evie/android_kernel_oneplus_msm8998
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
android_kernel_oneplus_msm8998/fs
History
Theodore Ts'o 3d05e69b4e ext4: always verify the magic number in xattr blocks 
commit 513f86d73855ce556ea9522b6bfd79f87356dc3a upstream.

If there an inode points to a block which is also some other type of
metadata block (such as a block allocation bitmap), the
buffer_verified flag can be set when it was validated as that other
metadata block type; however, it would make a really terrible external
attribute block.  The reason why we use the verified flag is to avoid
constantly reverifying the block.  However, it doesn't take much
overhead to make sure the magic number of the xattr block is correct,
and this will avoid potential crashes.

This addresses CVE-2018-10879.

https://bugzilla.kernel.org/show_bug.cgi?id=200001

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Reviewed-by: Andreas Dilger <adilger@dilger.ca>
[Backported to 4.4: adjust context]
Signed-off-by: Daniel Rosenberg <drosen@google.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

Change-Id: I06728150aefd0fffbdb6bd7cbce0858221ff6f74
(cherry picked from commit 62a28a64d87fbdce5c0a988b440a4ae6dd37b41e)
2019-03-30 07:59:30 +01:00
..
9p fs/9p: Compare qid.path in v9fs_test_inode 2017-11-30 08:37:22 +00:00
adfs fs/adfs: remove unneeded cast 2015-06-30 19:44:57 -07:00
affs affs_lookup(): close a race with affs_remove_link() 2018-05-30 07:48:51 +02:00
afs afs: Fix afs_kill_pages() 2017-12-20 10:04:56 +01:00
autofs4 autofs: mount point create should honour passed in mode 2018-04-24 09:32:11 +02:00
befs Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2015-07-04 19:36:06 -07:00
bfs Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2015-04-26 17:22:07 -07:00
btrfs Merge android-4.4.146 (13962260) into msm-4.4 2018-08-07 15:36:56 +05:30
cachefiles FS-Cache: Add missing initialization of ret in cachefiles_write_page() 2015-11-16 20:38:43 -05:00
ceph Merge remote-tracking branch 'origin/upstream-f2fs-stable-linux-4.4.y' into android-4.4 2018-07-30 17:25:04 -07:00
cifs cifs: Fix infinite loop when using hard mount option 2018-07-11 16:03:48 +02:00
coda coda: fix 'kernel memory exposure attempt' in fsync 2017-11-24 08:32:25 +01:00
configfs configfs: Fix race between create_link and configfs_rmdir 2017-06-26 07:13:08 +02:00
cramfs fs/cramfs/inode.c: use linux/uaccess.h 2014-08-08 15:57:25 -07:00
crypto fscrypt: log the crypto algorithm implementations 2018-06-28 14:24:29 -07:00
debugfs dentry name snapshots 2017-08-06 19:19:42 -07:00
devpts devpts: clean up interface to pty drivers 2016-08-16 09:30:49 +02:00
dlm dlm: avoid double-free on error path in dlm_device_{register,unregister} 2017-09-13 14:09:45 -07:00
ecryptfs Revert "do d_instantiate/unlock_new_inode combinations safely" 2018-07-03 16:23:54 -07:00
efivarfs efi: Make efivarfs entries immutable by default 2016-03-03 15:07:09 -08:00
efs fs/efs: femove unneeded cast 2015-06-25 17:00:42 -07:00
exfat Synchronize codes for OnePlus5 & 5T OxygenOS 9.0.0 2018-12-26 11:02:39 +08:00
exofs osd fs: __r4w_get_page rely on PageUptodate for uptodate 2015-12-12 10:15:34 -08:00
exportfs VFS: (Scripted) Convert S_ISLNK/DIR/REG(dentry->d_inode) to d_is_*(dentry) 2015-02-22 11:38:41 -05:00
ext2 Revert "do d_instantiate/unlock_new_inode combinations safely" 2018-07-03 16:23:54 -07:00
ext4 ext4: always verify the magic number in xattr blocks 2019-03-30 07:59:30 +01:00
f2fs f2fs: fix to account IO correctly 2019-01-18 14:54:15 +05:30
fat Merge android-4.4.144 (4b2d6ba) into msm-4.4 2018-08-03 17:05:13 +05:30
freevxfs freevxfs: Grammar s/an negative/a negative/ 2015-08-07 13:59:24 +02:00
fscache fscache: Fix hanging wait on page discarded by writeback 2018-05-30 07:49:08 +02:00
fuse Synchronize codes for OnePlus5 & 5T OxygenOS 9.0.0 2018-12-26 11:02:39 +08:00
gfs2 Merge android-4.4.142 (8ec9fd8) into msm-4.4 2018-08-03 16:59:20 +05:30
hfs hfs: fix B-tree corruption after insertion at position 0 2015-09-10 13:29:01 -07:00
hfsplus hfsplus: stop workqueue when fill_super() failed 2018-05-26 08:49:01 +02:00
hostfs hostfs: Freeing an ERR_PTR in hostfs_fill_sb_common() 2016-09-30 10:18:39 +02:00
hpfs hpfs: implement the show_options method 2016-06-01 12:15:54 -07:00
hugetlbfs mm: larger stack guard gap, between vmas 2017-06-26 07:13:11 +02:00
isofs isofs: fix timestamps beyond 2027 2017-11-30 08:37:20 +00:00
jbd2 jbd2: don't mark block as modified if the handle is out of credits 2018-07-11 16:03:48 +02:00
jffs2 Revert "do d_instantiate/unlock_new_inode combinations safely" 2018-07-03 16:23:54 -07:00
jfs Merge android-4.4.148 (f057ff9) into msm-4.4 2018-08-24 00:07:01 +05:30
kernfs kernfs: fix regression in kernfs_fop_write caused by wrong type 2018-02-16 20:09:42 +01:00
lockd lockd: lost rollback of set_grace_period() in lockd_down_net() 2018-05-26 08:48:50 +02:00
logfs mm, fs: introduce mapping_gfp_constraint() 2015-11-06 17:50:42 -08:00
minix Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2015-07-04 19:36:06 -07:00
ncpfs staging: ncpfs: memory corruption in ncp_read_kernel() 2018-03-28 18:40:15 +02:00
nfs NFSv4: Fix possible 1-byte stack overflow in nfs_idmap_read_and_verify_message 2018-07-03 11:21:34 +02:00
nfs_common lockd: fix "list_add double add" caused by legacy signal interface 2018-02-03 17:04:28 +01:00
nfsd nfsd: fix potential use-after-free in nfsd4_decode_getdeviceinfo 2018-08-06 16:24:30 +02:00
nilfs2 Merge android-4.4.142 (8ec9fd8) into msm-4.4 2018-08-03 16:59:20 +05:30
nls nls: have register_nls() set ->owner 2014-01-25 03:14:05 -05:00
notify This is the 4.4.129 stable release 2018-04-24 10:42:34 +02:00
ntfs mm, fs: introduce mapping_gfp_constraint() 2015-11-06 17:50:42 -08:00
ocfs2 ocfs2: subsystem.su_mutex is required while accessing the item->ci_parent 2018-07-22 14:25:52 +02:00
omfs omfs: fix potential integer overflow in allocator 2015-05-28 18:25:19 -07:00
openpromfs fs: push sync_filesystem() down to the file system's remount_fs() 2014-03-13 10:14:33 -04:00
overlayfs ovl: warn instead of error if d_type is not supported 2018-08-28 07:23:43 +02:00
proc Synchronize codes for OnePlus5 & 5T OxygenOS 9.0.0 2018-12-26 11:02:39 +08:00
pstore Synchronize codes for OnePlus5 & 5T OxygenOS 9.0.0 2018-12-26 11:02:39 +08:00
qnx4 fs: push sync_filesystem() down to the file system's remount_fs() 2014-03-13 10:14:33 -04:00
qnx6 pagemap.h: move dir_pages() over there 2015-06-23 18:02:00 -04:00
quota quota: Check for register_shrinker() failure. 2018-02-03 17:04:28 +01:00
ramfs mm, fs: obey gfp_mapping for add_to_page_cache() 2015-10-16 11:42:28 -07:00
reiserfs Merge android-4.4.153 (5e24b4e) into msm-4.4 2018-08-28 17:28:39 +05:30
romfs romfs: use different way to generate fsid for BLOCK or MTD 2017-06-17 06:39:38 +02:00
sdcardfs ANDROID: sdcardfs: Change current->fs under lock 2018-12-26 08:00:06 +01:00
squashfs This is the 4.4.146 stable release 2018-08-06 19:12:19 +02:00
sysfs sysfs: be careful of error returns from ops->show() 2017-04-12 12:38:33 +02:00
sysv fix sysvfs symlinks 2015-11-23 21:11:08 -05:00
tracefs tracefs: Fix refcount imbalance in start_creating() 2015-11-04 22:13:45 -05:00
ubifs Merge android-4.4.139 (7ba5557) into msm-4.4 2018-07-03 12:24:56 -07:00
udf Merge "Merge android-4.4.139 (7ba5557) into msm-4.4" 2018-07-10 22:43:57 -07:00
ufs Revert "do d_instantiate/unlock_new_inode combinations safely" 2018-07-03 16:23:54 -07:00
xfs Merge android-4.4.137 (a2e2217) into msm-4.4 2018-06-27 14:45:25 +05:30
aio.c aio: hold an extra file reference over AIO read/write operations 2018-09-10 08:29:21 -07:00
anon_inodes.c vfs: Allocate anon_inode_inode in anon_inode_init() 2014-03-27 09:52:54 -07:00
attr.c ANDROID: vfs: user permission2 in notify_change2 2017-03-14 15:54:59 -07:00
bad_inode.c don't bother with most of the bad_file_ops methods 2015-02-20 04:03:58 -05:00
binfmt_aout.c assorted conversions to %p[dD] 2014-11-19 13:01:20 -05:00
binfmt_elf.c UPSTREAM: ELF: Also pass any interpreter's file header to `arch_check_elf' 2018-02-05 08:58:29 -08:00
binfmt_elf_fdpic.c libnvdimm for 4.4: 2015-11-10 12:07:22 -08:00
binfmt_em86.c syscalls: implement execveat() system call 2014-12-13 12:42:51 -08:00
binfmt_flat.c fs/binfmt_flat.c: make old_reloc() static 2014-06-04 16:54:21 -07:00
binfmt_misc.c fs/binfmt_misc.c: do not allow offset overflow 2018-07-03 11:21:26 +02:00
binfmt_script.c syscalls: implement execveat() system call 2014-12-13 12:42:51 -08:00
block_dev.c block: Fix oops in locked_inode_to_wb_and_lock_list() 2017-10-18 12:06:08 +05:30
buffer.c Merge branch 'android-4.4@e76c0fa' into branch 'msm-4.4' 2017-06-20 14:55:15 -07:00
char_dev.c fs/char_dev.c: fix incorrect documentation for unregister_chrdev_region 2015-08-05 13:49:35 -07:00
compat.c vfs: make first argument of dir_context.actor typed 2014-10-31 17:48:54 -04:00
compat_binfmt_elf.c binfmt_elf: compat: avoid unused function warning 2018-02-25 11:03:51 +01:00
compat_ioctl.c Merge android-4.4.127 (d6bbe8b) into msm-4.4 2018-04-20 12:27:57 +05:30
coredump.c This is the 4.4.76 stable release 2017-07-05 16:16:58 +02:00
dax.c dax: disable pmd mappings 2015-11-16 23:54:45 -08:00
dcache.c Merge android-4.4.148 (f057ff9) into msm-4.4 2018-08-24 00:07:01 +05:30
dcookies.c fs/compat: fix lookup_dcookie() parameter handling 2014-01-29 16:22:40 -08:00
direct-io.c Merge android-4.4@d6fbbe5 (v4.4.93) into msm-4.4 2017-10-20 06:07:34 -07:00
drop_caches.c mm + fs: extends support for cache dropping 2016-03-23 21:24:12 -07:00
eventfd.c eventfd: don't take the spinlock in eventfd_poll 2015-02-17 14:34:52 -08:00
eventpoll.c This is the 4.4.87 stable release 2017-09-07 10:17:02 +02:00
exec.c kernel: Only expose su when daemon is running 2018-12-26 08:21:02 +01:00
fcntl.c fs/fcntl: f_setown, avoid undefined behaviour 2018-01-31 12:06:11 +01:00
fhandle.c fs/coredump: prevent fsuid=0 dumps into user-controlled directories 2016-04-12 09:08:58 -07:00
file.c Synchronize codes for OnePlus5 & 5T OxygenOS 9.0.0 2018-12-26 11:02:39 +08:00
file_table.c vfs: Add support to debug umount failures 2017-07-17 11:39:09 +05:30
filesystems.c sys_sysfs: Add CONFIG_SYSFS_SYSCALL 2014-04-03 16:21:05 -07:00
fs-writeback.c This is the 4.4.132 stable release 2018-05-16 11:32:47 +02:00
fs_pin.c fs_pin: Allow for the possibility that m_list or s_list go unused. 2015-04-09 11:39:55 -05:00
fs_struct.c ANDROID: fs: Export free_fs_struct and set_fs_pwd 2017-02-03 15:05:18 +05:30
inode.c Merge android-4.4.141 (b1bad9e) into msm-4.4 2018-07-24 12:10:47 +05:30
internal.h vfs: Add support to debug umount failures 2017-07-17 11:39:09 +05:30
ioctl.c fsioctl.c: make generic_block_fiemap() signal-tolerant 2015-02-10 14:30:30 -08:00
Kconfig Synchronize codes for OnePlus5 & 5T OxygenOS 9.0.0 2018-12-26 11:02:39 +08:00
Kconfig.binfmt mm: split ET_DYN ASLR from mmap ASLR 2015-04-14 16:49:05 -07:00
libfs.c fs: Set the size of empty dirs to 0. 2015-08-12 15:28:45 -05:00
locks.c locks: don't check for race with close when setting OFD lock 2018-01-17 09:35:27 +01:00
Makefile Synchronize codes for OnePlus5 & 5T OxygenOS 9.0.0 2018-12-26 11:02:39 +08:00
mbcache.c fs/mbcache: fix mb_cache_lru_list corruption 2017-06-12 13:11:12 +05:30
mbcache2.c BACKPORT: [UPSTREAM] mbcache2: reimplement mbcache 2017-04-18 18:24:00 -07:00
mount.h mnt: In propgate_umount handle visiting mounts in any order 2017-07-21 07:44:57 +02:00
mpage.c This is the 4.4.72 stable release 2017-06-14 16:33:25 +02:00
namei.c kernel: Fix potential refcount leak in su check 2018-12-26 08:21:02 +01:00
namespace.c Merge android-4.4.148 (f057ff9) into msm-4.4 2018-08-24 00:07:01 +05:30
no-block.c llseek: automatically add .llseek fop 2010-10-15 15:53:27 +02:00
nsfs.c nsfs: mark dentry with DCACHE_RCUACCESS 2018-02-16 20:09:43 +01:00
open.c This is the 4.4.77 stable release 2017-07-15 13:29:08 +02:00
pipe.c pipe: cap initial pipe capacity according to pipe-max-size limit 2018-05-26 08:48:51 +02:00
pnode.c This is the 4.4.78 stable release 2017-07-21 09:14:57 +02:00
pnode.h This is the 4.4.65 stable release 2017-04-30 07:30:52 +02:00
posix_acl.c tmpfs: clear S_ISGID when setting posix ACLs 2017-01-26 08:23:47 +01:00
proc_namespace.c ANDROID: vfs: Allow filesystems to access their private mount data 2017-02-03 14:16:53 +05:30
read_write.c vfs: Return -ENXIO for negative SEEK_HOLE / SEEK_DATA offsets 2017-10-05 09:41:45 +02:00
readdir.c kernel: Only expose su when daemon is running 2018-12-26 08:21:02 +01:00
select.c This is the 4.4.114 stable release 2018-01-31 14:08:55 +01:00
seq_file.c Make file credentials available to the seqfile interfaces 2017-08-06 19:19:42 -07:00
signalfd.c signalfd: fix information leak in signalfd_copyinfo 2015-08-07 04:39:40 +03:00
splice.c vfs: fix uninitialized flags in splice_to_pipe() 2017-02-23 17:43:09 +01:00
stack.c fs: fix comment for 'CONFIG_LBADF' 2014-08-26 09:35:56 +02:00
stat.c ufs: restore maintaining ->i_blocks 2017-06-14 13:16:24 +02:00
statfs.c vfs: allow O_PATH file descriptors for fstatfs() 2013-10-12 13:12:31 -07:00
super.c Merge android-4.4.120 (d63fdf6) into msm-4.4 2018-03-08 17:53:30 +05:30
sync.c ANDROID: sched: add a counter to track fsync 2017-03-14 13:07:19 -07:00
timerfd.c Synchronize codes for OnePlus5 & 5T OxygenOS 9.0.0 2018-12-26 11:02:39 +08:00
userfaultfd.c This is the 4.4.107 stable release 2017-12-20 10:49:07 +01:00
utimes.c ANDROID: vfs: Add setattr2 for filesystems with per mount permissions 2017-02-03 15:04:29 +05:30
xattr.c ANDROID: xattr: Pass EOPNOTSUPP to permission2 2018-01-24 13:14:17 -08:00