From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Borislav Petkov <bp@alien8.de>,
Nikolay Borisov <kernel@kyup.com>, Theodore Tso <tytso@mit.edu>
Subject: [PATCH 4.4 12/31] ext4: sanity check the block and cluster size at mount time
Date: Thu, 24 Nov 2016 15:55:33 +0100 [thread overview]
Message-ID: <20161124145447.608223111@linuxfoundation.org> (raw)
In-Reply-To: <20161124145446.993225208@linuxfoundation.org>
4.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Theodore Ts'o <tytso@mit.edu>
commit 8cdf3372fe8368f56315e66bea9f35053c418093 upstream.
If the block size or cluster size is insane, reject the mount. This
is important for security reasons (although we shouldn't be just
depending on this check).
Ref: http://www.securityfocus.com/archive/1/539661
Ref: https://bugzilla.redhat.com/show_bug.cgi?id=1332506
Reported-by: Borislav Petkov <bp@alien8.de>
Reported-by: Nikolay Borisov <kernel@kyup.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
fs/ext4/ext4.h | 1 +
fs/ext4/super.c | 17 ++++++++++++++++-
2 files changed, 17 insertions(+), 1 deletion(-)
--- a/fs/ext4/ext4.h
+++ b/fs/ext4/ext4.h
@@ -221,6 +221,7 @@ struct ext4_io_submit {
#define EXT4_MAX_BLOCK_SIZE 65536
#define EXT4_MIN_BLOCK_LOG_SIZE 10
#define EXT4_MAX_BLOCK_LOG_SIZE 16
+#define EXT4_MAX_CLUSTER_LOG_SIZE 30
#ifdef __KERNEL__
# define EXT4_BLOCK_SIZE(s) ((s)->s_blocksize)
#else
--- a/fs/ext4/super.c
+++ b/fs/ext4/super.c
@@ -3394,7 +3394,15 @@ static int ext4_fill_super(struct super_
if (blocksize < EXT4_MIN_BLOCK_SIZE ||
blocksize > EXT4_MAX_BLOCK_SIZE) {
ext4_msg(sb, KERN_ERR,
- "Unsupported filesystem blocksize %d", blocksize);
+ "Unsupported filesystem blocksize %d (%d log_block_size)",
+ blocksize, le32_to_cpu(es->s_log_block_size));
+ goto failed_mount;
+ }
+ if (le32_to_cpu(es->s_log_block_size) >
+ (EXT4_MAX_BLOCK_LOG_SIZE - EXT4_MIN_BLOCK_LOG_SIZE)) {
+ ext4_msg(sb, KERN_ERR,
+ "Invalid log block size: %u",
+ le32_to_cpu(es->s_log_block_size));
goto failed_mount;
}
@@ -3533,6 +3541,13 @@ static int ext4_fill_super(struct super_
"block size (%d)", clustersize, blocksize);
goto failed_mount;
}
+ if (le32_to_cpu(es->s_log_cluster_size) >
+ (EXT4_MAX_CLUSTER_LOG_SIZE - EXT4_MIN_BLOCK_LOG_SIZE)) {
+ ext4_msg(sb, KERN_ERR,
+ "Invalid log cluster size: %u",
+ le32_to_cpu(es->s_log_cluster_size));
+ goto failed_mount;
+ }
sbi->s_cluster_bits = le32_to_cpu(es->s_log_cluster_size) -
le32_to_cpu(es->s_log_block_size);
sbi->s_clusters_per_group =
next prev parent reply other threads:[~2016-11-24 14:56 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20161124145446.993225208@linuxfoundation.org>
2016-11-24 14:55 ` [PATCH 4.4 01/31] x86/cpu/AMD: Fix cpu_llc_id for AMD Fam17h systems Greg Kroah-Hartman
2016-11-24 14:55 ` [PATCH 4.4 04/31] fuse: fix fuse_write_end() if zero bytes were copied Greg Kroah-Hartman
2016-11-24 14:55 ` [PATCH 4.4 05/31] mfd: intel-lpss: Do not put device in reset state on suspend Greg Kroah-Hartman
2016-11-24 15:25 ` Shaikh, Azhar
2016-11-24 14:55 ` [PATCH 4.4 06/31] can: bcm: fix warning in bcm_connect/proc_register Greg Kroah-Hartman
2016-11-24 14:55 ` [PATCH 4.4 07/31] i2c: mux: fix up dependencies Greg Kroah-Hartman
2016-11-24 14:55 ` [PATCH 4.4 09/31] scripts/has-stack-protector: add -fno-PIE Greg Kroah-Hartman
2016-11-24 14:55 ` [PATCH 4.4 10/31] x86/kexec: " Greg Kroah-Hartman
2016-11-24 14:55 ` [PATCH 4.4 11/31] kbuild: Steal gccs pie from the very beginning Greg Kroah-Hartman
2016-11-24 14:55 ` Greg Kroah-Hartman [this message]
2016-11-24 14:55 ` [PATCH 4.4 15/31] clk: mmp: pxa910: fix return value check in pxa910_clk_init() Greg Kroah-Hartman
2016-11-24 14:55 ` [PATCH 4.4 16/31] clk: mmp: pxa168: fix return value check in pxa168_clk_init() Greg Kroah-Hartman
2016-11-24 14:55 ` [PATCH 4.4 17/31] clk: mmp: mmp2: fix return value check in mmp2_clk_init() Greg Kroah-Hartman
2016-11-24 14:55 ` [PATCH 4.4 18/31] rtc: omap: Fix selecting external osc Greg Kroah-Hartman
2016-11-24 14:55 ` [PATCH 4.4 19/31] iwlwifi: pcie: fix SPLC structure parsing Greg Kroah-Hartman
2016-11-24 14:55 ` [PATCH 4.4 20/31] mfd: core: Fix device reference leak in mfd_clone_cell Greg Kroah-Hartman
2016-11-24 14:55 ` [PATCH 4.4 21/31] uwb: fix device reference leaks Greg Kroah-Hartman
2016-11-24 14:55 ` [PATCH 4.4 22/31] PM / sleep: fix device reference leak in test_suspend Greg Kroah-Hartman
2016-11-24 14:55 ` [PATCH 4.4 23/31] PM / sleep: dont suspend parent when async child suspend_{noirq, late} fails Greg Kroah-Hartman
2016-11-24 14:55 ` [PATCH 4.4 24/31] IB/mlx4: Check gid_index return value Greg Kroah-Hartman
2016-11-24 14:55 ` [PATCH 4.4 25/31] IB/mlx4: Fix create CQ error flow Greg Kroah-Hartman
2016-11-24 14:55 ` [PATCH 4.4 26/31] IB/mlx5: Use cache line size to select CQE stride Greg Kroah-Hartman
2016-11-24 14:55 ` [PATCH 4.4 27/31] IB/mlx5: Fix fatal error dispatching Greg Kroah-Hartman
2016-11-24 14:55 ` [PATCH 4.4 28/31] IB/core: Avoid unsigned int overflow in sg_alloc_table Greg Kroah-Hartman
2016-11-24 14:55 ` [PATCH 4.4 29/31] IB/uverbs: Fix leak of XRC target QPs Greg Kroah-Hartman
2016-11-24 14:55 ` [PATCH 4.4 30/31] IB/cm: Mark stale CM ids whenever the mad agent was unregistered Greg Kroah-Hartman
2016-11-24 14:55 ` [PATCH 4.4 31/31] netfilter: nft_dynset: fix element timeout for HZ != 1000 Greg Kroah-Hartman
2016-11-24 23:13 ` [PATCH 4.4 00/31] 4.4.35-stable review Guenter Roeck
[not found] ` <5837c0c8.54161c0a.7b168.f7d1@mx.google.com>
2016-11-25 9:47 ` Greg Kroah-Hartman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20161124145447.608223111@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=bp@alien8.de \
--cc=kernel@kyup.com \
--cc=linux-kernel@vger.kernel.org \
--cc=stable@vger.kernel.org \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).