lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 28 Mar 2019 17:41:17 +0100 From: Jan Kara <jack@...e.cz> To: Ted Tso <tytso@....edu> Cc: <linux-ext4@...r.kernel.org>, Jan Kara <jack@...e.cz> Subject: [PATCH] ext4: Make sanity check in mballoc more strict Sanity check in mb_find_extent() only checked that returned extent does not extend past blocksize * 8, however it should not extend past EXT4_CLUSTERS_PER_GROUP(sb). This can happen when clusters_per_group < blocksize * 8 and the tail of the bitmap is not properly filled by 1s which happened e.g. when ancient kernels have grown the filesystem. Signed-off-by: Jan Kara <jack@...e.cz> --- fs/ext4/mballoc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) As a background: We have a customer who has filesystems (created & apparently resized by 3.0 or older kernels) and which make current kernels eventually barf with errors but e2fsck says everything is fine. This patch makes mballoc code detect issues earlier. I'll send appropriate e2fsck patch shortly. diff --git a/fs/ext4/mballoc.c b/fs/ext4/mballoc.c index 6fb76d408093..8ef5f12bbee2 100644 --- a/fs/ext4/mballoc.c +++ b/fs/ext4/mballoc.c @@ -1539,7 +1539,7 @@ static int mb_find_extent(struct ext4_buddy *e4b, int block, ex->fe_len += 1 << order; } - if (ex->fe_start + ex->fe_len > (1 << (e4b->bd_blkbits + 3))) { + if (ex->fe_start + ex->fe_len > EXT4_CLUSTERS_PER_GROUP(e4b->bd_sb)) { /* Should never happen! (but apparently sometimes does?!?) */ WARN_ON(1); ext4_error(e4b->bd_sb, "corruption or bug in mb_find_extent " -- 2.16.4
Powered by blists - more mailing lists