A batch of ext4-related CVE fixes were released to other kernels in
linux-stable, but don't apply cleanly to 3.18.y. For the most part
these are unmodified cherry-picks of Ben Hutchings's 3.16.y backports
(exceptions are noted above my Signed-off-by).
Theodore Ts'o (10):
ext4: only look at the bg_flags field if it is valid
ext4: fix check to prevent initializing reserved inodes
ext4: always check block group bounds in ext4_init_block_bitmap()
ext4: fix false negatives *and* false positives in
ext4_check_descriptors()
ext4: add corruption check in ext4_xattr_set_entry()
ext4: always verify the magic number in xattr blocks
ext4: never move the system.data xattr out of the inode body
ext4: add more inode number paranoia checks
jbd2: don't mark block as modified if the handle is out of credits
ext4: avoid running out of journal credits when appending to an inline
file
fs/ext4/balloc.c | 21 ++++++++++++-------
fs/ext4/ext4.h | 8 -------
fs/ext4/ialloc.c | 19 ++++++++++++++---
fs/ext4/inline.c | 38 +--------------------------------
fs/ext4/inode.c | 3 ++-
fs/ext4/mballoc.c | 6 ++++--
fs/ext4/super.c | 12 +++++++++--
fs/ext4/xattr.c | 49 ++++++++++++++++++++-----------------------
fs/jbd2/transaction.c | 2 +-
9 files changed, 70 insertions(+), 88 deletions(-)
--
2.19.0.605.g01d371f741-goog
