Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp486470yba; Mon, 1 Apr 2019 10:15:36 -0700 (PDT) X-Google-Smtp-Source: APXvYqxIboAEQHftj/lNYrbBoY5T4KC5PCIADBb7NvZn0sz7P23ovm6nJPpx9Cggy7jo78oRQu6S X-Received: by 2002:a62:1795:: with SMTP id 143mr28638122pfx.104.1554138936440; Mon, 01 Apr 2019 10:15:36 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1554138936; cv=none; d=google.com; s=arc-20160816; b=w3WXtw0ng9wyQe/BNzRJHBqV0jKhHPJS9mUkOzU62cOogaRhgTRljl6A7Ghn3pr8ut So7RZGdkoxEhjGS7+K+Oavh7EcxxZgds8tB6UECGJDedim/jlddU87hAYvLSPu//TyJS D5SD1hwXqh8EqdHfwAL+jgemyOnbOpxCdLpVPDwU6sHadCOrXeiPzrET06n3XxE9wBk1 NGAD3oWA7mke6UKdK0u0cziP450zPdnx6PdIaxMpmFq+V4dOwYSPmvFQ8i6AU2IZ45FI oTZN/7ViAE92dVyQF3yPP5qYZrOom7s74SGyssTjbgnUghBgFLdqrm6aCIXood5Elqv4 AQfA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=IafThRLwuK23NWUHfF8wL/YzfAheXpYBhMoQCZ2LBkE=; b=YQV+l4lFl8pUfq4d2426SpaOiwUta+AGI3VgkbuAo9GIXLI/Eca5S5pll4xu5RpeSd E537B9CMgdMCXupzFtlR4bZ3KHNbvRT45hSH5k9fHSf09Z0z2JIZ0f7zy/Ml+bxqF7Rp /kxzr6hxGP4yiTcYP+OIMcJCropkkDJTmnH9To9A2iZZlriU4EkR9Tw9K0uSDCDi0F04 DsIDmfltxBxvRNPjG7be3CVKpXKwM9P98j9p10y8Pvx57GhIiR7tDD1YmwZIh+OBEoyt LWsgxma20xrZ6y9e0q3UFgmS19ad3u2pB7SVqsFN8GgdkwovnUJfPuf1k+gWTX47OTji l69w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=juc2HBKh; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id y5si9095764pfm.191.2019.04.01.10.15.20; Mon, 01 Apr 2019 10:15:36 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=juc2HBKh; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730802AbfDAROs (ORCPT + 99 others); Mon, 1 Apr 2019 13:14:48 -0400 Received: from mail.kernel.org ([198.145.29.99]:38314 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729130AbfDAROq (ORCPT ); Mon, 1 Apr 2019 13:14:46 -0400 Received: from localhost (83-86-89-107.cable.dynamic.v4.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id B125A206C0; Mon, 1 Apr 2019 17:14:44 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1554138885; bh=TPuvy44bpOvSjERpmbk6CO35SKDJDqYrF0cAPKGW6MM=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=juc2HBKhND0yNsn6yosrD4FytunnkBxeG0EHJu2qaASlXZ7szx2tKB5W3S9x1fHdF lEsvWXtX9epJpQWOmOZDPG2T11VBezFc3jYlk+V3V1ez4LqeuNtrI3VvLZRmwvcaIF is+R3R8ATnoNTsvzLegnEPJ+MYFM+cs3xPpNhVks= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Qu Wenruo , Nikolay Borisov , David Sterba Subject: [PATCH 4.19 049/134] btrfs: Avoid possible qgroup_rsv_size overflow in btrfs_calculate_inode_block_rsv_size Date: Mon, 1 Apr 2019 19:01:25 +0200 Message-Id: <20190401170049.136325667@linuxfoundation.org> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190401170044.243719205@linuxfoundation.org> References: <20190401170044.243719205@linuxfoundation.org> User-Agent: quilt/0.65 X-stable: review X-Patchwork-Hint: ignore MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org 4.19-stable review patch. If anyone has any objections, please let me know. ------------------ From: Nikolay Borisov commit 139a56170de67101791d6e6c8e940c6328393fe9 upstream. qgroup_rsv_size is calculated as the product of outstanding_extent * fs_info->nodesize. The product is calculated with 32 bit precision since both variables are defined as u32. Yet qgroup_rsv_size expects a 64 bit result. Avoid possible multiplication overflow by casting outstanding_extent to u64. Such overflow would in the worst case (64K nodesize) require more than 65536 extents, which is quite large and i'ts not likely that it would happen in practice. Fixes-coverity-id: 1435101 Fixes: ff6bc37eb7f6 ("btrfs: qgroup: Use independent and accurate per inode qgroup rsv") CC: stable@vger.kernel.org # 4.19+ Reviewed-by: Qu Wenruo Signed-off-by: Nikolay Borisov Reviewed-by: David Sterba Signed-off-by: David Sterba Signed-off-by: Greg Kroah-Hartman --- fs/btrfs/extent-tree.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/fs/btrfs/extent-tree.c +++ b/fs/btrfs/extent-tree.c @@ -5872,7 +5872,7 @@ static void btrfs_calculate_inode_block_ * * This is overestimating in most cases. */ - qgroup_rsv_size = outstanding_extents * fs_info->nodesize; + qgroup_rsv_size = (u64)outstanding_extents * fs_info->nodesize; spin_lock(&block_rsv->lock); block_rsv->size = reserve_size;