From: Willy Tarreau <w@1wt.eu>
To: linux-kernel@vger.kernel.org, stable@kernel.org
Cc: Mingming Cao <cmm@us.ibm.com>, Yan Zheng <yanzheng@21cn.com>,
<linux-ext4@vger.kernel.org>,
Andrew Morton <akpm@linux-foundation.org>,
Greg Kroah-Hartman <gregkh@suse.de>, Willy Tarreau <w@1wt.eu>
Subject: [2.6.20.17 review 26/58] "ext4_ext_put_in_cache" uses __u32 to receive physical block number
Date: Wed, 22 Aug 2007 11:39:10 +0200 [thread overview]
Message-ID: <20070822084011.%N@1wt.eu> (raw)
In-Reply-To: 20070822083844.%N@1wt.eu
[-- Attachment #1: 0026-ext4_ext_put_in_cache-uses-__u32-to-receive-physic.patch --]
[-- Type: text/plain, Size: 1631 bytes --]
Yan Zheng wrote:
> I think I found a bug in ext4/extents.c, "ext4_ext_put_in_cache" uses
> "__u32" to receive physical block number. "ext4_ext_put_in_cache" is
> used in "ext4_ext_get_blocks", it sets ext4 inode's extent cache
> according most recently tree lookup (higher 16 bits of saved physical
> block number are always zero). when serving a mapping request,
> "ext4_ext_get_blocks" first check whether the logical block is in
> inode's extent cache. if the logical block is in the cache and the
> cached region isn't a gap, "ext4_ext_get_blocks" gets physical block
> number by using cached region's physical block number and offset in
> the cached region. as described above, "ext4_ext_get_blocks" may
> return wrong result when there are physical block numbers bigger than
> 0xffffffff.
>
You are right. Thanks for reporting this!
Signed-off-by: Mingming Cao <cmm@us.ibm.com>
Cc: Yan Zheng <yanzheng@21cn.com>
Cc: <linux-ext4@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Signed-off-by: Willy Tarreau <w@1wt.eu>
---
fs/ext4/extents.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/fs/ext4/extents.c b/fs/ext4/extents.c
index dc2724f..14b0b49 100644
--- a/fs/ext4/extents.c
+++ b/fs/ext4/extents.c
@@ -1397,7 +1397,7 @@ int ext4_ext_walk_space(struct inode *inode, unsigned long block,
static void
ext4_ext_put_in_cache(struct inode *inode, __u32 block,
- __u32 len, __u32 start, int type)
+ __u32 len, ext4_fsblk_t start, int type)
{
struct ext4_ext_cache *cex;
BUG_ON(len == 0);
--
1.5.2.5
--
next prev parent reply other threads:[~2007-08-22 9:39 UTC|newest]
Thread overview: 86+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-08-22 8:38 [2.6.20.17 review 00/58] 2.6.20.17 -stable review Willy Tarreau
2007-08-22 9:38 ` [2.6.20.17 review 01/58] Fix IPCOMP crashes Willy Tarreau
2007-08-22 9:38 ` [2.6.20.17 review 03/58] SCTP scope_id handling fix Willy Tarreau
2007-08-22 9:38 ` [2.6.20.17 review 04/58] gen estimator timer unload race Willy Tarreau
2007-08-22 9:38 ` [2.6.20.17 review 05/58] gen estimator deadlock fix Willy Tarreau
2007-08-22 9:38 ` [2.6.20.17 review 07/58] Fix ipv6 link down handling Willy Tarreau
2007-08-22 9:38 ` [2.6.20.17 review 08/58] Netpoll leak Willy Tarreau
2007-08-22 9:38 ` [2.6.20.17 review 09/58] Sparc64 bootup assembler bug Willy Tarreau
2007-08-22 9:38 ` [2.6.20.17 review 11/58] Fix sparc32 udelay() rounding errors Willy Tarreau
2007-08-22 9:38 ` [2.6.20.17 review 13/58] KVM: SVM: Reliably detect if SVM was disabled by BIOS Willy Tarreau
2007-08-22 9:38 ` [2.6.20.17 review 14/58] USB: fix warning caused by autosuspend counter going negative Willy Tarreau
2007-08-22 9:38 ` [2.6.20.17 review 15/58] aacraid: fix security hole Willy Tarreau
2007-08-22 9:39 ` [2.6.20.17 review 16/58] V4L: Add check for valid control ID to v4l2_ctrl_next Willy Tarreau
2007-08-22 9:39 ` [2.6.20.17 review 17/58] V4L: wm8775/wm8739: Fix memory leak when unloading module Willy Tarreau
2007-08-22 9:39 ` [2.6.20.17 review 18/58] splice: fix double page unlock Willy Tarreau
2007-08-22 9:39 ` [2.6.20.17 review 19/58] drm/i915: Fix i965 secured batchbuffer usage (CVE-2007-3851) Willy Tarreau
2007-08-22 9:39 ` [2.6.20.17 review 20/58] Fix leak on /proc/lockdep_stats Willy Tarreau
2007-08-22 9:39 ` [2.6.20.17 review 21/58] CPU online file permission Willy Tarreau
2007-08-22 9:39 ` [2.6.20.17 review 22/58] Fix user struct leakage with locked IPC shem segment Willy Tarreau
2007-08-22 9:39 ` [2.6.20.17 review 23/58] md: handle writes to broken raid10 arrays gracefully Willy Tarreau
2007-08-22 9:39 ` [2.6.20.17 review 24/58] md: raid10: fix use-after-free of bio Willy Tarreau
2007-08-22 9:39 ` [2.6.20.17 review 25/58] pcmcia: give socket time to power down Willy Tarreau
2007-08-22 9:39 ` Willy Tarreau [this message]
2007-08-22 9:39 ` [2.6.20.17 review 27/58] Include serial_reg.h with userspace headers Willy Tarreau
2007-08-22 9:23 ` Russell King
2007-08-22 12:22 ` Willy Tarreau
2007-08-22 9:39 ` [2.6.20.17 review 28/58] dm io: fix panic on large request Willy Tarreau
2007-08-22 9:39 ` [2.6.20.17 review 29/58] softmac: Fix ESSID problem Willy Tarreau
2007-08-22 9:39 ` [2.6.20.17 review 30/58] nfsd: fix possible read-ahead cache and export table corruption Willy Tarreau
2007-08-22 9:39 ` [2.6.20.17 review 31/58] readahead: MIN_RA_PAGES/MAX_RA_PAGES macros Willy Tarreau
2007-08-22 9:39 ` [2.6.20.17 review 32/58] fs: 9p/conv.c error path fix Willy Tarreau
2007-08-22 15:53 ` Eric Van Hensbergen
2007-08-22 16:06 ` Willy Tarreau
2007-08-22 18:59 ` [stable] " Greg KH
2007-08-22 20:31 ` Willy Tarreau
2007-08-22 9:39 ` [2.6.20.17 review 33/58] forcedeth bug fix: cicada phy Willy Tarreau
2007-08-22 9:39 ` [2.6.20.17 review 34/58] forcedeth bug fix: vitesse phy Willy Tarreau
2007-08-22 9:39 ` [2.6.20.17 review 35/58] forcedeth bug fix: realtek phy Willy Tarreau
2007-08-22 15:56 ` Chuck Ebbert
2007-08-22 16:10 ` Willy Tarreau
2007-08-22 18:15 ` Prakash Punnoor
2007-08-22 20:42 ` Willy Tarreau
2007-08-22 23:05 ` Greg KH
2007-08-23 15:50 ` Prakash Punnoor
2007-08-23 16:55 ` [stable] " Greg KH
2007-08-23 19:27 ` [PATCH] fix realtek phy id in forcedeth Willy Tarreau
2007-08-25 4:01 ` Jeff Garzik
2007-08-22 9:39 ` [2.6.20.17 review 36/58] acpi-cpufreq: Proper ReadModifyWrite of PERF_CTL MSR Willy Tarreau
2007-08-22 9:39 ` [2.6.20.17 review 37/58] jbd commit: fix transaction dropping Willy Tarreau
2007-08-22 9:39 ` [2.6.20.17 review 38/58] jbd2 " Willy Tarreau
2007-08-22 9:39 ` [2.6.20.17 review 39/58] hugetlb: fix race in alloc_fresh_huge_page() Willy Tarreau
2007-08-22 9:39 ` [2.6.20.17 review 40/58] do not limit locked memory when RLIMIT_MEMLOCK is RLIM_INFINITY Willy Tarreau
2007-08-22 9:39 ` [2.6.20.17 review 41/58] drivers/video/macmodes.c:mac_find_mode() mustnt be __devinit Willy Tarreau
2007-08-22 9:39 ` [2.6.20.17 review 42/58] nfsd: fix possible oops on re-insertion of rpcsec_gss modules Willy Tarreau
2007-08-22 9:39 ` [2.6.20.17 review 43/58] dm snapshot: permit invalid activation Willy Tarreau
2007-08-22 9:39 ` [2.6.20.17 review 45/58] Hangup TTY before releasing rfcomm_dev Willy Tarreau
2007-08-22 9:39 ` [2.6.20.17 review 46/58] Keep rfcomm_dev on the list until it is freed Willy Tarreau
2007-08-22 9:39 ` [2.6.20.17 review 47/58] IPV6: /proc/net/anycast6 unbalanced inet6_dev refcnt Willy Tarreau
2007-08-22 9:39 ` [2.6.20.17 review 48/58] sx: switch subven and subid values Willy Tarreau
2007-08-22 9:39 ` [2.6.20.17 review 49/58] UML: exports for hostfs Willy Tarreau
2007-08-22 9:39 ` [2.6.20.17 review 50/58] random: fix bound check ordering (CVE-2007-3105) Willy Tarreau
2007-08-22 9:39 ` [2.6.20.17 review 51/58] softmac: Fix deadlock of wx_set_essid with assoc work Willy Tarreau
2007-08-22 9:39 ` [2.6.20.17 review 52/58] ata_piix: update map 10b for ich8m Willy Tarreau
2007-08-22 9:39 ` [2.6.20.17 review 53/58] direct-io: fix error-path crashes Willy Tarreau
2007-08-22 9:39 ` [2.6.20.17 review 54/58] stifb: detect cards in double buffer mode more reliably Willy Tarreau
2007-08-22 9:39 ` [2.6.20.17 review 55/58] pata_atiixp: add SB700 PCI ID Willy Tarreau
2007-08-22 9:39 ` [2.6.20.17 review 57/58] CPUFREQ: ondemand: add a check to avoid negative load calculation Willy Tarreau
2007-08-22 9:39 ` [2.6.20.17 review 58/58] Reset current->pdeath_signal on SUID binary execution (CVE-2007-3848) Willy Tarreau
2007-08-22 11:10 ` [2.6.20.17 review 00/58] 2.6.20.17 -stable review Michal Piotrowski
2007-08-22 12:10 ` Willy Tarreau
2007-08-22 13:23 ` James Morris
2007-08-22 13:36 ` Stephen Smalley
2007-08-22 13:42 ` Stephen Smalley
2007-08-22 14:08 ` James Morris
2007-08-22 14:29 ` Michal Piotrowski
2007-08-22 14:32 ` Stephen Smalley
2007-08-22 16:33 ` James Morris
2007-08-22 16:46 ` Michal Piotrowski
2007-08-22 17:38 ` James Morris
2007-08-22 18:08 ` Michal Piotrowski
2007-08-22 17:50 ` Michal Piotrowski
2007-08-22 19:15 ` Stephen Smalley
2007-08-22 20:16 ` Willy Tarreau
2007-08-23 11:13 ` Michal Piotrowski
2007-08-23 14:08 ` Willy Tarreau
2007-08-22 13:38 ` James Morris
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20070822084011.%N@1wt.eu \
--to=w@1wt.eu \
--cc=akpm@linux-foundation.org \
--cc=cmm@us.ibm.com \
--cc=gregkh@suse.de \
--cc=linux-ext4@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=stable@kernel.org \
--cc=yanzheng@21cn.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.