Commit fe2c8191 authored by Thiemo Nagel's avatar Thiemo Nagel Committed by Theodore Ts'o

ext4: add checks of block references for non-extent inodes

Check block references in the inode and indorect blocks for non-extent
inodes to make sure they are valid, and flag an error if they are
invalid.
Signed-off-by: default avatarThiemo Nagel <thiemo.nagel@ph.tum.de>
Signed-off-by: default avatar"Theodore Ts'o" <tytso@mit.edu>
parent 563bdd61
...@@ -371,6 +371,34 @@ static int ext4_block_to_path(struct inode *inode, ...@@ -371,6 +371,34 @@ static int ext4_block_to_path(struct inode *inode,
return n; return n;
} }
static int __ext4_check_blockref(const char *function, struct inode *inode,
unsigned int *p, unsigned int max) {
unsigned int maxblocks = ext4_blocks_count(EXT4_SB(inode->i_sb)->s_es);
unsigned int *bref = p;
while (bref < p+max) {
if (unlikely(*bref >= maxblocks)) {
ext4_error(inode->i_sb, function,
"block reference %u >= max (%u) "
"in inode #%lu, offset=%d",
*bref, maxblocks,
inode->i_ino, (int)(bref-p));
return -EIO;
}
bref++;
}
return 0;
}
#define ext4_check_indirect_blockref(inode, bh) \
__ext4_check_blockref(__func__, inode, (__le32 *)(bh)->b_data, \
EXT4_ADDR_PER_BLOCK((inode)->i_sb))
#define ext4_check_inode_blockref(inode) \
__ext4_check_blockref(__func__, inode, EXT4_I(inode)->i_data, \
EXT4_NDIR_BLOCKS)
/** /**
* ext4_get_branch - read the chain of indirect blocks leading to data * ext4_get_branch - read the chain of indirect blocks leading to data
* @inode: inode in question * @inode: inode in question
...@@ -415,9 +443,22 @@ static Indirect *ext4_get_branch(struct inode *inode, int depth, ...@@ -415,9 +443,22 @@ static Indirect *ext4_get_branch(struct inode *inode, int depth,
if (!p->key) if (!p->key)
goto no_block; goto no_block;
while (--depth) { while (--depth) {
bh = sb_bread(sb, le32_to_cpu(p->key)); bh = sb_getblk(sb, le32_to_cpu(p->key));
if (!bh) if (unlikely(!bh))
goto failure;
if (!bh_uptodate_or_lock(bh)) {
if (bh_submit_read(bh) < 0) {
put_bh(bh);
goto failure;
}
/* validate block references */
if (ext4_check_indirect_blockref(inode, bh)) {
put_bh(bh);
goto failure; goto failure;
}
}
add_chain(++p, bh, (__le32 *)bh->b_data + *++offsets); add_chain(++p, bh, (__le32 *)bh->b_data + *++offsets);
/* Reader: end */ /* Reader: end */
if (!p->key) if (!p->key)
...@@ -4371,13 +4412,17 @@ struct inode *ext4_iget(struct super_block *sb, unsigned long ino) ...@@ -4371,13 +4412,17 @@ struct inode *ext4_iget(struct super_block *sb, unsigned long ino)
if (ei->i_flags & EXT4_EXTENTS_FL) { if (ei->i_flags & EXT4_EXTENTS_FL) {
/* Validate extent which is part of inode */ /* Validate extent which is part of inode */
ret = ext4_ext_check_inode(inode); ret = ext4_ext_check_inode(inode);
} else if (S_ISREG(inode->i_mode) || S_ISDIR(inode->i_mode) ||
(S_ISLNK(inode->i_mode) &&
!ext4_inode_is_fast_symlink(inode))) {
/* Validate block references which are part of inode */
ret = ext4_check_inode_blockref(inode);
}
if (ret) { if (ret) {
brelse(bh); brelse(bh);
goto bad_inode; goto bad_inode;
} }
}
if (S_ISREG(inode->i_mode)) { if (S_ISREG(inode->i_mode)) {
inode->i_op = &ext4_file_inode_operations; inode->i_op = &ext4_file_inode_operations;
inode->i_fop = &ext4_file_operations; inode->i_fop = &ext4_file_operations;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment