Commit c4d36b63 authored by Linus Torvalds's avatar Linus Torvalds
Browse files

Merge tag 'ext4_for_linus_stable' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4 

Pull ext4 fixes from Ted Ts'o:
 "Some bug fixes, and an update to the URL's for the final version of
  Unicode 12.1.0"

* tag 'ext4_for_linus_stable' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4:
  ext4: avoid panic during forced reboot due to aborted journal
  ext4: fix block validity checks for journal inodes using indirect blocks
  unicode: update to Unicode 12.1.0 final
  unicode: add missing check for an error return from utf8lookup()
  ext4: fix miscellaneous sparse warnings
  ext4: unsigned int compared against zero
  ext4: fix use-after-free in dx_release()
  ext4: fix data corruption caused by overlapping unaligned and aligned IO
  jbd2: fix potential double free
  ext4: zero out the unused memory region in the extent tree block
parents d8848eef 2c1d0e36

fs/ext4/block_validity.c

+7 −1
Original line number Diff line number Diff line
@@ -142,7 +142,8 @@ static int ext4_protect_reserved_inode(struct super_block *sb, u32 ino) 
	struct inode *inode;

	struct ext4_sb_info *sbi = EXT4_SB(sb);

	struct ext4_map_blocks map;

	u32 i = 0, err = 0, num, n;

	u32 i = 0, num;

	int err = 0, n;



	if ((ino < EXT4_ROOT_INO) ||

	    (ino > le32_to_cpu(sbi->s_es->s_inodes_count)))
@@ -276,6 +277,11 @@ int ext4_check_blockref(const char *function, unsigned int line, 
	__le32 *bref = p;

	unsigned int blk;



	if (ext4_has_feature_journal(inode->i_sb) &&

	    (inode->i_ino ==

	     le32_to_cpu(EXT4_SB(inode->i_sb)->s_es->s_journal_inum)))

		return 0;



	while (bref < p+max) {

		blk = le32_to_cpu(*bref++);

		if (blk &&

fs/ext4/extents.c

+15 −2
Original line number Diff line number Diff line
@@ -1035,6 +1035,7 @@ static int ext4_ext_split(handle_t *handle, struct inode *inode, 
	__le32 border;

	ext4_fsblk_t *ablocks = NULL; /* array of allocated blocks */

	int err = 0;

	size_t ext_size = 0;



	/* make decision: where to split? */

	/* FIXME: now decision is simplest: at current extent */
@@ -1126,6 +1127,10 @@ static int ext4_ext_split(handle_t *handle, struct inode *inode, 
		le16_add_cpu(&neh->eh_entries, m);

	}



	/* zero out unused area in the extent block */

	ext_size = sizeof(struct ext4_extent_header) +

		sizeof(struct ext4_extent) * le16_to_cpu(neh->eh_entries);

	memset(bh->b_data + ext_size, 0, inode->i_sb->s_blocksize - ext_size);

	ext4_extent_block_csum_set(inode, neh);

	set_buffer_uptodate(bh);

	unlock_buffer(bh);
@@ -1205,6 +1210,11 @@ static int ext4_ext_split(handle_t *handle, struct inode *inode, 
				sizeof(struct ext4_extent_idx) * m);

			le16_add_cpu(&neh->eh_entries, m);

		}

		/* zero out unused area in the extent block */

		ext_size = sizeof(struct ext4_extent_header) +

		   (sizeof(struct ext4_extent) * le16_to_cpu(neh->eh_entries));

		memset(bh->b_data + ext_size, 0,

			inode->i_sb->s_blocksize - ext_size);

		ext4_extent_block_csum_set(inode, neh);

		set_buffer_uptodate(bh);

		unlock_buffer(bh);
@@ -1270,6 +1280,7 @@ static int ext4_ext_grow_indepth(handle_t *handle, struct inode *inode, 
	ext4_fsblk_t newblock, goal = 0;

	struct ext4_super_block *es = EXT4_SB(inode->i_sb)->s_es;

	int err = 0;

	size_t ext_size = 0;



	/* Try to prepend new index to old one */

	if (ext_depth(inode))
@@ -1295,9 +1306,11 @@ static int ext4_ext_grow_indepth(handle_t *handle, struct inode *inode, 
		goto out;

	}



	ext_size = sizeof(EXT4_I(inode)->i_data);

	/* move top-level index/leaf into new block */

	memmove(bh->b_data, EXT4_I(inode)->i_data,

		sizeof(EXT4_I(inode)->i_data));

	memmove(bh->b_data, EXT4_I(inode)->i_data, ext_size);

	/* zero out unused area in the extent block */

	memset(bh->b_data + ext_size, 0, inode->i_sb->s_blocksize - ext_size);



	/* set size of new block */

	neh = ext_block_hdr(bh);

fs/ext4/file.c

+7 −0
Original line number Diff line number Diff line
@@ -264,6 +264,13 @@ ext4_file_write_iter(struct kiocb *iocb, struct iov_iter *from) 
	}



	ret = __generic_file_write_iter(iocb, from);

	/*

	 * Unaligned direct AIO must be the only IO in flight. Otherwise

	 * overlapping aligned IO after unaligned might result in data

	 * corruption.

	 */

	if (ret == -EIOCBQUEUED && unaligned_aio)

		ext4_unwritten_wait(inode);

	inode_unlock(inode);



	if (ret > 0)

fs/ext4/fsmap.c

+1 −1
Original line number Diff line number Diff line
@@ -626,7 +626,7 @@ int ext4_getfsmap(struct super_block *sb, struct ext4_fsmap_head *head, 
{

	struct ext4_fsmap dkeys[2];	/* per-dev keys */

	struct ext4_getfsmap_dev handlers[EXT4_GETFSMAP_DEVS];

	struct ext4_getfsmap_info info = {0};

	struct ext4_getfsmap_info info = { NULL };

	int i;

	int error = 0;

fs/ext4/ioctl.c

+1 −1
Original line number Diff line number Diff line
@@ -608,7 +608,7 @@ static int ext4_getfsmap_format(struct ext4_fsmap *xfm, void *priv) 
static int ext4_ioc_getfsmap(struct super_block *sb,

			     struct fsmap_head __user *arg)

{

	struct getfsmap_info info = {0};

	struct getfsmap_info info = { NULL };

	struct ext4_fsmap_head xhead = {0};

	struct fsmap_head head;

	bool aborted = false;

CRA Git | Maintained and supported by SUSTech CRA and CCSE