes to pinned DAX mappings 2018-07-29 17:00:22 -04:00
verity.c ext4: fix error handling in ext4_end_enable_verity() 2021-03-25 09:04:17 +01:00
xattr_hurd.c ext4: support xattr gnu.* namespace for the Hurd 2020-06-12 13:23:34 -04:00
xattr_security.c ext4: use XATTR_CREATE in ext4_initxattrs() 2018-05-10 11:52:14 -04:00
xattr_trusted.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
xattr_user.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
xattr.c ext4: add reclaim checks to xattr code 2021-03-30 14:32:08 +02:00
xattr.h ext4: support xattr gnu.* namespace for the Hurd 2020-06-12 13:23:34 -04:00