shinys000114/linux
1
0
Fork 0
mirror of https://github.com/hardkernel/linux.git synced 2026-06-07 19:30:30 +09:00
Code Issues Packages Projects Releases Wiki Activity
Files
a74a2368f887bda5ea757fc251268b426dbdccab
linux/fs
History
Chao Yu 830390b363 FROMGIT: f2fs: fix potential .flags overflow on 32bit architecture 
f2fs_inode_info.flags is unsigned long variable, it has 32 bits
in 32bit architecture, since we introduced FI_MMAP_FILE flag
when we support data compression, we may access memory cross
the border of .flags field, corrupting .i_sem field, result in
below deadlock.

To fix this issue, let's expand .flags as an array to grab enough
space to store new flags.

Call Trace:
 __schedule+0x8d0/0x13fc
 ? mark_held_locks+0xac/0x100
 schedule+0xcc/0x260
 rwsem_down_write_slowpath+0x3ab/0x65d
 down_write+0xc7/0xe0
 f2fs_drop_nlink+0x3d/0x600 [f2fs]
 f2fs_delete_inline_entry+0x300/0x440 [f2fs]
 f2fs_delete_entry+0x3a1/0x7f0 [f2fs]
 f2fs_unlink+0x500/0x790 [f2fs]
 vfs_unlink+0x211/0x490
 do_unlinkat+0x483/0x520
 sys_unlink+0x4a/0x70
 do_fast_syscall_32+0x12b/0x683
 entry_SYSENTER_32+0xaa/0x102

Change-Id: I2777d32fd64e55514549fe82be397fdd671beaf6
Fixes: 4c8ff7095b ("f2fs: support data compression")
Tested-by: Ondrej Jirman <megous@megous.com>
Signed-off-by: Chao Yu <yuchao0@huawei.com>
Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
Signed-off-by: Tao Huang <huangtao@rock-chips.com>
(cherry picked from commit 7de5ad45b809b5043fb12c3e280ceffe9a6a13d4
 git://git.kernel.org/pub/scm/linux/kernel/git/jaegeuk/f2fs dev)
2020-03-26 16:41:53 +08:00
..
9p
9p: avoid attaching writeback_fid on mmap with type PRIVATE
2019-10-11 18:21:13 +02:00
adfs
fs/adfs: super: fix use-after-free bug
2019-08-06 19:06:49 +02:00
affs
affs: fix a memory leak in affs_remount
2020-01-27 14:51:21 +01:00
afs
afs: Fix characters allowed into cell names
2020-01-29 16:43:18 +01:00
autofs
autofs: fix a leak in autofs_expire_indirect()
2019-12-13 08:51:01 +01:00
befs
bfs
bfs: add sanity check at bfs_fill_super()
2018-12-01 09:37:27 +01:00
btrfs
Btrfs: fix btrfs_wait_ordered_range() so that it waits for all ordered extents
2020-02-28 16:38:58 +01:00
cachefiles
fscache, cachefiles: remove redundant variable 'cache'
2018-12-17 09:24:40 +01:00
ceph
ceph: check availability of mds cluster on mount after wait timeout
2020-02-24 08:34:52 +01:00
cifs
cifs_atomic_open(): fix double-put on late allocation failure
2020-03-18 07:14:21 +01:00
coda
coda: add error handling for fget
2019-08-06 19:06:51 +02:00
configfs
configfs: fix a deadlock in configfs_symlink()
2019-11-12 19:20:47 +01:00
cramfs
Cramfs: fix abad comparison when wrap-arounds occur
2018-11-13 11:08:55 -08:00
crypto
UPSTREAM: fscrypt: don't evict dirty inodes after removing key
2020-03-11 14:05:28 -07:00
debugfs
debugfs: fix use-after-free on symlink traversal
2019-05-08 07:21:48 +02:00
devpts
fs/devpts: always delete dcache dentry-s in dput()
2019-03-23 20:09:59 +01:00
dlm
dlm: fix invalid cluster name warning
2019-12-13 08:52:23 +01:00
ecryptfs
ecryptfs: replace BUG_ON with error handling code
2020-02-28 16:38:59 +01:00
efivarfs
efivars: Call guid_parse() against guid_t type of variable
2018-07-22 14:13:44 +02:00
efs
exofs
exofs_mount(): fix leaks on failure exits
2019-12-05 09:20:32 +01:00
exportfs
exportfs: fix 'passing zero to ERR_PTR()' warning
2020-01-27 14:50:02 +01:00
ext2
ext2: Adjust indentation in ext2_fill_super
2020-02-11 04:34:12 -08:00
ext4
Merge 4.19.108 into android-4.19
2020-03-05 17:40:55 +01:00
f2fs
FROMGIT: f2fs: fix potential .flags overflow on 32bit architecture
2020-03-26 16:41:53 +08:00
fat
fat: fix uninit-memory access for partial initialized inode
2020-03-11 14:15:01 +01:00
freevxfs
fscache
fscache: fix race between enablement and dropping of object
2018-12-17 09:24:40 +01:00
fuse
fuse: verify attributes
2019-12-13 08:52:36 +01:00
gfs2
gfs2_atomic_open(): fix O_EXCL|O_CREAT handling on cold dcache
2020-03-18 07:14:21 +01:00
hfs
fs/hfs/extent.c: fix array out of bounds read of array extent
2019-12-01 09:17:10 +01:00
hfsplus
hfsplus: update timestamps on truncate()
2019-12-01 09:17:09 +01:00
hostfs
vfs: discard ATTR_ATTR_FLAG
2018-08-17 16:20:28 -07:00
hpfs
hpfs: remove unnecessary checks on the value of r when assigning error code
2018-08-25 12:42:33 -07:00
hugetlbfs
Merge 4.19.45 into android-4.19
2019-05-22 08:00:39 +02:00
incfs
ANDROID: Incremental fs: Add INCFS_IOC_PERMIT_FILL
2020-03-18 09:57:55 -07:00
isofs
isofs: reject hardware sector size > 2048 bytes
2018-08-21 11:37:41 +02:00
jbd2
jbd2: fix ocfs2 corrupt when clearing block group bits
2020-02-28 16:38:48 +01:00
jffs2
FROMLIST: jffs2: pass the correct prototype to read_cache_page
2019-05-20 17:46:45 -07:00
jfs
jfs: fix bogus variable self-initialization
2020-01-27 14:50:33 +01:00
kernfs
Merge 4.19.89 into android-4.19
2019-12-13 10:01:10 +01:00
lockd
lockd: fix decoding of TEST results
2019-12-13 08:51:59 +01:00
minix
nfs
Merge 4.19.106 into android-4.19
2020-02-24 09:13:25 +01:00
nfs_common
nfsd
nfsd: Return the correct number of bytes written to the file
2020-02-11 04:34:13 -08:00
nilfs2
nilfs2: convert to SPDX license tags
2018-09-04 16:45:02 -07:00
nls
notify
Merge 4.19.95 into android-4.19
2020-01-12 12:29:19 +01:00
ntfs
ntfs: mft: remove VLA usage
2018-08-17 16:20:27 -07:00
ocfs2
ocfs2: fix a NULL pointer dereference when call ocfs2_update_inode_fsync_trans()
2020-02-24 08:34:52 +01:00
omfs
openpromfs
orangefs
help_next should increase position index
2020-02-24 08:34:53 +01:00
overlayfs
Merge 4.19.103 into android-4.19
2020-02-11 15:05:03 -08:00
proc
Merge 4.19.90 into android-4.19
2019-12-18 09:03:30 +01:00
pstore
pstore/ram: Write new dumps to start of recycled zones
2020-01-09 10:19:00 +01:00
qnx4
qnx6
quota
fs: avoid softlockups in s_inodes iterators
2020-01-12 12:17:20 +01:00
ramfs
reiserfs
reiserfs: prevent NULL pointer dereference in reiserfs_insert_item()
2020-02-24 08:34:52 +01:00
romfs
sdcardfs
ANDROID: sdcardfs: fix -ENOENT lookup race issue
2020-02-28 03:35:25 +00:00
squashfs
Squashfs: Compute expected length from inode size rather than block length
2018-08-02 09:34:02 -07:00
sysfs
Merge tag 'driver-core-4.19-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/driver-core
2018-08-18 11:44:53 -07:00
sysv
sysv: return 'err' instead of 0 in __sysv_write_inode
2018-12-17 09:24:30 +01:00
tracefs
tracefs: Annotate tracefs_ops with __ro_after_init
2018-07-31 11:32:44 -04:00
ubifs
FROMLIST: fscrypt: Have filesystems handle their d_ops
2020-02-28 03:36:12 +00:00
udf
udf: Fix free space reporting for metadata and virtual partitions
2020-02-24 08:34:45 +01:00
ufs
ufs: fix braino in ufs_get_inode_gid() for solaris UFS flavour
2019-05-25 18:23:46 +02:00
unicode
FROMLIST: unicode: Add utf8_casefold_hash
2020-02-28 03:35:36 +00:00
verity
fs-verity: use u64_to_user_ptr()
2020-02-13 15:14:20 -08:00
xfs
xfs: Sanity check flags of Q_XQUOTARM call
2020-01-27 14:49:51 +01:00
aio.c
aio: prevent potential eventfd recursion on poll
2020-02-11 04:34:08 -08:00
anon_inodes.c
anon_inode_getfile(): switch to alloc_file_pseudo()
2018-07-12 10:04:27 -04:00
attr.c
ANDROID: vfs: Add permission2 for filesystems with per mount permissions
2018-12-05 09:48:14 -08:00
bad_inode.c
get rid of 'opened' argument of ->atomic_open() - part 3
2018-07-12 10:04:20 -04:00
binfmt_aout.c
binfmt_elf_fdpic.c
binfmt_elf.c
binfmt_elf: Do not move brk for INTERP-less ET_EXEC
2019-10-05 13:10:06 +02:00
binfmt_em86.c
binfmt_flat.c
fs/binfmt_flat.c: make load_flat_shared_library() work
2019-07-03 13:14:44 +02:00
binfmt_misc.c
turn filp_clone_open() into inline wrapper for dentry_open()
2018-07-10 23:29:03 -04:00
binfmt_script.c
exec: load_script: Do not exec truncated interpreter path
2019-11-06 13:05:37 +01:00
block_dev.c
Merge 4.19.94 into android-4.19
2020-01-09 16:14:43 +01:00
buffer.c
BACKPORT: FROMLIST: Update Inline Encryption from v5 to v6 of patch series
2020-01-13 07:11:38 -08:00
char_dev.c
chardev: Avoid potential use-after-free in 'chrdev_open()'
2020-01-14 20:06:57 +01:00
compat_binfmt_elf.c
compat_ioctl.c
fix compat handling of FICLONERANGE, FIDEDUPERANGE and FS_IOC_FIEMAP
2020-01-09 10:19:07 +01:00
compat.c
coredump.c
ANDROID: vfs: Add setattr2 for filesystems with per mount permissions
2018-12-05 09:48:13 -08:00
d_path.c
dax.c
dax: pass NOWAIT flag to iomap_apply
2020-03-05 16:42:12 +01:00
dcache.c
UPSTREAM: dcache: allocate external names from reclaimable kmalloc caches
2019-12-13 14:04:22 -08:00
dcookies.c
direct-io.c
ANDROID: ext4, f2fs: enable direct I/O with inline encryption
2020-01-24 10:49:09 -08:00
drop_caches.c
fs: avoid softlockups in s_inodes iterators
2020-01-12 12:17:20 +01:00
eventfd.c
eventfd: track eventfd_signal() recursion depth
2020-02-11 04:34:08 -08:00
eventpoll.c
UPSTREAM: PM / wakeup: Show wakeup sources stats in sysfs
2019-10-11 14:04:42 -07:00
exec.c
Merge 4.19.64 into android-4.19
2019-08-04 09:37:11 +02:00
fcntl.c
signal: Don't send signals to tasks that don't exist
2018-08-15 23:03:20 -05:00
fhandle.c
file_table.c
Merge tag 'ovl-update-4.19' of git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/vfs
2018-08-21 18:19:09 -07:00
file.c
fs/file.c: initialize init_files.resize_wait
2019-04-05 22:32:59 +02:00
filesystems.c
fs_pin.c
fs_struct.c
ANDROID: properly export new symbols with _GPL tag
2019-10-01 09:41:17 +02:00
fs-writeback.c
cgroup,writeback: don't switch wbs immediately on dead wbs if the memcg is dead
2019-11-12 19:21:20 +01:00
inode.c
Merge remote-tracking branch 'aosp/upstream-f2fs-stable-linux-4.19.y' into android-4.19
2020-02-21 08:11:19 -08:00
internal.h
Merge 4.19.47 into android-4.19
2019-05-31 08:14:29 -07:00
ioctl.c
vfs: fix FIGETBSZ ioctl on an overlayfs file
2018-11-21 09:19:14 +01:00
iomap.c
ANDROID: ext4, f2fs: enable direct I/O with inline encryption
2020-01-24 10:49:09 -08:00
Kconfig
ANDROID: Initial commit of Incremental FS
2020-01-30 11:25:11 -08:00
Kconfig.binfmt
kconfig: move the "Executable file formats" menu to fs/Kconfig.binfmt
2018-08-02 08:06:55 +09:00
libfs.c
FROMLIST: fscrypt: Have filesystems handle their d_ops
2020-02-28 03:36:12 +00:00
locks.c
locks: print unsigned ino in /proc/locks
2020-01-09 10:19:00 +01:00
Makefile
ANDROID: Initial commit of Incremental FS
2020-01-30 11:25:11 -08:00
mbcache.c
mount.h
mpage.c
f2fs: fix build error on android tracepoints
2019-08-17 00:18:14 +00:00
namei.c
Merge 4.19.108 into android-4.19
2020-03-05 17:40:55 +01:00
namespace.c
UPSTREAM: fs/namespace: untag user pointers in copy_mount_options
2019-10-07 15:27:40 -04:00
no-block.c
nsfs.c
dcache: sort the freeing-without-RCU-delay mess for good.
2019-05-25 18:23:26 +02:00
open.c
Merge 4.19.111 into android-4.19
2020-03-18 08:19:47 +01:00
pipe.c
fs: prevent page refcount overflow in pipe_buf_get
2019-05-04 09:20:11 +02:00
pnode.c
ANDROID: mnt: Propagate remount correctly
2019-01-19 01:25:07 +00:00
pnode.h
ANDROID: mnt: Add filesystem private data to mount points
2018-12-05 09:48:13 -08:00
posix_acl.c
proc_namespace.c
ANDROID: vfs: Allow filesystems to access their private mount data
2018-12-05 09:48:13 -08:00
read_write.c
Merge 4.19.87 into android-4.19
2019-12-01 09:53:43 +01:00
readdir.c
filldir[64]: remove WARN_ON_ONCE() for bad directory entries
2020-01-04 19:13:26 +01:00
select.c
seq_file.c
seq_file: fix problem when seeking mid-record
2019-08-25 10:47:43 +02:00
signalfd.c
splice.c
splice: only read in as much information as there is pipe buffer space
2019-12-17 20:35:43 +01:00
stack.c
stat.c
statfs.c
vfs: Fix EOVERFLOW testing in put_compat_statfs64
2019-10-11 18:21:39 +02:00
super.c
Merge remote-tracking branch 'aosp/upstream-f2fs-stable-linux-4.19.y' into android-4.19
2019-10-07 13:29:05 -07:00
sync.c
ANDROID: taskstats: track fsync syscalls
2018-12-05 09:48:12 -08:00
timerfd.c
Merge branch 'work.aio' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2018-08-13 20:56:23 -07:00
userfaultfd.c
Merge 4.19.93 into android-4.19
2020-01-04 19:29:03 +01:00
utimes.c
ANDROID: vfs: Add setattr2 for filesystems with per mount permissions
2018-12-05 09:48:13 -08:00
xattr.c
ANDROID: Add optional __get xattr method paired to __vfs_getxattr
2019-11-06 15:27:46 +00:00