From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mx2.suse.de ([195.135.220.15]:51408 "EHLO mx2.suse.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S932172AbcFCPm5 (ORCPT ); Fri, 3 Jun 2016 11:42:57 -0400 Received: from relay1.suse.de (charybdis-ext.suse.de [195.135.220.254]) by mx2.suse.de (Postfix) with ESMTP id 09E0FAC3D for ; Fri, 3 Jun 2016 15:42:56 +0000 (UTC) From: David Sterba To: stable@vger.kernel.org Subject: [PATCH 05/21] btrfs: avoid overflowing f_bfree Date: Fri, 3 Jun 2016 17:42:17 +0200 Message-Id: <1464968537-6404-1-git-send-email-dsterba@suse.com> In-Reply-To: <20160603154006.GP29147@suse.cz> References: <20160603154006.GP29147@suse.cz> Sender: stable-owner@vger.kernel.org List-ID: From: Luis de Bethencourt commit 41b34accb265e3a20211a7a8ef3625678f1c6ec7 upstream. Since mixed block groups accounting isn't byte-accurate and f_bree is an unsigned integer, it could overflow. Avoid this. Signed-off-by: Luis de Bethencourt Suggested-by: David Sterba Signed-off-by: David Sterba --- fs/btrfs/super.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/fs/btrfs/super.c b/fs/btrfs/super.c index 4e6f842b5ad2..468e988d8110 100644 --- a/fs/btrfs/super.c +++ b/fs/btrfs/super.c @@ -2073,7 +2073,11 @@ static int btrfs_statfs(struct dentry *dentry, struct kstatfs *buf) /* Account global block reserve as used, it's in logical size already */ spin_lock(&block_rsv->lock); - buf->f_bfree -= block_rsv->size >> bits; + /* Mixed block groups accounting is not byte-accurate, avoid overflow */ + if (buf->f_bfree >= block_rsv->size >> bits) + buf->f_bfree -= block_rsv->size >> bits; + else + buf->f_bfree = 0; spin_unlock(&block_rsv->lock); buf->f_bavail = div_u64(total_free_data, factor); -- 2.7.1