Received: by 2002:ac0:a5a7:0:0:0:0:0 with SMTP id m36-v6csp2010422imm; Tue, 10 Jul 2018 11:32:38 -0700 (PDT) X-Google-Smtp-Source: AAOMgpcMtepjMwUJcojfUPbIcpdXLJEZqSYNloOYNeGWLds4s04KMYtaNXWgPU+9k7I03795vEyR X-Received: by 2002:a17:902:ba97:: with SMTP id k23-v6mr25813844pls.259.1531247558354; Tue, 10 Jul 2018 11:32:38 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1531247558; cv=none; d=google.com; s=arc-20160816; b=Mqo7Fl78PgUs5+t2KjjKDcyHBZ9jknfCQexRM3X/5yu3BiHf25rXcxMfg/yCMp52wO PmjJeecgZJuMoI92G8yF5FmPXFUM8k9kIPOekOQwogDB1iD6L5lb/MMv6qekVBaffOhA /Mvonc5UrJvSFSRfm/N8D35ORT1+TTSeuix5eAp/WIF+sfam1IwkGDSQsywIWOnOgA4p ni4uPnrURfIZJsUEyg3Wu4el8Yj1SEcSq5ReGcIqWAN+7rqBEDA4f5UYKAIT+kFI/g4x HU7oqIR8o6tukx3kpSE8xDlDxchttpBLZLz1O0uL8+D8jE2Is3yGHkngbt9m4DbNbTaZ N60Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:user-agent:references :in-reply-to:message-id:date:subject:cc:to:from :arc-authentication-results; bh=MZz5CHE1WrMG6k+vW7NBpHwyYWJP7irnGsI5IL5pLqk=; b=he9ZWRf995B+vwiuYdIcJDWUlEtkLRrknDJFomzSdtGxgZKSTRF+JOdXMixVOjK/cM MR4FnoxvAO1zVFdF5S7ep95xNy/nsFXlUHAYz/iAa+bLpk2U6xwWqNg1KUTuTUv81HR2 iD6HtlFVA2ZUxM+nAAU0VEd9rXR1QO121q3mHwIueflK6NT0SbhhcfqmC1YNGOns7nBd 2TB+A2rORQE2RrnuNbE1gMhhTKdNGVnhT3F4evhTCUhAeKlyeXne5xlXIfmSs1cs73J0 23fIjF6wgI/9t+bI3cwoCxJQVVfVD6ZrSCdiMKfiFbaL+NL7S/WRSSDbw3jwRaXcKKmX cYNA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id x190-v6si16088392pgb.158.2018.07.10.11.32.22; Tue, 10 Jul 2018 11:32:38 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2388382AbeGJSba (ORCPT + 99 others); Tue, 10 Jul 2018 14:31:30 -0400 Received: from mail.linuxfoundation.org ([140.211.169.12]:45844 "EHLO mail.linuxfoundation.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2388371AbeGJSb3 (ORCPT ); Tue, 10 Jul 2018 14:31:29 -0400 Received: from localhost (LFbn-1-12247-202.w90-92.abo.wanadoo.fr [90.92.61.202]) by mail.linuxfoundation.org (Postfix) with ESMTPSA id 5867CEC7; Tue, 10 Jul 2018 18:31:17 +0000 (UTC) From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Theodore Tso , stable@kernel.org Subject: [PATCH 4.9 34/52] ext4: add more mount time checks of the superblock Date: Tue, 10 Jul 2018 20:25:02 +0200 Message-Id: <20180710182452.515487348@linuxfoundation.org> X-Mailer: git-send-email 2.18.0 In-Reply-To: <20180710182449.285532226@linuxfoundation.org> References: <20180710182449.285532226@linuxfoundation.org> User-Agent: quilt/0.65 X-stable: review MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org 4.9-stable review patch. If anyone has any objections, please let me know. ------------------ From: Theodore Ts'o commit bfe0a5f47ada40d7984de67e59a7d3390b9b9ecc upstream. The kernel's ext4 mount-time checks were more permissive than e2fsprogs's libext2fs checks when opening a file system. The superblock is considered too insane for debugfs or e2fsck to operate on it, the kernel has no business trying to mount it. This will make file system fuzzing tools work harder, but the failure cases that they find will be more useful and be easier to evaluate. Signed-off-by: Theodore Ts'o Cc: stable@kernel.org Signed-off-by: Greg Kroah-Hartman --- fs/ext4/super.c | 37 ++++++++++++++++++++++++++----------- 1 file changed, 26 insertions(+), 11 deletions(-) --- a/fs/ext4/super.c +++ b/fs/ext4/super.c @@ -3656,6 +3656,13 @@ static int ext4_fill_super(struct super_ le32_to_cpu(es->s_log_block_size)); goto failed_mount; } + if (le32_to_cpu(es->s_log_cluster_size) > + (EXT4_MAX_CLUSTER_LOG_SIZE - EXT4_MIN_BLOCK_LOG_SIZE)) { + ext4_msg(sb, KERN_ERR, + "Invalid log cluster size: %u", + le32_to_cpu(es->s_log_cluster_size)); + goto failed_mount; + } if (le16_to_cpu(sbi->s_es->s_reserved_gdt_blocks) > (blocksize / 4)) { ext4_msg(sb, KERN_ERR, @@ -3794,13 +3801,6 @@ static int ext4_fill_super(struct super_ "block size (%d)", clustersize, blocksize); goto failed_mount; } - if (le32_to_cpu(es->s_log_cluster_size) > - (EXT4_MAX_CLUSTER_LOG_SIZE - EXT4_MIN_BLOCK_LOG_SIZE)) { - ext4_msg(sb, KERN_ERR, - "Invalid log cluster size: %u", - le32_to_cpu(es->s_log_cluster_size)); - goto failed_mount; - } sbi->s_cluster_bits = le32_to_cpu(es->s_log_cluster_size) - le32_to_cpu(es->s_log_block_size); sbi->s_clusters_per_group = @@ -3821,10 +3821,10 @@ static int ext4_fill_super(struct super_ } } else { if (clustersize != blocksize) { - ext4_warning(sb, "fragment/cluster size (%d) != " - "block size (%d)", clustersize, - blocksize); - clustersize = blocksize; + ext4_msg(sb, KERN_ERR, + "fragment/cluster size (%d) != " + "block size (%d)", clustersize, blocksize); + goto failed_mount; } if (sbi->s_blocks_per_group > blocksize * 8) { ext4_msg(sb, KERN_ERR, @@ -3878,6 +3878,13 @@ static int ext4_fill_super(struct super_ ext4_blocks_count(es)); goto failed_mount; } + if ((es->s_first_data_block == 0) && (es->s_log_block_size == 0) && + (sbi->s_cluster_ratio == 1)) { + ext4_msg(sb, KERN_WARNING, "bad geometry: first data " + "block is 0 with a 1k block and cluster size"); + goto failed_mount; + } + blocks_count = (ext4_blocks_count(es) - le32_to_cpu(es->s_first_data_block) + EXT4_BLOCKS_PER_GROUP(sb) - 1); @@ -3913,6 +3920,14 @@ static int ext4_fill_super(struct super_ ret = -ENOMEM; goto failed_mount; } + if (((u64)sbi->s_groups_count * sbi->s_inodes_per_group) != + le32_to_cpu(es->s_inodes_count)) { + ext4_msg(sb, KERN_ERR, "inodes count not valid: %u vs %llu", + le32_to_cpu(es->s_inodes_count), + ((u64)sbi->s_groups_count * sbi->s_inodes_per_group)); + ret = -EINVAL; + goto failed_mount; + } bgl_lock_init(sbi->s_blockgroup_lock);