ACK: [SRU][Xenial][PATCH 1/1] ext4: fix false negatives *and* false positives in ext4_check_descriptors()
Stefan Bader
stefan.bader at canonical.com
Wed Sep 5 12:55:42 UTC 2018
On 31.08.2018 16:14, Joseph Salisbury wrote:
> From: Theodore Ts'o <tytso at mit.edu>
>
> BugLink: https://bugs.launchpad.net/bugs/1789653
>
> Ext4_check_descriptors() was getting called before s_gdb_count was
> initialized. So for file systems w/o the meta_bg feature, allocation
> bitmaps could overlap the block group descriptors and ext4 wouldn't
> notice.
>
> For file systems with the meta_bg feature enabled, there was a
> fencepost error which would cause the ext4_check_descriptors() to
> incorrectly believe that the block allocation bitmap overlaps with the
> block group descriptor blocks, and it would reject the mount.
>
> Fix both of these problems.
>
> Signed-off-by: Theodore Ts'o <tytso at mit.edu>
> Cc: stable at vger.kernel.org
> (backported from commit 44de022c4382541cebdd6de4465d1f4f465ff1dd)
> Signed-off-by: Joseph Salisbury <joseph.salisbury at canonical.com>
Acked-by: Stefan Bader <stefan.bader at canonical.com>
> ---
> fs/ext4/super.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/fs/ext4/super.c b/fs/ext4/super.c
> index c507033..577a14e 100644
> --- a/fs/ext4/super.c
> +++ b/fs/ext4/super.c
> @@ -2125,7 +2125,7 @@ static int ext4_check_descriptors(struct super_block *sb,
> struct ext4_sb_info *sbi = EXT4_SB(sb);
> ext4_fsblk_t first_block = le32_to_cpu(sbi->s_es->s_first_data_block);
> ext4_fsblk_t last_block;
> - ext4_fsblk_t last_bg_block = sb_block + ext4_bg_num_gdb(sb, 0) + 1;
> + ext4_fsblk_t last_bg_block = sb_block + ext4_bg_num_gdb(sb, 0);
> ext4_fsblk_t block_bitmap;
> ext4_fsblk_t inode_bitmap;
> ext4_fsblk_t inode_table;
> @@ -3810,13 +3810,13 @@ static int ext4_fill_super(struct super_block *sb, void *data, int silent)
> goto failed_mount2;
> }
> }
> + sbi->s_gdb_count = db_count;
> if (!ext4_check_descriptors(sb, logical_sb_block, &first_not_zeroed)) {
> ext4_msg(sb, KERN_ERR, "group descriptors corrupted!");
> ret = -EFSCORRUPTED;
> goto failed_mount2;
> }
>
> - sbi->s_gdb_count = db_count;
> get_random_bytes(&sbi->s_next_generation, sizeof(u32));
> spin_lock_init(&sbi->s_next_gen_lock);
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20180905/d4d8539a/attachment.sig>
More information about the kernel-team
mailing list