diff options
| author | Mark Salyzyn <salyzyn@google.com> | 2016-04-25 15:52:05 -0700 |
|---|---|---|
| committer | Mark Salyzyn <salyzyn@google.com> | 2016-04-26 11:28:43 -0700 |
| commit | 3c714201e02ec08652be4b9544a5267e79bde3a9 (patch) | |
| tree | a28a95814c0081b7597a5c142c0d25f0869a1a2e | |
| parent | 2564b249a2e804887cea367f88c37316b28f224f (diff) | |
| download | tegra-3c714201e02ec08652be4b9544a5267e79bde3a9.tar.gz | |
BACKPORT: f2fs: add a max block check for get_data_block_bmap
(cherry pick from commit 179448bfe4cd201e98e728391c6b01b25c849fe8)
This patch adds a max block check for get_data_block_bmap.
Trinity test program will send a block number as parameter into
ioctl_fibmap, which will be used in get_node_path(), when the block
number large than f2fs max blocks, it will trigger kernel bug.
Signed-off-by: Yunlei He <heyunlei@huawei.com>
Signed-off-by: Xue Liu <liuxueliu.liu@huawei.com>
[Jaegeuk Kim: fix missing condition, pointed by Chao Yu]
Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
Bug: 28271368
Change-Id: Ia5acae04522993d5b60a0bcb5ccc184c66532be8
| -rw-r--r-- | fs/f2fs/data.c | 11 | ||||
| -rw-r--r-- | fs/f2fs/f2fs.h | 1 | ||||
| -rw-r--r-- | fs/f2fs/super.c | 2 |
3 files changed, 12 insertions, 2 deletions
diff --git a/fs/f2fs/data.c b/fs/f2fs/data.c index ce11d9a92aed..6a0302932b76 100644 --- a/fs/f2fs/data.c +++ b/fs/f2fs/data.c @@ -445,6 +445,15 @@ static int get_data_block_ro(struct inode *inode, sector_t iblock, return 0; } +static int get_data_block_bmap(struct inode *inode, sector_t iblock, + struct buffer_head *bh_result, int create) +{ + /* Block number less than F2FS MAX BLOCKS */ + if (unlikely(iblock >= max_file_size(0))) + return -EFBIG; + return get_data_block_ro(inode, iblock, bh_result, create); +} + static int f2fs_read_data_page(struct file *file, struct page *page) { return mpage_readpage(page, get_data_block_ro); @@ -732,7 +741,7 @@ static int f2fs_set_data_page_dirty(struct page *page) static sector_t f2fs_bmap(struct address_space *mapping, sector_t block) { - return generic_block_bmap(mapping, block, get_data_block_ro); + return generic_block_bmap(mapping, block, get_data_block_bmap); } const struct address_space_operations f2fs_dblock_aops = { diff --git a/fs/f2fs/f2fs.h b/fs/f2fs/f2fs.h index 20aab02f2a42..8aeea5dbce5a 100644 --- a/fs/f2fs/f2fs.h +++ b/fs/f2fs/f2fs.h @@ -928,6 +928,7 @@ static inline int f2fs_add_link(struct dentry *dentry, struct inode *inode) /* * super.c */ +loff_t max_file_size(unsigned bits); int f2fs_sync_fs(struct super_block *, int); extern __printf(3, 4) void f2fs_msg(struct super_block *, const char *, const char *, ...); diff --git a/fs/f2fs/super.c b/fs/f2fs/super.c index 03ab8b830940..9f3bbc577c6a 100644 --- a/fs/f2fs/super.c +++ b/fs/f2fs/super.c @@ -375,7 +375,7 @@ static int parse_options(struct super_block *sb, struct f2fs_sb_info *sbi, return 0; } -static loff_t max_file_size(unsigned bits) +loff_t max_file_size(unsigned bits) { loff_t result = ADDRS_PER_INODE; loff_t leaf_count = ADDRS_PER_BLOCK; |