evie/android_kernel_oneplus_msm8998
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
android_kernel_oneplus_msm8998/fs/ext4
History
Theodore Ts'o 1c5265be54 ext4: don't BUG when truncating encrypted inodes on the orphan list 
commit 0d06863f903ac5f4f6efb0273079d27de3e53a28 upstream.

Fix a BUG when the kernel tries to mount a file system constructed as
follows:

echo foo > foo.txt
mke2fs -Fq -t ext4 -O encrypt foo.img 100
debugfs -w foo.img << EOF
write foo.txt a
set_inode_field a i_flags 0x80800
set_super_value s_last_orphan 12
quit
EOF

root@kvm-xfstests:~# mount -o loop foo.img /mnt
[  160.238770] ------------[ cut here ]------------
[  160.240106] kernel BUG at /usr/projects/linux/ext4/fs/ext4/inode.c:3874!
[  160.240106] invalid opcode: 0000 [#1] SMP
[  160.240106] Modules linked in:
[  160.240106] CPU: 0 PID: 2547 Comm: mount Tainted: G        W       4.10.0-rc3-00034-gcdd33b941b67 #227
[  160.240106] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.10.1-1 04/01/2014
[  160.240106] task: f4518000 task.stack: f47b6000
[  160.240106] EIP: ext4_block_zero_page_range+0x1a7/0x2b4
[  160.240106] EFLAGS: 00010246 CPU: 0
[  160.240106] EAX: 00000001 EBX: f7be4b50 ECX: f47b7dc0 EDX: 00000007
[  160.240106] ESI: f43b05a8 EDI: f43babec EBP: f47b7dd0 ESP: f47b7dac
[  160.240106]  DS: 007b ES: 007b FS: 00d8 GS: 0033 SS: 0068
[  160.240106] CR0: 80050033 CR2: bfd85b08 CR3: 34a00680 CR4: 000006f0
[  160.240106] Call Trace:
[  160.240106]  ext4_truncate+0x1e9/0x3e5
[  160.240106]  ext4_fill_super+0x286f/0x2b1e
[  160.240106]  ? set_blocksize+0x2e/0x7e
[  160.240106]  mount_bdev+0x114/0x15f
[  160.240106]  ext4_mount+0x15/0x17
[  160.240106]  ? ext4_calculate_overhead+0x39d/0x39d
[  160.240106]  mount_fs+0x58/0x115
[  160.240106]  vfs_kern_mount+0x4b/0xae
[  160.240106]  do_mount+0x671/0x8c3
[  160.240106]  ? _copy_from_user+0x70/0x83
[  160.240106]  ? strndup_user+0x31/0x46
[  160.240106]  SyS_mount+0x57/0x7b
[  160.240106]  do_int80_syscall_32+0x4f/0x61
[  160.240106]  entry_INT80_32+0x2f/0x2f
[  160.240106] EIP: 0xb76b919e
[  160.240106] EFLAGS: 00000246 CPU: 0
[  160.240106] EAX: ffffffda EBX: 08053838 ECX: 08052188 EDX: 080537e8
[  160.240106] ESI: c0ed0000 EDI: 00000000 EBP: 080537e8 ESP: bfa13660
[  160.240106]  DS: 007b ES: 007b FS: 0000 GS: 0033 SS: 007b
[  160.240106] Code: 59 8b 00 a8 01 0f 84 09 01 00 00 8b 07 66 25 00 f0 66 3d 00 80 75 61 89 f8 e8 3e e2 ff ff 84 c0 74 56 83 bf 48 02 00 00 00 75 02 <0f> 0b 81 7d e8 00 10 00 00 74 02 0f 0b 8b 43 04 8b 53 08 31 c9
[  160.240106] EIP: ext4_block_zero_page_range+0x1a7/0x2b4 SS:ESP: 0068:f47b7dac
[  160.317241] ---[ end trace d6a773a375c810a5 ]---

The problem is that when the kernel tries to truncate an inode in
ext4_truncate(), it tries to clear any on-disk data beyond i_size.
Without the encryption key, it can't do that, and so it triggers a
BUG.

E2fsck does *not* provide this service, and in practice most file
systems have their orphan list processed by e2fsck, so to avoid
crashing, this patch skips this step if we don't have access to the
encryption key (which is the case when processing the orphan list; in
all other cases, we will have the encryption key, or the kernel
wouldn't have allowed the file to be opened).

An open question is whether the fact that e2fsck isn't clearing the
bytes beyond i_size causing problems --- and if we've lived with it
not doing it for so long, can we drop this from the kernel replay of
the orphan list in all cases (not just when we don't have the key for
encrypted inodes).

Addresses-Google-Bug: #35209576

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2017-03-18 19:09:58 +08:00
..
acl.c posix_acl: Clear SGID bit when setting file permissions 2016-10-31 04:13:58 -06:00
acl.h
balloc.c ext4: validate s_reserved_gdt_blocks on mount 2016-08-16 09:30:51 +02:00
bitmap.c ext4: remove unused header files 2015-04-02 23:47:42 -04:00
block_validity.c ext4: call out CRC and corruption errors with specific error codes 2015-10-17 16:16:04 -04:00
crypto.c ext4: fix an endianness bug in ext4_encrypted_zeroout() 2015-11-26 15:20:19 -05:00
crypto_fname.c ext4 crypto: replace some BUG_ON()'s with error checks 2015-10-03 10:49:27 -04:00
crypto_key.c ext4 crypto: add missing locking for keyring_key access 2016-02-17 12:31:02 -08:00
crypto_policy.c fscrypto: add authorization check for setting encryption policy 2016-09-24 10:07:34 +02:00
dir.c ext4: clean up feature test macros with predicate functions 2015-10-17 16:18:43 -04:00
ext4.h ext4: sanity check the block and cluster size at mount time 2016-11-26 09:54:52 +01:00
ext4_crypto.h ext4 crypto: allocate bounce pages using GFP_NOWAIT 2015-06-03 09:32:39 -04:00
ext4_extents.h ext4: teach ext4_ext_find_extent() to realloc path if necessary 2014-09-01 14:40:09 -04:00
ext4_jbd2.c ext4: fix potential use after free in __ext4_journal_stop 2015-10-17 22:57:06 -04:00
ext4_jbd2.h ext4: do not perform data journaling when data is encrypted 2017-01-06 11:16:13 +01:00
extents.c ext4: do not polute the extents cache while shifting extents 2017-03-12 06:37:27 +01:00
extents_status.c ext4: move procfs registration code to fs/ext4/sysfs.c 2015-09-23 12:46:17 -04:00
extents_status.h ext4: move procfs registration code to fs/ext4/sysfs.c 2015-09-23 12:46:17 -04:00
file.c ext4: fix races between page faults and hole punching 2016-05-04 14:48:53 -07:00
fsync.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2015-04-26 17:22:07 -07:00
hash.c ext4: remove unused header files 2015-04-02 23:47:42 -04:00
ialloc.c ext4: clean up error handling when orphan list is corrupted 2016-06-07 18:14:37 -07:00
indirect.c ext4: clean up feature test macros with predicate functions 2015-10-17 16:18:43 -04:00
inline.c ext4: fix inline data error paths 2017-03-12 06:37:27 +01:00
inode.c ext4: don't BUG when truncating encrypted inodes on the orphan list 2017-03-18 19:09:58 +08:00
ioctl.c fscrypto: require write access to mount to set encryption policy 2016-09-24 10:07:35 +02:00
Kconfig ext4: Update EXT4_USE_FOR_EXT2 description 2015-09-24 13:27:47 +02:00
Makefile ext4: move sysfs code from super.c to fs/ext4/sysfs.c 2015-09-23 12:44:17 -04:00
mballoc.c ext4: trim allocation requests to group size 2017-03-12 06:37:27 +01:00
mballoc.h
migrate.c ext4: clean up feature test macros with predicate functions 2015-10-17 16:18:43 -04:00
mmp.c ext4: call out CRC and corruption errors with specific error codes 2015-10-17 16:16:04 -04:00
move_extent.c ext4: enforce online defrag restriction for encrypted files 2016-10-22 12:26:56 +02:00
namei.c ext4: release bh in make_indexed_dir 2016-10-22 12:26:56 +02:00
page-io.c ext4 crypto: fix memory leak in ext4_bio_write_page() 2015-10-02 23:54:58 -04:00
readpage.c Merge branch 'akpm' (patches from Andrew) 2015-11-07 14:32:45 -08:00
resize.c ext4: fix potential integer overflow 2016-02-25 12:01:15 -08:00
super.c ext4: return EROFS if device is r/o and journal replay is needed 2017-03-12 06:37:27 +01:00
symlink.c ext4: fix an endianness bug in ext4_encrypted_follow_link() 2015-11-26 15:20:50 -05:00
sysfs.c ext4: do not advertise encryption support when disabled 2016-10-28 03:01:35 -04:00
truncate.h ext4: fix races between page faults and hole punching 2016-05-04 14:48:53 -07:00
xattr.c ext4: avoid modifying checksum fields directly during checksum verification 2016-09-15 08:27:51 +02:00
xattr.h ext4 crypto: add encryption xattr support 2015-04-11 07:47:00 -04:00
xattr_security.c xattr handlers: Pass handler to operations instead of flags 2015-11-13 20:34:32 -05:00
xattr_trusted.c xattr handlers: Pass handler to operations instead of flags 2015-11-13 20:34:32 -05:00
xattr_user.c xattr handlers: Pass handler to operations instead of flags 2015-11-13 20:34:32 -05:00