diff options
| author | Zheng Liu <wenqing.lz@taobao.com> | 2013-04-03 12:27:18 -0400 |
|---|---|---|
| committer | Theodore Ts'o <tytso@mit.edu> | 2013-04-03 12:37:17 -0400 |
| commit | 8cde7ad17e4f4ff8d12ff60dd09c0a291cb0b61c (patch) | |
| tree | fa381ca0422657142d69a8a8528cefe1e57de973 | |
| parent | 07961ac7c0ee8b546658717034fe692fd12eefa9 (diff) | |
ext4: fix big-endian bugs which could cause fs corruptions
When an extent was zeroed out, we forgot to do convert from cpu to le16.
It could make us hit a BUG_ON when we try to write dirty pages out. So
fix it.
[ Also fix a bug found by Dmitry Monakhov where we were missing
le32_to_cpu() calls in the new indirect punch hole code.
There are a number of other big endian warnings found by static code
analyzers, but we'll wait for the next merge window to fix them all
up. These fixes are designed to be Obviously Correct by code
inspection, and easy to demonstrate that it won't make any
difference (and hence, won't introduce any bugs) on little endian
architectures such as x86. --tytso ]
Signed-off-by: Zheng Liu <wenqing.lz@taobao.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Reported-by: CAI Qian <caiqian@redhat.com>
Reported-by: Christian Kujau <lists@nerdbynature.de>
Cc: Dmitry Monakhov <dmonakhov@openvz.org>
| -rw-r--r-- | fs/ext4/extents.c | 11 | ||||
| -rw-r--r-- | fs/ext4/indirect.c | 4 |
2 files changed, 9 insertions, 6 deletions
diff --git a/fs/ext4/extents.c b/fs/ext4/extents.c index 56efcaadf848..9c6d06dcef8b 100644 --- a/fs/ext4/extents.c +++ b/fs/ext4/extents.c | |||
| @@ -2999,20 +2999,23 @@ static int ext4_split_extent_at(handle_t *handle, | |||
| 2999 | if (split_flag & EXT4_EXT_DATA_VALID1) { | 2999 | if (split_flag & EXT4_EXT_DATA_VALID1) { |
| 3000 | err = ext4_ext_zeroout(inode, ex2); | 3000 | err = ext4_ext_zeroout(inode, ex2); |
| 3001 | zero_ex.ee_block = ex2->ee_block; | 3001 | zero_ex.ee_block = ex2->ee_block; |
| 3002 | zero_ex.ee_len = ext4_ext_get_actual_len(ex2); | 3002 | zero_ex.ee_len = cpu_to_le16( |
| 3003 | ext4_ext_get_actual_len(ex2)); | ||
| 3003 | ext4_ext_store_pblock(&zero_ex, | 3004 | ext4_ext_store_pblock(&zero_ex, |
| 3004 | ext4_ext_pblock(ex2)); | 3005 | ext4_ext_pblock(ex2)); |
| 3005 | } else { | 3006 | } else { |
| 3006 | err = ext4_ext_zeroout(inode, ex); | 3007 | err = ext4_ext_zeroout(inode, ex); |
| 3007 | zero_ex.ee_block = ex->ee_block; | 3008 | zero_ex.ee_block = ex->ee_block; |
| 3008 | zero_ex.ee_len = ext4_ext_get_actual_len(ex); | 3009 | zero_ex.ee_len = cpu_to_le16( |
| 3010 | ext4_ext_get_actual_len(ex)); | ||
| 3009 | ext4_ext_store_pblock(&zero_ex, | 3011 | ext4_ext_store_pblock(&zero_ex, |
| 3010 | ext4_ext_pblock(ex)); | 3012 | ext4_ext_pblock(ex)); |
| 3011 | } | 3013 | } |
| 3012 | } else { | 3014 | } else { |
| 3013 | err = ext4_ext_zeroout(inode, &orig_ex); | 3015 | err = ext4_ext_zeroout(inode, &orig_ex); |
| 3014 | zero_ex.ee_block = orig_ex.ee_block; | 3016 | zero_ex.ee_block = orig_ex.ee_block; |
| 3015 | zero_ex.ee_len = ext4_ext_get_actual_len(&orig_ex); | 3017 | zero_ex.ee_len = cpu_to_le16( |
| 3018 | ext4_ext_get_actual_len(&orig_ex)); | ||
| 3016 | ext4_ext_store_pblock(&zero_ex, | 3019 | ext4_ext_store_pblock(&zero_ex, |
| 3017 | ext4_ext_pblock(&orig_ex)); | 3020 | ext4_ext_pblock(&orig_ex)); |
| 3018 | } | 3021 | } |
| @@ -3272,7 +3275,7 @@ static int ext4_ext_convert_to_initialized(handle_t *handle, | |||
| 3272 | if (err) | 3275 | if (err) |
| 3273 | goto out; | 3276 | goto out; |
| 3274 | zero_ex.ee_block = ex->ee_block; | 3277 | zero_ex.ee_block = ex->ee_block; |
| 3275 | zero_ex.ee_len = ext4_ext_get_actual_len(ex); | 3278 | zero_ex.ee_len = cpu_to_le16(ext4_ext_get_actual_len(ex)); |
| 3276 | ext4_ext_store_pblock(&zero_ex, ext4_ext_pblock(ex)); | 3279 | ext4_ext_store_pblock(&zero_ex, ext4_ext_pblock(ex)); |
| 3277 | 3280 | ||
| 3278 | err = ext4_ext_get_access(handle, inode, path + depth); | 3281 | err = ext4_ext_get_access(handle, inode, path + depth); |
diff --git a/fs/ext4/indirect.c b/fs/ext4/indirect.c index b505a145a593..a04183127ef0 100644 --- a/fs/ext4/indirect.c +++ b/fs/ext4/indirect.c | |||
| @@ -1539,9 +1539,9 @@ static int free_hole_blocks(handle_t *handle, struct inode *inode, | |||
| 1539 | blk = *i_data; | 1539 | blk = *i_data; |
| 1540 | if (level > 0) { | 1540 | if (level > 0) { |
| 1541 | ext4_lblk_t first2; | 1541 | ext4_lblk_t first2; |
| 1542 | bh = sb_bread(inode->i_sb, blk); | 1542 | bh = sb_bread(inode->i_sb, le32_to_cpu(blk)); |
| 1543 | if (!bh) { | 1543 | if (!bh) { |
| 1544 | EXT4_ERROR_INODE_BLOCK(inode, blk, | 1544 | EXT4_ERROR_INODE_BLOCK(inode, le32_to_cpu(blk), |
| 1545 | "Read failure"); | 1545 | "Read failure"); |
| 1546 | return -EIO; | 1546 | return -EIO; |
| 1547 | } | 1547 | } |