On Mon, Aug 06, 2018 at 09:40:04AM -0400, Theodore Y. Ts'o wrote:
> On Sun, Aug 05, 2018 at 10:25:22PM +0100, Sudip Mukherjee wrote:
> > Hi Greg,
> >
> > On Mon, Jul 30, 2018 at 09:58:27AM +0200, gregkh@xxxxxxxxxxxxxxxxxxx wrote:
> > >
> > > The patch below does not apply to the 4.14-stable tree.
> > > If someone wants it applied there, or to any other stable or longterm
> > > tree, then please email the backport, including the original git commit
> > > id to <stable@xxxxxxxxxxxxxxx>.
> >
> > The attached backported patch should apply to 4.14-stable tree.
>
> Thanks Sudip!
>
> Acked-by: Theodore Ts'o <tytso@xxxxxxx>
Greg, can you also make sure this patch gets applied to the 4.4 and
4.9 stable trees? Many thanks!
- Ted
>From 6a6ec4cab0f949122667580a97fa32539cbc128c Mon Sep 17 00:00:00 2001
From: Theodore Ts'o <tytso@xxxxxxx>
Date: Sun, 8 Jul 2018 19:35:02 -0400
Subject: [PATCH] ext4: fix false negatives *and* false positives in ext4_check_descriptors()
commit 44de022c4382541cebdd6de4465d1f4f465ff1dd upstream
Ext4_check_descriptors() was getting called before s_gdb_count was
initialized. So for file systems w/o the meta_bg feature, allocation
bitmaps could overlap the block group descriptors and ext4 wouldn't
notice.
For file systems with the meta_bg feature enabled, there was a
fencepost error which would cause the ext4_check_descriptors() to
incorrectly believe that the block allocation bitmap overlaps with the
block group descriptor blocks, and it would reject the mount.
Fix both of these problems.
Signed-off-by: Theodore Ts'o <tytso@xxxxxxx>
Cc: stable@xxxxxxxxxxxxxxx
Signed-off-by: Sudip Mukherjee <sudipm.mukherjee@xxxxxxxxx>
---
fs/ext4/super.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/fs/ext4/super.c b/fs/ext4/super.c
index 6b0c1ea95196..f30d2bf40471 100644
--- a/fs/ext4/super.c
+++ b/fs/ext4/super.c
@@ -2301,7 +2301,7 @@ static int ext4_check_descriptors(struct super_block *sb,
struct ext4_sb_info *sbi = EXT4_SB(sb);
ext4_fsblk_t first_block = le32_to_cpu(sbi->s_es->s_first_data_block);
ext4_fsblk_t last_block;
- ext4_fsblk_t last_bg_block = sb_block + ext4_bg_num_gdb(sb, 0) + 1;
+ ext4_fsblk_t last_bg_block = sb_block + ext4_bg_num_gdb(sb, 0);
ext4_fsblk_t block_bitmap;
ext4_fsblk_t inode_bitmap;
ext4_fsblk_t inode_table;
@@ -4038,13 +4038,13 @@ static int ext4_fill_super(struct super_block *sb, void *data, int silent)
goto failed_mount2;
}
}
+ sbi->s_gdb_count = db_count;
if (!ext4_check_descriptors(sb, logical_sb_block, &first_not_zeroed)) {
ext4_msg(sb, KERN_ERR, "group descriptors corrupted!");
ret = -EFSCORRUPTED;
goto failed_mount2;
}
- sbi->s_gdb_count = db_count;
get_random_bytes(&sbi->s_next_generation, sizeof(u32));
spin_lock_init(&sbi->s_next_gen_lock);
--
2.11.0
