[PATCH v2 0/2] btrfs: scrub avoid use-after-free when chunk length is not 64K aligned

[Qu Wenruo <wqu@suse.com>]

[Changelog]
v2:
- Split out the RST code change
  So that backport can happen more smoothly.
  Furthermore, the RST specific part is really just a small enhancement.
  As RST would always do the btrfs_map_block(), even if we have a
  corrupted extent item beyond chunk, it would be properly caught,
  thus at most false alerts, no real use-after-free can happen after
  the first patch.

- Slight update on the commit message of the first patch
  Fix a copy-and-paste error of the number used to calculate the chunk
  end.
  Remove the RST scrub part, as we won't do any RST fix (although
  it would still sliently fix RST, since both RST and regular scrub
  share the same endio function)

There is a bug report about use-after-free during scrub and crash the
system.
It turns out to be a chunk whose lenght is not 64K aligned causing the
problem.

The first patch would be the proper fix, needs to be backported to all
kernel using newer scrub interface.

The 2nd patch is a small enhancement for RST scrub, inspired by the
above bug, which doesn't really need to be backported.

Qu Wenruo (2):
  btrfs: scrub: avoid use-after-free when chunk length is not 64K
    aligned
  btrfs: scrub: limit RST scrub to chunk boundary

 fs/btrfs/scrub.c | 36 +++++++++++++++++++++++++++++-------
 1 file changed, 29 insertions(+), 7 deletions(-)

-- 
2.43.0