[PATCH 1/5] ext4: avoid declaring fs inconsistent due to invalid file
handles
This patch is backported as functionality in this commit is used by
Patch 2 in this patchset.
[PATCH 2/5] ext4: protect journal inode's blocks using block_validity
Backport to 4.9
[PATCH 3/5] ext4: don't perform block validity checks on the journal
[PATCH 4/5] ext4: fix block validity checks for journal inodes using
[PATCH 5/5] ext4: unsigned int compared against zero
Fixes issues found in Patch 2 in this patchset.
These patches addresses CVE-2019-19319
Colin Ian King (1):
ext4: unsigned int compared against zero
Theodore Ts'o (4):
ext4: avoid declaring fs inconsistent due to invalid file handles
ext4: protect journal inode's blocks using block_validity
ext4: don't perform block validity checks on the journal inode
ext4: fix block validity checks for journal inodes using indirect
blocks
fs/ext4/block_validity.c | 54 ++++++++++++++++++++++++++++++++++++++++++++++++
fs/ext4/ext4.h | 15 ++++++++++++--
fs/ext4/extents.c | 12 +++++++----
fs/ext4/ialloc.c | 2 +-
fs/ext4/inode.c | 48 ++++++++++++++++++++++++++++++------------
fs/ext4/ioctl.c | 2 +-
fs/ext4/namei.c | 4 ++--
fs/ext4/resize.c | 5 +++--
fs/ext4/super.c | 19 +++++------------
9 files changed, 122 insertions(+), 39 deletions(-)
--
2.7.4
From: Colin Ian King <[email protected]>
commit fbbbbd2f28aec991f3fbc248df211550fbdfd58c upstream.
There are two cases where u32 variables n and err are being checked
for less than zero error values, the checks is always false because
the variables are not signed. Fix this by making the variables ints.
Addresses-Coverity: ("Unsigned compared against 0")
Fixes: 345c0dbf3a30 ("ext4: protect journal inode's blocks using block_validity")
Signed-off-by: Colin Ian King <[email protected]>
Signed-off-by: Theodore Ts'o <[email protected]>
Signed-off-by: Ashwin H <[email protected]>
---
fs/ext4/block_validity.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/fs/ext4/block_validity.c b/fs/ext4/block_validity.c
index 9c9c639..d31d93e 100644
--- a/fs/ext4/block_validity.c
+++ b/fs/ext4/block_validity.c
@@ -141,7 +141,8 @@ static int ext4_protect_reserved_inode(struct super_block *sb, u32 ino)
struct inode *inode;
struct ext4_sb_info *sbi = EXT4_SB(sb);
struct ext4_map_blocks map;
- u32 i = 0, err = 0, num, n;
+ u32 i = 0, num;
+ int err = 0, n;
if ((ino < EXT4_ROOT_INO) ||
(ino > le32_to_cpu(sbi->s_es->s_inodes_count)))
--
2.7.4
From: Theodore Ts'o <[email protected]>
commit 170417c8c7bb2cbbdd949bf5c443c0c8f24a203b upstream.
Commit 345c0dbf3a30 ("ext4: protect journal inode's blocks using
block_validity") failed to add an exception for the journal inode in
ext4_check_blockref(), which is the function used by ext4_get_branch()
for indirect blocks. This caused attempts to read from the ext3-style
journals to fail with:
[ 848.968550] EXT4-fs error (device sdb7): ext4_get_branch:171: inode #8: block 30343695: comm jbd2/sdb7-8: invalid block
Fix this by adding the missing exception check.
Fixes: 345c0dbf3a30 ("ext4: protect journal inode's blocks using block_validity")
Reported-by: Arthur Marsh <[email protected]>
Signed-off-by: Theodore Ts'o <[email protected]>
Signed-off-by: Ashwin H <[email protected]>
---
fs/ext4/block_validity.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/fs/ext4/block_validity.c b/fs/ext4/block_validity.c
index bdc8e48..9c9c639 100644
--- a/fs/ext4/block_validity.c
+++ b/fs/ext4/block_validity.c
@@ -274,6 +274,11 @@ int ext4_check_blockref(const char *function, unsigned int line,
__le32 *bref = p;
unsigned int blk;
+ if (ext4_has_feature_journal(inode->i_sb) &&
+ (inode->i_ino ==
+ le32_to_cpu(EXT4_SB(inode->i_sb)->s_es->s_journal_inum)))
+ return 0;
+
while (bref < p+max) {
blk = le32_to_cpu(*bref++);
if (blk &&
--
2.7.4
I have sent patches for 4.14 tree
Thanks,
Ashwin
On 29/04/20, 6:29 PM, "Greg KH" <[email protected]> wrote:
On Thu, Apr 30, 2020 at 12:51:34AM +0530, ashwin-h wrote:
> [PATCH 1/5] ext4: avoid declaring fs inconsistent due to invalid file
> handles
> This patch is backported as functionality in this commit is used by
> Patch 2 in this patchset.
>
> [PATCH 2/5] ext4: protect journal inode's blocks using block_validity
> Backport to 4.9
>
> [PATCH 3/5] ext4: don't perform block validity checks on the journal
> [PATCH 4/5] ext4: fix block validity checks for journal inodes using
> [PATCH 5/5] ext4: unsigned int compared against zero
> Fixes issues found in Patch 2 in this patchset.
>
> These patches addresses CVE-2019-19319
I can't take patches for 4.9 that are not also in 4.14, for the obvious
reason that you never want to upgrade to a newer kernel and get
regressions.
So can you provide a backported series for the 4.14 tree too? Then I
can take these.
thanks,
greg k-h
On Wed, Apr 29, 2020 at 08:39:45PM +0000, Ashwin H wrote:
> I have sent patches for 4.14 tree
Thank you, all of these are now queued up.
greg k-h