korg/linux
0
0
Fork 0
mirror of https://mirrors.bfsu.edu.cn/git/linux.git synced 2024-09-22 22:11:38 +08:00
Code Issues Packages Projects Releases Wiki Activity
ef3cf941e0
linux/fs/ext4
History
Jeremy Cline 4bc32484df ext4: fix spectre gadget in ext4_mb_regular_allocator() 
commit 1a5d5e5d51 upstream.

'ac->ac_g_ex.fe_len' is a user-controlled value which is used in the
derivation of 'ac->ac_2order'. 'ac->ac_2order', in turn, is used to
index arrays which makes it a potential spectre gadget. Fix this by
sanitizing the value assigned to 'ac->ac2_order'.  This covers the
following accesses found with the help of smatch:

* fs/ext4/mballoc.c:1896 ext4_mb_simple_scan_group() warn: potential
  spectre issue 'grp->bb_counters' [w] (local cap)

* fs/ext4/mballoc.c:445 mb_find_buddy() warn: potential spectre issue
  'EXT4_SB(e4b->bd_sb)->s_mb_offsets' [r] (local cap)

* fs/ext4/mballoc.c:446 mb_find_buddy() warn: potential spectre issue
  'EXT4_SB(e4b->bd_sb)->s_mb_maxs' [r] (local cap)

Suggested-by: Josh Poimboeuf <jpoimboe@redhat.com>
Signed-off-by: Jeremy Cline <jcline@redhat.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Cc: stable@vger.kernel.org
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2018-08-24 13:08:55 +02:00
..
acl.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
acl.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
balloc.c ext4: check for allocation block validity with block group locked 2018-08-03 07:50:43 +02:00
bitmap.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
block_validity.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
dir.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
ext4_extents.h ext4: verify the depth of extent tree in ext4_find_extent() 2018-07-11 16:29:17 +02:00
ext4_jbd2.c ext4: shutdown should not prevent get_write_access 2018-04-24 09:36:30 +02:00
ext4_jbd2.h ext4, project: expand inode extra size if possible 2017-08-06 01:00:49 -04:00
ext4.h ext4: add more inode number paranoia checks 2018-07-11 16:29:18 +02:00
extents_status.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
extents_status.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
extents.c ext4: verify the depth of extent tree in ext4_find_extent() 2018-07-11 16:29:17 +02:00
file.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
fsmap.c ext4: fix off-by-one fsmap error on 1k block filesystems 2017-06-23 00:58:57 -04:00
fsmap.h ext4: support GETFSMAP ioctls 2017-04-30 00:36:53 -04:00
fsync.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
hash.c ext4: remove useless test and assignment in strtohash functions 2017-08-24 15:11:34 -04:00
ialloc.c ext4: fix check to prevent initializing reserved inodes 2018-08-03 07:50:43 +02:00
indirect.c ext4: fix hole length detection in ext4_ind_map_blocks() 2018-06-26 08:06:29 +08:00
inline.c ext4: fix inline data updates with checksums enabled 2018-08-03 07:50:43 +02:00
inode.c ext4: fix inline data updates with checksums enabled 2018-08-03 07:50:43 +02:00
ioctl.c ext4: pass -ESHUTDOWN code to jbd2 layer 2018-04-24 09:36:30 +02:00
Kconfig dax: fix build warnings with FS_DAX and !FS_IOMAP 2017-01-24 16:26:14 -08:00
Makefile License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
mballoc.c ext4: fix spectre gadget in ext4_mb_regular_allocator() 2018-08-24 13:08:55 +02:00
mballoc.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
migrate.c ext4: do not set posix acls on xattr inodes 2017-06-21 21:21:39 -04:00
mmp.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
move_extent.c ext4: add ext4_is_quota_file() 2017-06-22 11:31:25 -04:00
namei.c do d_instantiate/unlock_new_inode combinations safely 2018-05-30 07:51:47 +02:00
page-io.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
readpage.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
resize.c ext4: fix fencepost error in check for inode count overflow during resize 2018-06-26 08:06:29 +08:00
super.c ext4: fix false negatives *and* false positives in ext4_check_descriptors() 2018-08-09 12:16:38 +02:00
symlink.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
sysfs.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
truncate.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
xattr_security.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
xattr_trusted.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
xattr_user.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
xattr.c ext4: avoid running out of journal credits when appending to an inline file 2018-07-11 16:29:18 +02:00
xattr.h ext4: add extra checks to ext4_xattr_block_get() 2018-04-24 09:36:31 +02:00