[3.16.y-ckt extended stable] Patch "ext4: fix overflow when updating superblock backups after resize" has been added to staging queue

Luis Henriques luis.henriques at canonical.com
Mon Nov 10 11:33:55 UTC 2014 

This is a note to let you know that I have just added a patch titled

    ext4: fix overflow when updating superblock backups after resize

to the linux-3.16.y-queue branch of the 3.16.y-ckt extended stable tree 
which can be found at:

 http://kernel.ubuntu.com/git?p=ubuntu/linux.git;a=shortlog;h=refs/heads/linux-3.16.y-queue

This patch is scheduled to be released in version 3.16.7-ckt1.

If you, or anyone else, feels it should not be added to this tree, please 
reply to this email.

For more information about the 3.16.y-ckt tree, see
https://wiki.ubuntu.com/Kernel/Dev/ExtendedStable

Thanks.
-Luis

------

>From 4a8bb3b6b846307353292cb7bde36d2abebf31c2 Mon Sep 17 00:00:00 2001
From: Jan Kara <jack at suse.cz>
Date: Thu, 30 Oct 2014 10:52:57 -0400
Subject: ext4: fix overflow when updating superblock backups after resize

commit 9378c6768e4fca48971e7b6a9075bc006eda981d upstream.

When there are no meta block groups update_backups() will compute the
backup block in 32-bit arithmetics thus possibly overflowing the block
number and corrupting the filesystem. OTOH filesystems without meta
block groups larger than 16 TB should be rare. Fix the problem by doing
the counting in 64-bit arithmetics.

Coverity-id: 741252
Signed-off-by: Jan Kara <jack at suse.cz>
Signed-off-by: Theodore Ts'o <tytso at mit.edu>
Reviewed-by: Lukas Czerner <lczerner at redhat.com>
Signed-off-by: Luis Henriques <luis.henriques at canonical.com>
---
 fs/ext4/resize.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/fs/ext4/resize.c b/fs/ext4/resize.c
index f298c60f907d..ca4588388fc3 100644
--- a/fs/ext4/resize.c
+++ b/fs/ext4/resize.c
@@ -1081,7 +1081,7 @@ static void update_backups(struct super_block *sb, int blk_off, char *data,
 			break;

 		if (meta_bg == 0)
-			backup_block = group * bpg + blk_off;
+			backup_block = ((ext4_fsblk_t)group) * bpg + blk_off;
 		else
 			backup_block = (ext4_group_first_block_no(sb, group) +
 					ext4_bg_has_super(sb, group));
--
2.1.0

More information about the kernel-team mailing list