diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2018-07-08 14:10:30 -0400 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2018-07-08 14:10:30 -0400 |
| commit | 70a2dc6abc8af028b0c71af6b3520574ee09e814 (patch) | |
| tree | 935075ce55d5091d5508ff9be533959703e25410 /fs/ext4/ialloc.c | |
| parent | 8979319f2d361b5729b215e1d47cb5bbcaca9d76 (diff) | |
| parent | a17712c8e4be4fa5404d20e9cd3b2b21eae7bc56 (diff) | |
Merge tag 'ext4_for_linus_stable' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4
Pull ext4 bugfixes from Ted Ts'o:
"Bug fixes for ext4; most of which relate to vulnerabilities where a
maliciously crafted file system image can result in a kernel OOPS or
hang.
At least one fix addresses an inline data bug could be triggered by
userspace without the need of a crafted file system (although it does
require that the inline data feature be enabled)"
* tag 'ext4_for_linus_stable' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4:
ext4: check superblock mapped prior to committing
ext4: add more mount time checks of the superblock
ext4: add more inode number paranoia checks
ext4: avoid running out of journal credits when appending to an inline file
jbd2: don't mark block as modified if the handle is out of credits
ext4: never move the system.data xattr out of the inode body
ext4: clear i_data in ext4_inode_info when removing inline data
ext4: include the illegal physical block in the bad map ext4_error msg
ext4: verify the depth of extent tree in ext4_find_extent()
ext4: only look at the bg_flags field if it is valid
ext4: make sure bitmaps and the inode table don't overlap with bg descriptors
ext4: always check block group bounds in ext4_init_block_bitmap()
ext4: always verify the magic number in xattr blocks
ext4: add corruption check in ext4_xattr_set_entry()
ext4: add warn_on_error mount option
Diffstat (limited to 'fs/ext4/ialloc.c')
| -rw-r--r-- | fs/ext4/ialloc.c | 14 |
1 files changed, 12 insertions, 2 deletions
diff --git a/fs/ext4/ialloc.c b/fs/ext4/ialloc.c index f525f909b559..fb83750c1a14 100644 --- a/fs/ext4/ialloc.c +++ b/fs/ext4/ialloc.c | |||
| @@ -150,7 +150,16 @@ ext4_read_inode_bitmap(struct super_block *sb, ext4_group_t block_group) | |||
| 150 | } | 150 | } |
| 151 | 151 | ||
| 152 | ext4_lock_group(sb, block_group); | 152 | ext4_lock_group(sb, block_group); |
| 153 | if (desc->bg_flags & cpu_to_le16(EXT4_BG_INODE_UNINIT)) { | 153 | if (ext4_has_group_desc_csum(sb) && |
| 154 | (desc->bg_flags & cpu_to_le16(EXT4_BG_INODE_UNINIT))) { | ||
| 155 | if (block_group == 0) { | ||
| 156 | ext4_unlock_group(sb, block_group); | ||
| 157 | unlock_buffer(bh); | ||
| 158 | ext4_error(sb, "Inode bitmap for bg 0 marked " | ||
| 159 | "uninitialized"); | ||
| 160 | err = -EFSCORRUPTED; | ||
| 161 | goto out; | ||
| 162 | } | ||
| 154 | memset(bh->b_data, 0, (EXT4_INODES_PER_GROUP(sb) + 7) / 8); | 163 | memset(bh->b_data, 0, (EXT4_INODES_PER_GROUP(sb) + 7) / 8); |
| 155 | ext4_mark_bitmap_end(EXT4_INODES_PER_GROUP(sb), | 164 | ext4_mark_bitmap_end(EXT4_INODES_PER_GROUP(sb), |
| 156 | sb->s_blocksize * 8, bh->b_data); | 165 | sb->s_blocksize * 8, bh->b_data); |
| @@ -994,7 +1003,8 @@ got: | |||
| 994 | 1003 | ||
| 995 | /* recheck and clear flag under lock if we still need to */ | 1004 | /* recheck and clear flag under lock if we still need to */ |
| 996 | ext4_lock_group(sb, group); | 1005 | ext4_lock_group(sb, group); |
| 997 | if (gdp->bg_flags & cpu_to_le16(EXT4_BG_BLOCK_UNINIT)) { | 1006 | if (ext4_has_group_desc_csum(sb) && |
| 1007 | (gdp->bg_flags & cpu_to_le16(EXT4_BG_BLOCK_UNINIT))) { | ||
| 998 | gdp->bg_flags &= cpu_to_le16(~EXT4_BG_BLOCK_UNINIT); | 1008 | gdp->bg_flags &= cpu_to_le16(~EXT4_BG_BLOCK_UNINIT); |
| 999 | ext4_free_group_clusters_set(sb, gdp, | 1009 | ext4_free_group_clusters_set(sb, gdp, |
| 1000 | ext4_free_clusters_after_init(sb, group, gdp)); | 1010 | ext4_free_clusters_after_init(sb, group, gdp)); |