2
0
mirror of https://github.com/edk2-porting/linux-next.git synced 2024-12-19 02:34:01 +08:00
linux-next/fs/ext4
Eryu Guan 15b49132fc ext4: check bh in ext4_read_block_bitmap()
Validate the bh pointer before using it, since
ext4_read_block_bitmap_nowait() might return NULL.

I've seen this in fsfuzz testing.

 EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:385: comm touch: Cannot get buffer for block bitmap - block_group = 0, block_bitmap = 3925999616
 BUG: unable to handle kernel NULL pointer dereference at           (null)
 IP: [<ffffffff8121de25>] ext4_wait_block_bitmap+0x25/0xe0
 ...
 Call Trace:
  [<ffffffff8121e1e5>] ext4_read_block_bitmap+0x35/0x60
  [<ffffffff8125e9c6>] ext4_free_blocks+0x236/0xb80
  [<ffffffff811d0d36>] ? __getblk+0x36/0x70
  [<ffffffff811d0a5f>] ? __find_get_block+0x8f/0x210
  [<ffffffff81191ef3>] ? kmem_cache_free+0x33/0x140
  [<ffffffff812678e5>] ext4_xattr_release_block+0x1b5/0x1d0
  [<ffffffff812679be>] ext4_xattr_delete_inode+0xbe/0x100
  [<ffffffff81222a7c>] ext4_free_inode+0x7c/0x4d0
  [<ffffffff812277b8>] ? ext4_mark_inode_dirty+0x88/0x230
  [<ffffffff8122993c>] ext4_evict_inode+0x32c/0x490
  [<ffffffff811b8cd7>] evict+0xa7/0x1c0
  [<ffffffff811b8ed3>] iput_final+0xe3/0x170
  [<ffffffff811b8f9e>] iput+0x3e/0x50
  [<ffffffff812316fd>] ext4_add_nondir+0x4d/0x90
  [<ffffffff81231d0b>] ext4_create+0xeb/0x170
  [<ffffffff811aae9c>] vfs_create+0xac/0xd0
  [<ffffffff811ac845>] lookup_open+0x185/0x1c0
  [<ffffffff8129e3b9>] ? selinux_inode_permission+0xa9/0x170
  [<ffffffff811acb54>] do_last+0x2d4/0x7a0
  [<ffffffff811af743>] path_openat+0xb3/0x480
  [<ffffffff8116a8a1>] ? handle_mm_fault+0x251/0x3b0
  [<ffffffff811afc49>] do_filp_open+0x49/0xa0
  [<ffffffff811bbaad>] ? __alloc_fd+0xdd/0x150
  [<ffffffff8119da28>] do_sys_open+0x108/0x1f0
  [<ffffffff8119db51>] sys_open+0x21/0x30
  [<ffffffff81618959>] system_call_fastpath+0x16/0x1b

Also fix comment for ext4_read_block_bitmap_nowait()

Signed-off-by: Eryu Guan <guaneryu@gmail.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Cc: stable@vger.kernel.org
2013-01-12 16:33:25 -05:00
..
acl.c ext4: fix memory leak in ext4_xattr_set_acl()'s error path 2012-11-08 15:11:11 -05:00
acl.h fs: take the ACL checks to common code 2011-07-25 14:30:23 -04:00
balloc.c ext4: check bh in ext4_read_block_bitmap() 2013-01-12 16:33:25 -05:00
bitmap.c ext4: Checksum the block bitmap properly with bigalloc enabled 2012-10-22 00:34:32 -04:00
block_validity.c ext2/3/4: delete unneeded includes of module.h 2012-01-09 13:52:10 +01:00
dir.c lseek: the "whence" argument is called "whence" 2012-12-17 17:15:12 -08:00
ext4_extents.h ext4: rationalize ext4_extents.h inclusion 2012-11-28 13:03:30 -05:00
ext4_jbd2.c ext4: fix metadata checksum calculation for the superblock 2012-10-10 01:06:58 -04:00
ext4_jbd2.h ext4: remove ext4_handle_release_buffer() 2012-11-08 11:22:46 -05:00
ext4.h There are two major features for this merge window. The first is 2012-12-16 17:33:01 -08:00
extents_status.c ext4: add some tracepoints in extent status tree 2012-11-08 21:57:33 -05:00
extents_status.h ext4: add operations on extent status tree 2012-11-08 21:57:20 -05:00
extents.c ext4: use unlikely to improve the efficiency of the kernel 2013-01-12 16:28:47 -05:00
file.c Various bug fixes for ext4. Perhaps the most serious bug fixed is one 2013-01-02 09:57:34 -08:00
fsync.c ext4: fix an incorrect comment about i_mutex 2012-12-25 13:31:52 -05:00
hash.c ext4: return 32/64-bit dir name hash according to usage type 2012-03-18 22:44:40 -04:00
ialloc.c ext4: enable ext4 inline support 2012-12-10 14:06:03 -05:00
indirect.c ext4: return ENOMEM if sb_getblk() fails 2013-01-12 16:19:36 -05:00
inline.c ext4: return ENOMEM if sb_getblk() fails 2013-01-12 16:19:36 -05:00
inode.c ext4: use unlikely to improve the efficiency of the kernel 2013-01-12 16:28:47 -05:00
ioctl.c The big new feature added this time is supporting online resizing 2012-10-08 06:36:39 +09:00
Kconfig ext4: fix configuration dependencies for ext4 ACLs and security labels 2013-01-06 23:38:44 -05:00
Makefile ext4: Remove CONFIG_EXT4_FS_XATTR 2012-12-10 16:30:43 -05:00
mballoc.c ext4: warn when discard request fails other than EOPNOTSUPP 2012-11-08 14:04:52 -05:00
mballoc.h ext4: remove unused macro MB_DEFAULT_MAX_GROUPS_TO_SCAN 2012-08-17 10:00:17 -04:00
migrate.c ext4: rationalize ext4_extents.h inclusion 2012-11-28 13:03:30 -05:00
mmp.c ext4: use unlikely to improve the efficiency of the kernel 2013-01-12 16:28:47 -05:00
move_extent.c ext4: rationalize ext4_extents.h inclusion 2012-11-28 13:03:30 -05:00
namei.c ext4: remove duplicate call to ext4_bread() in ext4_init_new_dir() 2013-01-06 23:40:25 -05:00
page-io.c ext4: rationalize ext4_extents.h inclusion 2012-11-28 13:03:30 -05:00
resize.c ext4: use unlikely to improve the efficiency of the kernel 2013-01-12 16:28:47 -05:00
super.c ext4: lock i_mutex when truncating orphan inodes 2012-12-27 01:42:48 -05:00
symlink.c ext4: Remove CONFIG_EXT4_FS_XATTR 2012-12-10 16:30:43 -05:00
truncate.h ext4: move common truncate functions to header file 2011-06-27 19:16:04 -04:00
xattr_security.c Merge branch 'for_linus' into for_linus_merged 2012-01-10 11:54:07 -05:00
xattr_trusted.c ext2/3/4: delete unneeded includes of module.h 2012-01-09 13:52:10 +01:00
xattr_user.c ext2/3/4: delete unneeded includes of module.h 2012-01-09 13:52:10 +01:00
xattr.c ext4: use unlikely to improve the efficiency of the kernel 2013-01-12 16:28:47 -05:00
xattr.h ext4: zero out inline data using memset() instead of empty_zero_page 2012-12-11 03:31:49 -05:00