From 63ba8a3d1d1c786367c37755fa607df9c617632a Mon Sep 17 00:00:00 2001 From: Mark Salyzyn Date: Mon, 25 Apr 2016 15:52:05 -0700 Subject: [PATCH] BACKPORT: f2fs: add a max block check for get_data_block_bmap (cherry pick from commit 179448bfe4cd201e98e728391c6b01b25c849fe8) This patch adds a max block check for get_data_block_bmap. Trinity test program will send a block number as parameter into ioctl_fibmap, which will be used in get_node_path(), when the block number large than f2fs max blocks, it will trigger kernel bug. Signed-off-by: Yunlei He Signed-off-by: Xue Liu [Jaegeuk Kim: fix missing condition, pointed by Chao Yu] Signed-off-by: Jaegeuk Kim Bug: 28271368 Git-repo: https://android.googlesource.com/kernel/tegra.git Git-commit: 3c714201e02ec08652be4b9544a5267e79bde3a9 Change-Id: Ia5acae04522993d5b60a0bcb5ccc184c66532be8 [d-cagle@codeaurora.org Resolve trivial merge conflicts] Signed-off-by: Dennis Cagle --- fs/f2fs/data.c | 4 ++++ fs/f2fs/f2fs.h | 1 + fs/f2fs/super.c | 2 +- 3 files changed, 6 insertions(+), 1 deletion(-) diff --git a/fs/f2fs/data.c b/fs/f2fs/data.c index 972eab7ac071..f53826ec30f3 100644 --- a/fs/f2fs/data.c +++ b/fs/f2fs/data.c @@ -742,6 +742,10 @@ static int get_data_block_dio(struct inode *inode, sector_t iblock, static int get_data_block_bmap(struct inode *inode, sector_t iblock, struct buffer_head *bh_result, int create) { + /* Block number less than F2FS MAX BLOCKS */ + if (unlikely(iblock >= max_file_size(0))) + return -EFBIG; + return __get_data_block(inode, iblock, bh_result, create, F2FS_GET_BLOCK_BMAP); } diff --git a/fs/f2fs/f2fs.h b/fs/f2fs/f2fs.h index 9db5500d63d9..3c7594b9d109 100644 --- a/fs/f2fs/f2fs.h +++ b/fs/f2fs/f2fs.h @@ -1715,6 +1715,7 @@ static inline int f2fs_add_link(struct dentry *dentry, struct inode *inode) * super.c */ int f2fs_commit_super(struct f2fs_sb_info *, bool); +loff_t max_file_size(unsigned bits); int f2fs_sync_fs(struct super_block *, int); extern __printf(3, 4) void f2fs_msg(struct super_block *, const char *, const char *, ...); diff --git a/fs/f2fs/super.c b/fs/f2fs/super.c index 3a65e0132352..106dda1e743d 100644 --- a/fs/f2fs/super.c +++ b/fs/f2fs/super.c @@ -898,7 +898,7 @@ static const struct export_operations f2fs_export_ops = { .get_parent = f2fs_get_parent, }; -static loff_t max_file_size(unsigned bits) +loff_t max_file_size(unsigned bits) { loff_t result = (DEF_ADDRS_PER_INODE - F2FS_INLINE_XATTR_ADDRS); loff_t leaf_count = ADDRS_PER_BLOCK; -- 2.11.0