From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Chao Yu <chao2.yu@samsung.com>,
Jaegeuk Kim <jaegeuk@kernel.org>
Subject: [PATCH 4.4 01/43] f2fs: do more integrity verification for superblock
Date: Mon, 1 May 2017 14:27:01 -0700 [thread overview]
Message-ID: <20170501212559.601751162@linuxfoundation.org> (raw)
In-Reply-To: <20170501212559.546911128@linuxfoundation.org>
4.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Chao Yu <chao2.yu@samsung.com>
commit 9a59b62fd88196844cee5fff851bee2cfd7afb6e upstream.
Do more sanity check for superblock during ->mount.
Signed-off-by: Chao Yu <chao2.yu@samsung.com>
Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
fs/f2fs/super.c | 98 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 98 insertions(+)
--- a/fs/f2fs/super.c
+++ b/fs/f2fs/super.c
@@ -918,6 +918,79 @@ static loff_t max_file_size(unsigned bit
return result;
}
+static inline bool sanity_check_area_boundary(struct super_block *sb,
+ struct f2fs_super_block *raw_super)
+{
+ u32 segment0_blkaddr = le32_to_cpu(raw_super->segment0_blkaddr);
+ u32 cp_blkaddr = le32_to_cpu(raw_super->cp_blkaddr);
+ u32 sit_blkaddr = le32_to_cpu(raw_super->sit_blkaddr);
+ u32 nat_blkaddr = le32_to_cpu(raw_super->nat_blkaddr);
+ u32 ssa_blkaddr = le32_to_cpu(raw_super->ssa_blkaddr);
+ u32 main_blkaddr = le32_to_cpu(raw_super->main_blkaddr);
+ u32 segment_count_ckpt = le32_to_cpu(raw_super->segment_count_ckpt);
+ u32 segment_count_sit = le32_to_cpu(raw_super->segment_count_sit);
+ u32 segment_count_nat = le32_to_cpu(raw_super->segment_count_nat);
+ u32 segment_count_ssa = le32_to_cpu(raw_super->segment_count_ssa);
+ u32 segment_count_main = le32_to_cpu(raw_super->segment_count_main);
+ u32 segment_count = le32_to_cpu(raw_super->segment_count);
+ u32 log_blocks_per_seg = le32_to_cpu(raw_super->log_blocks_per_seg);
+
+ if (segment0_blkaddr != cp_blkaddr) {
+ f2fs_msg(sb, KERN_INFO,
+ "Mismatch start address, segment0(%u) cp_blkaddr(%u)",
+ segment0_blkaddr, cp_blkaddr);
+ return true;
+ }
+
+ if (cp_blkaddr + (segment_count_ckpt << log_blocks_per_seg) !=
+ sit_blkaddr) {
+ f2fs_msg(sb, KERN_INFO,
+ "Wrong CP boundary, start(%u) end(%u) blocks(%u)",
+ cp_blkaddr, sit_blkaddr,
+ segment_count_ckpt << log_blocks_per_seg);
+ return true;
+ }
+
+ if (sit_blkaddr + (segment_count_sit << log_blocks_per_seg) !=
+ nat_blkaddr) {
+ f2fs_msg(sb, KERN_INFO,
+ "Wrong SIT boundary, start(%u) end(%u) blocks(%u)",
+ sit_blkaddr, nat_blkaddr,
+ segment_count_sit << log_blocks_per_seg);
+ return true;
+ }
+
+ if (nat_blkaddr + (segment_count_nat << log_blocks_per_seg) !=
+ ssa_blkaddr) {
+ f2fs_msg(sb, KERN_INFO,
+ "Wrong NAT boundary, start(%u) end(%u) blocks(%u)",
+ nat_blkaddr, ssa_blkaddr,
+ segment_count_nat << log_blocks_per_seg);
+ return true;
+ }
+
+ if (ssa_blkaddr + (segment_count_ssa << log_blocks_per_seg) !=
+ main_blkaddr) {
+ f2fs_msg(sb, KERN_INFO,
+ "Wrong SSA boundary, start(%u) end(%u) blocks(%u)",
+ ssa_blkaddr, main_blkaddr,
+ segment_count_ssa << log_blocks_per_seg);
+ return true;
+ }
+
+ if (main_blkaddr + (segment_count_main << log_blocks_per_seg) !=
+ segment0_blkaddr + (segment_count << log_blocks_per_seg)) {
+ f2fs_msg(sb, KERN_INFO,
+ "Wrong MAIN_AREA boundary, start(%u) end(%u) blocks(%u)",
+ main_blkaddr,
+ segment0_blkaddr + (segment_count << log_blocks_per_seg),
+ segment_count_main << log_blocks_per_seg);
+ return true;
+ }
+
+ return false;
+}
+
static int sanity_check_raw_super(struct super_block *sb,
struct f2fs_super_block *raw_super)
{
@@ -947,6 +1020,14 @@ static int sanity_check_raw_super(struct
return 1;
}
+ /* check log blocks per segment */
+ if (le32_to_cpu(raw_super->log_blocks_per_seg) != 9) {
+ f2fs_msg(sb, KERN_INFO,
+ "Invalid log blocks per segment (%u)\n",
+ le32_to_cpu(raw_super->log_blocks_per_seg));
+ return 1;
+ }
+
/* Currently, support 512/1024/2048/4096 bytes sector size */
if (le32_to_cpu(raw_super->log_sectorsize) >
F2FS_MAX_LOG_SECTOR_SIZE ||
@@ -965,6 +1046,23 @@ static int sanity_check_raw_super(struct
le32_to_cpu(raw_super->log_sectorsize));
return 1;
}
+
+ /* check reserved ino info */
+ if (le32_to_cpu(raw_super->node_ino) != 1 ||
+ le32_to_cpu(raw_super->meta_ino) != 2 ||
+ le32_to_cpu(raw_super->root_ino) != 3) {
+ f2fs_msg(sb, KERN_INFO,
+ "Invalid Fs Meta Ino: node(%u) meta(%u) root(%u)",
+ le32_to_cpu(raw_super->node_ino),
+ le32_to_cpu(raw_super->meta_ino),
+ le32_to_cpu(raw_super->root_ino));
+ return 1;
+ }
+
+ /* check CP/SIT/NAT/SSA/MAIN_AREA area boundary */
+ if (sanity_check_area_boundary(sb, raw_super))
+ return 1;
+
return 0;
}
next prev parent reply other threads:[~2017-05-01 21:28 UTC|newest]
Thread overview: 45+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-05-01 21:27 [PATCH 4.4 00/43] 4.4.66-stable review Greg Kroah-Hartman
2017-05-01 21:27 ` Greg Kroah-Hartman [this message]
2017-05-01 21:27 ` [PATCH 4.4 02/43] [media] xc2028: unlock on error in xc2028_set_config() Greg Kroah-Hartman
2017-05-01 21:27 ` [PATCH 4.4 03/43] ARM: OMAP2+: timer: add probe for clocksources Greg Kroah-Hartman
2017-05-01 21:27 ` [PATCH 4.4 04/43] clk: sunxi: Add apb0 gates for H3 Greg Kroah-Hartman
2017-05-01 21:27 ` [PATCH 4.4 05/43] crypto: testmgr - fix out of bound read in __test_aead() Greg Kroah-Hartman
2017-05-01 21:27 ` [PATCH 4.4 06/43] drm/amdgpu: fix array out of bounds Greg Kroah-Hartman
2017-05-01 21:27 ` [PATCH 4.4 07/43] ext4: check if in-inode xattr is corrupted in ext4_expand_extra_isize_ea() Greg Kroah-Hartman
2017-05-01 21:27 ` [PATCH 4.4 08/43] md:raid1: fix a dead loop when read from a WriteMostly disk Greg Kroah-Hartman
2017-05-01 21:27 ` [PATCH 4.4 09/43] MIPS: Fix crash registers on non-crashing CPUs Greg Kroah-Hartman
2017-05-01 21:27 ` [PATCH 4.4 10/43] net: cavium: liquidio: Avoid dma_unmap_single on uninitialized ndata Greg Kroah-Hartman
2017-05-10 15:30 ` Ben Hutchings
2018-04-06 8:26 ` Greg Kroah-Hartman
2017-05-01 21:27 ` [PATCH 4.4 11/43] net_sched: close another race condition in tcf_mirred_release() Greg Kroah-Hartman
2017-05-01 21:27 ` [PATCH 4.4 12/43] RDS: Fix the atomicity for congestion map update Greg Kroah-Hartman
2017-05-01 21:27 ` [PATCH 4.4 13/43] regulator: core: Clear the supply pointer if enabling fails Greg Kroah-Hartman
2017-05-01 21:27 ` [PATCH 4.4 14/43] usb: gadget: f_midi: Fixed a bug when buflen was smaller than wMaxPacketSize Greg Kroah-Hartman
2017-05-01 21:27 ` [PATCH 4.4 15/43] xen/x86: dont lose event interrupts Greg Kroah-Hartman
2017-05-01 21:27 ` [PATCH 4.4 16/43] sparc64: kern_addr_valid regression Greg Kroah-Hartman
2017-05-01 21:27 ` [PATCH 4.4 17/43] sparc64: Fix kernel panic due to erroneous #ifdef surrounding pmd_write() Greg Kroah-Hartman
2017-05-01 21:27 ` [PATCH 4.4 18/43] net: neigh: guard against NULL solicit() method Greg Kroah-Hartman
2017-05-01 21:27 ` [PATCH 4.4 19/43] net: phy: handle state correctly in phy_stop_machine Greg Kroah-Hartman
2017-05-01 21:27 ` [PATCH 4.4 20/43] l2tp: purge socket queues in the .destruct() callback Greg Kroah-Hartman
2017-05-01 21:27 ` [PATCH 4.4 21/43] net/packet: fix overflow in check for tp_frame_nr Greg Kroah-Hartman
2017-05-01 21:27 ` [PATCH 4.4 22/43] net/packet: fix overflow in check for tp_reserve Greg Kroah-Hartman
2017-05-01 21:27 ` [PATCH 4.4 23/43] l2tp: take reference on sessions being dumped Greg Kroah-Hartman
2017-05-01 21:27 ` [PATCH 4.4 24/43] l2tp: fix PPP pseudo-wire auto-loading Greg Kroah-Hartman
2017-05-01 21:27 ` [PATCH 4.4 25/43] net: ipv4: fix multipath RTM_GETROUTE behavior when iif is given Greg Kroah-Hartman
2017-05-01 21:27 ` [PATCH 4.4 26/43] sctp: listen on the sock only when its state is listening or closed Greg Kroah-Hartman
2017-05-01 21:27 ` [PATCH 4.4 27/43] tcp: clear saved_syn in tcp_disconnect() Greg Kroah-Hartman
2017-05-01 21:27 ` [PATCH 4.4 29/43] net: ipv6: RTF_PCPU should not be settable from userspace Greg Kroah-Hartman
2017-05-01 21:27 ` [PATCH 4.4 30/43] netpoll: Check for skb->queue_mapping Greg Kroah-Hartman
2017-05-01 21:27 ` [PATCH 4.4 31/43] ip6mr: fix notification device destruction Greg Kroah-Hartman
2017-05-01 21:27 ` [PATCH 4.4 32/43] macvlan: Fix device ref leak when purging bc_queue Greg Kroah-Hartman
2017-05-01 21:27 ` [PATCH 4.4 33/43] ipv6: check skb->protocol before lookup for nexthop Greg Kroah-Hartman
2017-05-01 21:27 ` [PATCH 4.4 34/43] ipv6: check raw payload size correctly in ioctl Greg Kroah-Hartman
2017-05-01 21:27 ` [PATCH 4.4 35/43] ALSA: firewire-lib: fix inappropriate assignment between signed/unsigned type Greg Kroah-Hartman
2017-05-01 21:27 ` [PATCH 4.4 36/43] ALSA: seq: Dont break snd_use_lock_sync() loop by timeout Greg Kroah-Hartman
2017-05-01 21:27 ` [PATCH 4.4 37/43] MIPS: KGDB: Use kernel context for sleeping threads Greg Kroah-Hartman
2017-05-01 21:27 ` [PATCH 4.4 38/43] MIPS: Avoid BUG warning in arch_check_elf Greg Kroah-Hartman
2017-05-01 21:27 ` [PATCH 4.4 39/43] p9_client_readdir() fix Greg Kroah-Hartman
2017-05-01 21:27 ` [PATCH 4.4 42/43] ARCv2: save r30 on kernel entry as gcc uses it for code-gen Greg Kroah-Hartman
2017-05-01 21:27 ` [PATCH 4.4 43/43] ftrace/x86: Fix triple fault with graph tracing and suspend-to-ram Greg Kroah-Hartman
[not found] ` <59080414.87dfe90a.9590.db81@mx.google.com>
2017-05-02 13:53 ` [PATCH 4.4 00/43] 4.4.66-stable review Shuah Khan
2017-05-02 17:35 ` Guenter Roeck
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170501212559.601751162@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=chao2.yu@samsung.com \
--cc=jaegeuk@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).