mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-30 06:10:56 +00:00
Code Issues Releases Wiki Activity
linux-stable/fs/f2fs
History
Chao Yu f3537bd135 f2fs: fix to do sanity check on segment bitmap of LFS curseg 
[ Upstream commit c854f4d681 ]

As Jungyeon Reported in bugzilla:

https://bugzilla.kernel.org/show_bug.cgi?id=203233

- Reproduces
gcc poc_13.c
./run.sh f2fs

- Kernel messages
 F2FS-fs (sdb): Bitmap was wrongly set, blk:4608
 kernel BUG at fs/f2fs/segment.c:2133!
 RIP: 0010:update_sit_entry+0x35d/0x3e0
 Call Trace:
  f2fs_allocate_data_block+0x16c/0x5a0
  do_write_page+0x57/0x100
  f2fs_do_write_node_page+0x33/0xa0
  __write_node_page+0x270/0x4e0
  f2fs_sync_node_pages+0x5df/0x670
  f2fs_write_checkpoint+0x364/0x13a0
  f2fs_sync_fs+0xa3/0x130
  f2fs_do_sync_file+0x1a6/0x810
  do_fsync+0x33/0x60
  __x64_sys_fsync+0xb/0x10
  do_syscall_64+0x43/0x110
  entry_SYSCALL_64_after_hwframe+0x44/0xa9

The testcase fails because that, in fuzzed image, current segment was
allocated with LFS type, its .next_blkoff should point to an unused
block address, but actually, its bitmap shows it's not. So during
allocation, f2fs crash when setting bitmap.

Introducing sanity_check_curseg() to check such inconsistence of
current in-used segment.

Signed-off-by: Chao Yu <yuchao0@huawei.com>
Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2019-10-05 12:30:11 +02:00
..
acl.c f2fs: fix wrong return value of f2fs_acl_create 2019-02-12 19:44:53 +01:00
acl.h f2fs: remove dead code f2fs_check_acl 2016-09-14 16:52:36 -07:00
checkpoint.c f2fs: fix to do sanity check with cp_pack_start_sum 2018-12-08 13:05:14 +01:00
data.c f2fs: fix to do sanity check with block address in main area v2 2018-12-08 13:05:14 +01:00
debug.c f2fs: remove percpu_count due to performance regression 2017-01-12 11:39:35 +01:00
dir.c f2fs: fix multiple f2fs_add_link() having same name for inline dentry 2018-11-10 07:42:45 -08:00
extent_cache.c f2fs: fix to check extent cache in f2fs_drop_extent_tree 2018-05-30 07:50:46 +02:00
f2fs.h f2fs: fix sbi->extent_list corruption issue 2019-02-12 19:44:58 +01:00
file.c f2fs: move dir data flush to write checkpoint process 2019-02-12 19:44:53 +01:00
gc.c f2fs: fix to skip GC if type in SSA and SIT is inconsistent 2018-09-19 22:47:14 +02:00
gc.h f2fs: detect idle time depending on user behavior 2016-01-11 15:56:37 -08:00
hash.c f2fs: check entire encrypted bigname when finding a dentry 2017-05-25 15:44:38 +02:00
inline.c f2fs: fix to do sanity check with reserved blkaddr of inline inode 2018-09-19 22:47:15 +02:00
inode.c f2fs: fix to clear dirty inode in error path of f2fs_iget() 2019-06-22 08:17:14 +02:00
Kconfig f2fs: add mount option to select fault injection ratio 2016-05-07 10:32:22 -07:00
Makefile fs crypto: move per-file encryption from f2fs tree to fs/crypto 2016-03-17 21:19:33 -07:00
namei.c do d_instantiate/unlock_new_inode combinations safely 2018-05-30 07:50:16 +02:00
node.c f2fs: read page index before freeing 2019-01-31 08:12:37 +01:00
node.h f2fs: introduce cp_lock to protect updating of ckpt_flags 2016-09-30 17:34:20 -07:00
recovery.c f2fs: fix to avoid panic in do_recover_data() 2019-06-22 08:17:14 +02:00
segment.c f2fs: fix to do sanity check on segment bitmap of LFS curseg 2019-10-05 12:30:11 +02:00
segment.h f2fs: fix to do sanity check on valid block count of segment 2019-06-22 08:17:14 +02:00
shrinker.c f2fs: fix sbi->extent_list corruption issue 2019-02-12 19:44:58 +01:00
super.c f2fs: check all the data segments against all node ones 2019-10-05 12:30:10 +02:00
trace.c f2fs: do not use mutex lock in atomic context 2019-04-05 22:29:07 +02:00
trace.h f2fs: add sbi and page pointer in f2fs_io_info 2015-05-28 15:41:32 -07:00
xattr.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2016-10-10 20:16:43 -07:00
xattr.h f2fs: add missing argument to f2fs_setxattr stub 2016-03-17 21:19:47 -07:00