linux-stable

mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-10-02 23:27:06 +00:00

No description

Find a file

Baokun Li b7e9ec38b6 ext4: fix BUG in ext4_mb_new_inode_pa() due to overflow [ Upstream commit `bc056e7163` ] When we calculate the end position of ext4_free_extent, this position may be exactly where ext4_lblk_t (i.e. uint) overflows. For example, if ac_g_ex.fe_logical is 4294965248 and ac_orig_goal_len is 2048, then the computed end is 0x100000000, which is 0. If ac->ac_o_ex.fe_logical is not the first case of adjusting the best extent, that is, new_bex_end > 0, the following BUG_ON will be triggered: ========================================================= kernel BUG at fs/ext4/mballoc.c:5116! invalid opcode: 0000 [#1] PREEMPT SMP PTI CPU: 3 PID: 673 Comm: xfs_io Tainted: G E 6.5.0-rc1+ #279 RIP: 0010:ext4_mb_new_inode_pa+0xc5/0x430 Call Trace: <TASK> ext4_mb_use_best_found+0x203/0x2f0 ext4_mb_try_best_found+0x163/0x240 ext4_mb_regular_allocator+0x158/0x1550 ext4_mb_new_blocks+0x86a/0xe10 ext4_ext_map_blocks+0xb0c/0x13a0 ext4_map_blocks+0x2cd/0x8f0 ext4_iomap_begin+0x27b/0x400 iomap_iter+0x222/0x3d0 __iomap_dio_rw+0x243/0xcb0 iomap_dio_rw+0x16/0x80 ========================================================= A simple reproducer demonstrating the problem: mkfs.ext4 -F /dev/sda -b 4096 100M mount /dev/sda /tmp/test fallocate -l1M /tmp/test/tmp fallocate -l10M /tmp/test/file fallocate -i -o 1M -l16777203M /tmp/test/file fsstress -d /tmp/test -l 0 -n 100000 -p 8 & sleep 10 && killall -9 fsstress rm -f /tmp/test/tmp xfs_io -c "open -ad /tmp/test/file" -c "pwrite -S 0xff 0 8192" We simply refactor the logic for adjusting the best extent by adding a temporary ext4_free_extent ex and use extent_logical_end() to avoid overflow, which also simplifies the code. Cc: stable@kernel.org # 6.4 Fixes: `93cdf49f6e` ("ext4: Fix best extent lstart adjustment logic in ext4_mb_new_inode_pa()") Signed-off-by: Baokun Li <libaokun1@huawei.com> Reviewed-by: Ritesh Harjani (IBM) <ritesh.list@gmail.com> Link: https://lore.kernel.org/r/20230724121059.11834-3-libaokun1@huawei.com Signed-off-by: Theodore Ts'o <tytso@mit.edu> Signed-off-by: Sasha Levin <sashal@kernel.org>		2023-09-23 11:14:30 +02:00
arch	usb: dwc3: dwc3-octeon: Verify clock divider	2023-09-23 11:14:29 +02:00
block	blk-mq: fix tags leak when shrink nr_hw_queues	2023-09-23 11:14:26 +02:00
certs	KEYS: Add missing function documentation	2023-04-24 16:15:52 +03:00
crypto	crypto: lrw,xts - Replace strlcpy with strscpy	2023-09-23 11:14:19 +02:00
Documentation	perf/smmuv3: Enable HiSilicon Erratum 162001900 quirk for HIP08/09	2023-09-23 11:14:18 +02:00
drivers	usb: typec: qcom-pmic-typec: register drm_bridge	2023-09-23 11:14:29 +02:00
fs	ext4: fix BUG in ext4_mb_new_inode_pa() due to overflow	2023-09-23 11:14:30 +02:00
include	usb: chipidea: add workaround for chipidea PEC bug	2023-09-23 11:14:29 +02:00
init	sched/psi: Select KERNFS as needed	2023-09-13 09:52:59 +02:00
io_uring	io_uring: annotate the struct io_kiocb slab for appropriate user copy	2023-09-23 11:14:25 +02:00
ipc	Merge branch 'work.namespace' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs	2023-02-24 19:20:07 -08:00
kernel	printk: Rename abandon_console_lock_in_panic() to other_cpu_in_panic()	2023-09-23 11:14:30 +02:00
lib	kobject: Add sanity check for kset->kobj.ktype in kset_register()	2023-09-23 11:14:29 +02:00
LICENSES	LICENSES: Add the copyleft-next-0.3.1 license	2022-11-08 15:44:01 +01:00
mm	vm: fix move_vma() memory accounting being off	2023-09-19 12:30:30 +02:00
net	wifi: mac80211: check for station first in client probe	2023-09-23 11:14:22 +02:00
rust	rust: macros: vtable: fix `HAS_*` redefinition (`gen_const_name`)	2023-08-09 21:15:07 +02:00
samples	samples/hw_breakpoint: Fix kernel BUG 'invalid opcode: 0000'	2023-09-23 11:14:24 +02:00
scripts	linux/export: fix reference to exported functions for parisc64	2023-09-19 12:30:21 +02:00
security	smackfs: Prevent underflow in smk_set_cipso()	2023-09-13 09:53:22 +02:00
sound	ASoC: SOF: amd: clear panic mask status when panic occurs	2023-09-23 11:14:26 +02:00
tools	tools: iio: iio_generic_buffer: Fix some integer type and calculation	2023-09-23 11:14:28 +02:00
usr	initramfs: Encode dependency on KBUILD_BUILD_TIMESTAMP	2023-06-06 17:54:49 +09:00
virt	kvm/vfio: ensure kvg instance stays around in kvm_vfio_group_add()	2023-09-13 09:53:29 +02:00
.clang-format	iommu: Add for_each_group_device()	2023-05-23 08:15:51 +02:00
.cocciconfig
.get_maintainer.ignore	get_maintainer: add Alan to .get_maintainer.ignore	2022-08-20 15:17:44 -07:00
.gitattributes	.gitattributes: set diff driver for Rust source code files	2023-05-31 17:48:25 +02:00
.gitignore	Revert ".gitignore: ignore .cover and .mbx"	2023-07-04 15:05:12 -07:00
.mailmap	mailmap: add entries for Simon Horman	2023-08-16 09:53:10 +01:00
.rustfmt.toml	rust: add `.rustfmt.toml`	2022-09-28 09:02:20 +02:00
COPYING
CREDITS	- Address -Wmissing-prototype warnings	2023-06-26 16:43:54 -07:00
Kbuild	Kbuild updates for v6.1	2022-10-10 12:00:45 -07:00
Kconfig
MAINTAINERS	sound fixes for 6.5	2023-08-25 08:48:14 -07:00
Makefile	Linux 6.5.4	2023-09-19 12:30:30 +02:00
README

README

Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.