Received: by 2002:a25:1985:0:0:0:0:0 with SMTP id 127csp1683082ybz;
        Thu, 23 Apr 2020 03:49:34 -0700 (PDT)
X-Google-Smtp-Source: APiQypIwybBpOobIq29o0e8B34P5P8rapeU51ueI0MN7xX/fmBWDWcraxMUtpGUomyGtZSiLnEo5
X-Received: by 2002:a05:6402:31b1:: with SMTP id dj17mr2045581edb.146.1587638973978;
        Thu, 23 Apr 2020 03:49:33 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1587638973; cv=none;
        d=google.com; s=arc-20160816;
        b=kzCKBTMLxMEzIKappiSaKXauIRZHbGm8AVqSdt8txyCUqitiA6WFdcTYTIY+gRXHVD
         KvyUw4zxP3C4UFivZXjGxBJpdiCmNOsvg/g+S8zSaIp+XS7v402RToHkSyp13cE5DHzr
         m/V2NMRW34SI4Ubfi24cWLR/hbxlUzvHxREA3F42WhVJbwHYIUbnA0KJQ3xMpN+kb4Su
         VbSnNiDvVqrKMwUbhX9Du0A0UhaJJoj7fCg4NRzxYwleir1/QKpsOjr1z6niwClxDOna
         7LkmbMW3ppXGIVGg18UcvEpVDYLripwLMkcvfIRvugEbxIN7lrqlqnJ++m+JxRwmM6MC
         Mwsg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:message-id:content-transfer-encoding
         :mime-version:references:in-reply-to:date:subject:cc:to:from;
        bh=C/eMemt/noTW5elBIWpaeXHYFMnH5Q3OCxbq/7saYVY=;
        b=CAbUdfQq64othlt1RTKeiBGIKL6iV2+svUVGcYLWmIRNG4sHc/1oP9vtlANCRQ8uNA
         rsih18Ch/1TSXBF9jQGVz1CdqpWIi6onexrgn3I3AMRzyq+vDUIZQbxOkWp0wQr9NQm3
         Ix0lEi1kvuJ0OMoSHcI3e+t09SRJnSbuU4ZT9WAaNjPlbaBUqHRReFimplC3MZfkOQv3
         Frqekr+Ds3i4uwKnFjXGKgQyDlDrQiz5Ew54Yh1FtunsZQ60byAWcxJ7ScerwhBmy6Bu
         rkjV/LbrgqJkZyXiGzIwbD3tKnPtfPoz1It39oD2yL0oivkrHqlvYjj+sHSMrx1/wZFk
         Oi6g==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-ext4-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-ext4-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com
Return-Path: <linux-ext4-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18])
        by mx.google.com with ESMTP id d6si1124600ejy.428.2020.04.23.03.49.10;
        Thu, 23 Apr 2020 03:49:33 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-ext4-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-ext4-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-ext4-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=ibm.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1727832AbgDWKsd (ORCPT <rfc822;brookxu.cn@gmail.com>
        + 99 others); Thu, 23 Apr 2020 06:48:33 -0400
Received: from mx0b-001b2d01.pphosted.com ([148.163.158.5]:10602 "EHLO
        mx0b-001b2d01.pphosted.com" rhost-flags-OK-OK-OK-OK)
        by vger.kernel.org with ESMTP id S1727815AbgDWKsc (ORCPT
        <rfc822;linux-ext4@vger.kernel.org>);
        Thu, 23 Apr 2020 06:48:32 -0400
Received: from pps.filterd (m0127361.ppops.net [127.0.0.1])
        by mx0a-001b2d01.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id 03NAXtgQ055331
        for <linux-ext4@vger.kernel.org>; Thu, 23 Apr 2020 06:48:31 -0400
Received: from e06smtp05.uk.ibm.com (e06smtp05.uk.ibm.com [195.75.94.101])
        by mx0a-001b2d01.pphosted.com with ESMTP id 30jvfuc2x9-1
        (version=TLSv1.2 cipher=AES256-GCM-SHA384 bits=256 verify=NOT)
        for <linux-ext4@vger.kernel.org>; Thu, 23 Apr 2020 06:48:30 -0400
Received: from localhost
        by e06smtp05.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted
        for <linux-ext4@vger.kernel.org> from <riteshh@linux.ibm.com>;
        Thu, 23 Apr 2020 11:47:32 +0100
Received: from b06avi18626390.portsmouth.uk.ibm.com (9.149.26.192)
        by e06smtp05.uk.ibm.com (192.168.101.135) with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted;
        (version=TLSv1/SSLv3 cipher=AES256-GCM-SHA384 bits=256/256)
        Thu, 23 Apr 2020 11:47:28 +0100
Received: from d06av25.portsmouth.uk.ibm.com (d06av25.portsmouth.uk.ibm.com [9.149.105.61])
        by b06avi18626390.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 03NAlFAG63635902
        (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK);
        Thu, 23 Apr 2020 10:47:15 GMT
Received: from d06av25.portsmouth.uk.ibm.com (unknown [127.0.0.1])
        by IMSVA (Postfix) with ESMTP id 5DD9011C04C;
        Thu, 23 Apr 2020 10:48:22 +0000 (GMT)
Received: from d06av25.portsmouth.uk.ibm.com (unknown [127.0.0.1])
        by IMSVA (Postfix) with ESMTP id 6809C11C052;
        Thu, 23 Apr 2020 10:48:18 +0000 (GMT)
Received: from localhost.localdomain.com (unknown [9.199.60.18])
        by d06av25.portsmouth.uk.ibm.com (Postfix) with ESMTP;
        Thu, 23 Apr 2020 10:48:18 +0000 (GMT)
From:   Ritesh Harjani <riteshh@linux.ibm.com>
To:     linux-ext4@vger.kernel.org
Cc:     jack@suse.cz, tytso@mit.edu, adilger@dilger.ca,
        darrick.wong@oracle.com, hch@infradead.org,
        Alexander Viro <viro@zeniv.linux.org.uk>,
        Dan Carpenter <dan.carpenter@oracle.com>,
        "Aneesh Kumar K . V" <aneesh.kumar@linux.ibm.com>,
        Ritesh Harjani <riteshh@linux.ibm.com>,
        Murphy Zhou <jencce.kernel@gmail.com>,
        Miklos Szeredi <miklos@szeredi.hu>,
        Amir Goldstein <amir73il@gmail.com>,
        linux-fsdevel@vger.kernel.org, linux-unionfs@vger.kernel.org,
        syzbot+77fa5bdb65cc39711820@syzkaller.appspotmail.com
Subject: [PATCH 1/5] ext4: Fix EXT4_MAX_LOGICAL_BLOCK macro
Date:   Thu, 23 Apr 2020 16:17:53 +0530
X-Mailer: git-send-email 2.21.0
In-Reply-To: <cover.1587555962.git.riteshh@linux.ibm.com>
References: <cover.1587555962.git.riteshh@linux.ibm.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-TM-AS-GCONF: 00
x-cbid: 20042310-0020-0000-0000-000003CD1B83
X-IBM-AV-DETECTION: SAVI=unused REMOTE=unused XFE=unused
x-cbparentid: 20042310-0021-0000-0000-000022261BDB
Message-Id: <e31dbabc453d1f227371bed6e0cc2f3493b4955f.1587555962.git.riteshh@linux.ibm.com>
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.138,18.0.676
 definitions=2020-04-23_07:2020-04-22,2020-04-23 signatures=0
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 mlxscore=0 priorityscore=1501
 adultscore=0 impostorscore=0 mlxlogscore=999 spamscore=0 clxscore=1015
 phishscore=0 lowpriorityscore=0 malwarescore=0 bulkscore=0 suspectscore=1
 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2003020000
 definitions=main-2004230082
Sender: linux-ext4-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-ext4.vger.kernel.org>
X-Mailing-List: linux-ext4@vger.kernel.org

ext4 supports max number of logical blocks in a file to be 0xffffffff.
(This is since ext4_extent's ee_block is __le32).
This means that EXT4_MAX_LOGICAL_BLOCK should be 0xfffffffe (starting
from 0 logical offset). This patch fixes this.

The issue was seen when ext4 moved to iomap_fiemap API and when
overlayfs was mounted on top of ext4. Since overlayfs was missing
filemap_check_ranges(), so it could pass a arbitrary huge length which
lead to overflow of map.m_len logic.

This patch fixes that.

Fixes: d3b6f23f7167 ("ext4: move ext4_fiemap to use iomap framework")
Reported-by: syzbot+77fa5bdb65cc39711820@syzkaller.appspotmail.com
Signed-off-by: Ritesh Harjani <riteshh@linux.ibm.com>
---
 fs/ext4/ext4.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/fs/ext4/ext4.h b/fs/ext4/ext4.h
index 91eb4381cae5..ad2dbf6e4924 100644
--- a/fs/ext4/ext4.h
+++ b/fs/ext4/ext4.h
@@ -722,7 +722,7 @@ enum {
 #define EXT4_MAX_BLOCK_FILE_PHYS	0xFFFFFFFF
 
 /* Max logical block we can support */
-#define EXT4_MAX_LOGICAL_BLOCK		0xFFFFFFFF
+#define EXT4_MAX_LOGICAL_BLOCK		0xFFFFFFFE
 
 /*
  * Structure of an inode on the disk
-- 
2.21.0