kernel / kernel-source

Clone
Source Code
GIT

Blame patches.suse/ext4-protect-journal-inode-s-blocks-using-block_vali.patch

ALP-current ALP-current-GA ALP-current-RT ALP-current-RT-GA SLE12-SP5 SLE12-SP5-AZURE SLE12-SP5-RT SLE15-SP2-EB SLE15-SP3-RT-LTSS SLE15-SP4-RT-LTSS SLE15-SP5 SLE15-SP5-AZURE SLE15-SP5-RT SLE15-SP6 SLE15-SP6-AZURE SLE15-SP6-AZURE-GA SLE15-SP6-GA SLE15-SP6-RT SLE15-SP6-RT-GA linux-next master packaging scripts slowroll stable vanilla
  1.   42410b3106954b309b30192171d183270a6400e6
  2.   patches.suse
  3.   ext4-protect-journal-inode-s-blocks-using-block_vali.patch
Blob History Raw
Jan Kara 46496d 
From 345c0dbf3a30872d9b204db96b5857cd00808cae Mon Sep 17 00:00:00 2001
Jan Kara 46496d 
From: Theodore Ts'o <tytso@mit.edu>
Jan Kara 46496d 
Date: Tue, 9 Apr 2019 23:37:08 -0400
Jan Kara 46496d 
Subject: [PATCH] ext4: protect journal inode's blocks using block_validity
Jan Kara 46496d 
Git-commit: 345c0dbf3a30872d9b204db96b5857cd00808cae
Jan Kara 46496d 
Patch-mainline: v5.2-rc1
Jan Kara 46496d 
References: bsc#1158021 CVE-2019-19319
Jan Kara 46496d
Jan Kara 46496d 
Add the blocks which belong to the journal inode to block_validity's
Jan Kara 46496d 
system zone so attempts to deallocate or overwrite the journal due a
Jan Kara 46496d 
corrupted file system where the journal blocks are also claimed by
Jan Kara 46496d 
another inode.
Jan Kara 46496d
Jan Kara 46496d 
Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=202879
Jan Kara 46496d 
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Jan Kara 46496d 
Cc: stable@kernel.org
Jan Kara 46496d 
Acked-by: Jan Kara <jack@suse.cz>
Jan Kara 46496d
Jan Kara 46496d 
---
Jan Kara 46496d 
 fs/ext4/block_validity.c |   48 +++++++++++++++++++++++++++++++++++++++++++++++
Jan Kara 46496d 
 fs/ext4/inode.c          |    4 +++
Jan Kara 46496d 
 2 files changed, 52 insertions(+)
Jan Kara 46496d
Jan Kara 46496d 
--- a/fs/ext4/block_validity.c
Jan Kara 46496d 
+++ b/fs/ext4/block_validity.c
Jan Kara 46496d 
@@ -136,6 +136,48 @@ static void debug_print_tree(struct ext4
Jan Kara 46496d 
 	printk(KERN_CONT "\n");
Jan Kara 46496d 
 }
Jan Kara 46496d
Jan Kara 46496d 
+static int ext4_protect_reserved_inode(struct super_block *sb, u32 ino)
Jan Kara 46496d 
+{
Jan Kara 46496d 
+	struct inode *inode;
Jan Kara 46496d 
+	struct ext4_sb_info *sbi = EXT4_SB(sb);
Jan Kara 46496d 
+	struct ext4_map_blocks map;
Jan Kara 46496d 
+	u32 i = 0, err = 0, num, n;
Jan Kara 46496d 
+
Jan Kara 46496d 
+	if ((ino < EXT4_ROOT_INO) ||
Jan Kara 46496d 
+	    (ino > le32_to_cpu(sbi->s_es->s_inodes_count)))
Jan Kara 46496d 
+		return -EINVAL;
Jan Kara 46496d 
+	inode = ext4_iget(sb, ino, EXT4_IGET_SPECIAL);
Jan Kara 46496d 
+	if (IS_ERR(inode))
Jan Kara 46496d 
+		return PTR_ERR(inode);
Jan Kara 46496d 
+	num = (inode->i_size + sb->s_blocksize - 1) >> sb->s_blocksize_bits;
Jan Kara 46496d 
+	while (i < num) {
Jan Kara 46496d 
+		map.m_lblk = i;
Jan Kara 46496d 
+		map.m_len = num - i;
Jan Kara 46496d 
+		n = ext4_map_blocks(NULL, inode, &map, 0);
Jan Kara 46496d 
+		if (n < 0) {
Jan Kara 46496d 
+			err = n;
Jan Kara 46496d 
+			break;
Jan Kara 46496d 
+		}
Jan Kara 46496d 
+		if (n == 0) {
Jan Kara 46496d 
+			i++;
Jan Kara 46496d 
+		} else {
Jan Kara 46496d 
+			if (!ext4_data_block_valid(sbi, map.m_pblk, n)) {
Jan Kara 46496d 
+				ext4_error(sb, "blocks %llu-%llu from inode %u "
Jan Kara 46496d 
+					   "overlap system zone", map.m_pblk,
Jan Kara 46496d 
+					   map.m_pblk + map.m_len - 1, ino);
Jan Kara 46496d 
+				err = -EFSCORRUPTED;
Jan Kara 46496d 
+				break;
Jan Kara 46496d 
+			}
Jan Kara 46496d 
+			err = add_system_zone(sbi, map.m_pblk, n);
Jan Kara 46496d 
+			if (err < 0)
Jan Kara 46496d 
+				break;
Jan Kara 46496d 
+			i += n;
Jan Kara 46496d 
+		}
Jan Kara 46496d 
+	}
Jan Kara 46496d 
+	iput(inode);
Jan Kara 46496d 
+	return err;
Jan Kara 46496d 
+}
Jan Kara 46496d 
+
Jan Kara 46496d 
 int ext4_setup_system_zone(struct super_block *sb)
Jan Kara 46496d 
 {
Jan Kara 46496d 
 	ext4_group_t ngroups = ext4_get_groups_count(sb);
Jan Kara 46496d 
@@ -170,6 +212,12 @@ int ext4_setup_system_zone(struct super_
Jan Kara 46496d 
 		if (ret)
Jan Kara 46496d 
 			return ret;
Jan Kara 46496d 
 	}
Jan Kara 46496d 
+	if (ext4_has_feature_journal(sb) && sbi->s_es->s_journal_inum) {
Jan Kara 46496d 
+		ret = ext4_protect_reserved_inode(sb,
Jan Kara 46496d 
+				le32_to_cpu(sbi->s_es->s_journal_inum));
Jan Kara 46496d 
+		if (ret)
Jan Kara 46496d 
+			return ret;
Jan Kara 46496d 
+	}
Jan Kara 46496d
Jan Kara 46496d 
 	if (test_opt(sb, DEBUG))
Jan Kara 46496d 
 		debug_print_tree(EXT4_SB(sb));
Jan Kara 46496d 
--- a/fs/ext4/inode.c
Jan Kara 46496d 
+++ b/fs/ext4/inode.c
Jan Kara 46496d 
@@ -384,6 +384,10 @@ static int __check_block_validity(struct
Jan Kara 46496d 
 				unsigned int line,
Jan Kara 46496d 
 				struct ext4_map_blocks *map)
Jan Kara 46496d 
 {
Jan Kara 46496d 
+	if (ext4_has_feature_journal(inode->i_sb) &&
Jan Kara 46496d 
+	    (inode->i_ino ==
Jan Kara 46496d 
+	     le32_to_cpu(EXT4_SB(inode->i_sb)->s_es->s_journal_inum)))
Jan Kara 46496d 
+		return 0;
Jan Kara 46496d 
 	if (!ext4_data_block_valid(EXT4_SB(inode->i_sb), map->m_pblk,
Jan Kara 46496d 
 				   map->m_len)) {
Jan Kara 46496d 
 		ext4_error_inode(inode, func, line, map->m_pblk,
Powered by Pagure 5.13.3
DocumentationAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.