Currently if len argument in ext4_trim_fs() is smaller than one block,
the 'end' variable underflow. Avoid that by exiting right away if len
is smaller than one file system block.
Signed-off-by: Lukas Czerner <[email protected]>
---
fs/ext4/mballoc.c | 7 ++++++-
1 files changed, 6 insertions(+), 1 deletions(-)
diff --git a/fs/ext4/mballoc.c b/fs/ext4/mballoc.c
index f8b27bf..06c8526 100644
--- a/fs/ext4/mballoc.c
+++ b/fs/ext4/mballoc.c
@@ -4989,13 +4989,18 @@ int ext4_trim_fs(struct super_block *sb, struct fstrim_range *range)
int ret = 0;
start = range->start >> sb->s_blocksize_bits;
- end = start + (range->len >> sb->s_blocksize_bits) - 1;
minlen = EXT4_NUM_B2C(EXT4_SB(sb),
range->minlen >> sb->s_blocksize_bits);
if (unlikely(minlen > EXT4_CLUSTERS_PER_GROUP(sb)) ||
unlikely(start >= max_blks))
return -EINVAL;
+
+ end = range->len >> sb->s_blocksize_bits;
+ if (0 == end)
+ goto out;
+ end += start - 1;
+
if (end >= max_blks)
end = max_blks - 1;
if (end <= first_data_blk)
--
1.7.7.6
On Tue, Oct 09, 2012 at 02:12:42PM +0200, Lukas Czerner wrote:
> Currently if len argument in ext4_trim_fs() is smaller than one block,
> the 'end' variable underflow. Avoid that by exiting right away if len
> is smaller than one file system block.
>
> Signed-off-by: Lukas Czerner <[email protected]>
> ---
> fs/ext4/mballoc.c | 7 ++++++-
> 1 files changed, 6 insertions(+), 1 deletions(-)
>
> diff --git a/fs/ext4/mballoc.c b/fs/ext4/mballoc.c
> index f8b27bf..06c8526 100644
> --- a/fs/ext4/mballoc.c
> +++ b/fs/ext4/mballoc.c
> @@ -4989,13 +4989,18 @@ int ext4_trim_fs(struct super_block *sb, struct fstrim_range *range)
> int ret = 0;
>
> start = range->start >> sb->s_blocksize_bits;
> - end = start + (range->len >> sb->s_blocksize_bits) - 1;
> minlen = EXT4_NUM_B2C(EXT4_SB(sb),
> range->minlen >> sb->s_blocksize_bits);
>
> if (unlikely(minlen > EXT4_CLUSTERS_PER_GROUP(sb)) ||
> unlikely(start >= max_blks))
> return -EINVAL;
> +
> + end = range->len >> sb->s_blocksize_bits;
> + if (0 == end)
> + goto out;
> + end += start - 1;
> +
> if (end >= max_blks)
> end = max_blks - 1;
> if (end <= first_data_blk)
> --
> 1.7.7.6
>
> --
> To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
> the body of a message to [email protected]
> More majordomo info at http://vger.kernel.org/majordomo-info.html
>
Looks good,
Reviewed-by: Carlos Maiolino <[email protected]>
--
--Carlos
Currently if len argument in ext4_trim_fs() is smaller than one block,
the 'end' variable underflow. Avoid that by returning EINVAL if len is
smaller than file system block.
Also remove useless unlikely().
Signed-off-by: Lukas Czerner <[email protected]>
---
v2: reworked, return EINVAL if len < FSB
fs/ext4/mballoc.c | 5 +++--
1 files changed, 3 insertions(+), 2 deletions(-)
diff --git a/fs/ext4/mballoc.c b/fs/ext4/mballoc.c
index f8b27bf..e02ae6c 100644
--- a/fs/ext4/mballoc.c
+++ b/fs/ext4/mballoc.c
@@ -4993,8 +4993,9 @@ int ext4_trim_fs(struct super_block *sb, struct fstrim_range *range)
minlen = EXT4_NUM_B2C(EXT4_SB(sb),
range->minlen >> sb->s_blocksize_bits);
- if (unlikely(minlen > EXT4_CLUSTERS_PER_GROUP(sb)) ||
- unlikely(start >= max_blks))
+ if (minlen > EXT4_CLUSTERS_PER_GROUP(sb) ||
+ start >= max_blks ||
+ range->len < sb->s_blocksize)
return -EINVAL;
if (end >= max_blks)
end = max_blks - 1;
--
1.7.7.6
On Thu, Oct 11, 2012 at 10:34:45AM +0200, Lukas Czerner wrote:
> Currently if len argument in ext4_trim_fs() is smaller than one block,
> the 'end' variable underflow. Avoid that by returning EINVAL if len is
> smaller than file system block.
>
> Also remove useless unlikely().
>
> Signed-off-by: Lukas Czerner <[email protected]>
Thanks, applied.
- Ted