Received: by 2002:a05:6a10:22f:0:0:0:0 with SMTP id 15csp113639pxk; Thu, 24 Sep 2020 00:35:47 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzC18/yfcUj1re5+Xyg14eOq1smhvJWMsYE2fiiDGMxrQ0o6Zz66lG0dxVwm4+1BrNkjjyW X-Received: by 2002:a05:6402:12d1:: with SMTP id k17mr3095491edx.323.1600932947025; Thu, 24 Sep 2020 00:35:47 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1600932947; cv=none; d=google.com; s=arc-20160816; b=m+1GIdzZ7Tw+jZclEiVy0rXVGsv/AM9xrtYdF4uREeWp5MdTKybLTalra/Fu9jUgEX oy1+uZWVJWpFbmCgTr1En6QEKhQniMujGYvhNj/pR9GT7F6b2xXwZUmbqxq/TicmeA+2 vBFpjywTuFJ8SI9cqsn6YLyEwlcekDHap8k022vg9TGqJyr+50hxYxBz5aOIQ2Oo/LFB JUhrUFd/sVHK+Vq1/vP18ORM/HLJwl3zw/WAWk2MDF3CEKofqHQtKxoF/tfWD7yUm7zl YqO0gj5AP6oZAtiP4GNPKVgisRETMk5HGsvj+1YpB6Q75b1gpUJTd8C93XwcvNlPSW6t TxEg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from; bh=LCB1pz3vzCnf5V0pIDP4MQJf5O6efyC1JMHFkLM+5SI=; b=SUCWarKLhzXxtDQy71ZYWlhXLCs8YmKmysdkzhgmPnSHqpT5SJZtp3IblqlQ50kbkc /Mmcivis2GTEWn9OluvtAZ1F2cDho58bhU1d1YrsC0p5gO32NbH9OPmL2Q3WvgDfKd6K uuB2jCWz06m+ALRHgg7zRO7fJ6QMk7EJRghQaY4N0v7fQhtdPsOYF/+7sIroY4gLPVFs hNN0Sh453ed7U1RLDvSAeihPO6Zx/2ikX/we8jKsYfrHj8J/ATRAFdLL4swQVMHhmL2E agFJTPiPUxByEYfBrCYLreTfOBBNPnth5CDU0Hp3TKbokXNaW/GAFMsxK8lu5+XRIokL BPug== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-ext4-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-ext4-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id o60si1428431edd.426.2020.09.24.00.35.23; Thu, 24 Sep 2020 00:35:47 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-ext4-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-ext4-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-ext4-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727145AbgIXHcy (ORCPT + 99 others); Thu, 24 Sep 2020 03:32:54 -0400 Received: from szxga05-in.huawei.com ([45.249.212.191]:14225 "EHLO huawei.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1727116AbgIXHcu (ORCPT ); Thu, 24 Sep 2020 03:32:50 -0400 Received: from DGGEMS409-HUB.china.huawei.com (unknown [172.30.72.58]) by Forcepoint Email with ESMTP id 6B2E732A820566377812; Thu, 24 Sep 2020 15:32:47 +0800 (CST) Received: from huawei.com (10.175.127.227) by DGGEMS409-HUB.china.huawei.com (10.3.19.209) with Microsoft SMTP Server id 14.3.487.0; Thu, 24 Sep 2020 15:32:37 +0800 From: "zhangyi (F)" To: CC: , , , Subject: [PATCH v2 0/7] ext4: fix a memory corrupt problem Date: Thu, 24 Sep 2020 15:33:30 +0800 Message-ID: <20200924073337.861472-1-yi.zhang@huawei.com> X-Mailer: git-send-email 2.25.4 MIME-Version: 1.0 Content-Transfer-Encoding: 7BIT Content-Type: text/plain; charset=US-ASCII X-Originating-IP: [10.175.127.227] X-CFilter-Loop: Reflected Precedence: bulk List-ID: X-Mailing-List: linux-ext4@vger.kernel.org Hi, This patch set fix a memory corruption problem caused by read stale extent block from disk in ext4_ext_split()->memset(). The root cause is we do not clear buffer's verified bit before read metadata block from disk again if it has been failed to write out to disk, if the block is mew allocated, we may propably get stale data from disk and lead to out-of-bounds access when we use this stale data. The first patch is the same to my v1 iteration, just clear buffer verified bit before read, this patch can fix this problem. The remaining patches remove all open codes that read metadata blocks in ext4 and introduce common read helpers as Jan suggested. I have test them on my xfstests and there is no degeneration. Thanks, Yi. zhangyi (F) (7): ext4: clear buffer verified flag if read meta block from disk ext4: introduce new metadata buffer read helpers ext4: use common helpers in all places reading metadata buffers ext4: use ext4_buffer_uptodate() in __ext4_get_inode_loc() ext4: introduce ext4_sb_breadahead_unmovable() to replace sb_breadahead_unmovable() ext4: use ext4_sb_bread() instead of sb_bread() ext4: introduce ext4_sb_bread_unmovable() to replace sb_bread_unmovable() fs/ext4/balloc.c | 7 +-- fs/ext4/ext4.h | 8 +++ fs/ext4/extents.c | 2 +- fs/ext4/ialloc.c | 5 +- fs/ext4/indirect.c | 8 +-- fs/ext4/inode.c | 43 +++++--------- fs/ext4/mmp.c | 10 +--- fs/ext4/move_extent.c | 2 +- fs/ext4/resize.c | 10 ++-- fs/ext4/super.c | 131 ++++++++++++++++++++++++++++++++++++------ 10 files changed, 153 insertions(+), 73 deletions(-) -- 2.25.4