Anant Thazhemadam 6a253f385a gfs2: add validation checks for size of superblock ... [ Upstream commit 0ddc5154b24c96f20e94d653b0a814438de6032b ] In gfs2_check_sb(), no validation checks are performed with regards to the size of the superblock. syzkaller detected a slab-out-of-bounds bug that was primarily caused because the block size for a superblock was set to zero. A valid size for a superblock is a power of 2 between 512 and PAGE_SIZE. Performing validation checks and ensuring that the size of the superblock is valid fixes this bug. Reported-by: syzbot+af90d47a37376844e731@syzkaller.appspotmail.com Tested-by: syzbot+af90d47a37376844e731@syzkaller.appspotmail.com Suggested-by: Andrew Price <anprice@redhat.com> Signed-off-by: Anant Thazhemadam <anant.thazhemadam@gmail.com> [Minor code reordering.] Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com> Signed-off-by: Sasha Levin <sashal@kernel.org>		2020-11-05 11:08:44 +01:00
..
acl.c	gfs2: using posix_acl_xattr_size instead of posix_acl_to_xattr	2018-07-24 20:02:11 +02:00
acl.h
aops.c	gfs2: use iomap_readpage for blocksize == PAGE_SIZE	2018-07-25 00:08:49 +02:00
aops.h	gfs2: iomap buffered write support	2018-07-02 16:27:17 +01:00
bmap.c	gfs2: Another gfs2_walk_metadata fix	2020-05-20 08:18:41 +02:00
bmap.h	gfs2: Iomap cleanups and improvements	2018-06-04 07:56:51 -05:00
dentry.c
dir.c	gfs2: remove redundant variable 'moved'	2018-07-25 00:08:59 +02:00
dir.h
export.c
file.c	gfs2: fix O_SYNC write handling	2020-02-11 04:34:07 -08:00
gfs2.h
glock.c	Revert "gfs2: Don't demote a glock until its revokes are written"	2020-05-27 17:37:42 +02:00
glock.h	gfs2: gfs2_evict_inode: Put glocks asynchronously	2017-08-10 10:45:21 -05:00
glops.c	gfs2: initialize transaction tr_ailX_lists earlier	2020-09-23 12:10:56 +02:00
glops.h
incore.h	gfs2: slow the deluge of io error messages	2019-11-24 08:20:26 +01:00
inode.c	gfs2: clean up iopen glock mess in gfs2_create_inode	2020-10-01 13:14:28 +02:00
inode.h	gfs2: Implement SEEK_HOLE / SEEK_DATA via iomap	2017-10-31 14:26:35 +01:00
Kconfig	gfs2: Fix the crc32c dependency	2018-02-01 11:25:31 -07:00
lock_dlm.c	gfs2: Fix sign extension bug in gfs2_update_stats	2019-05-31 06:46:02 -07:00
log.c	gfs2: initialize transaction tr_ailX_lists earlier	2020-09-23 12:10:56 +02:00
log.h	gfs2: fix glock reference problem in gfs2_trans_remove_revoke	2019-12-17 20:35:55 +01:00
lops.c	gfs2: fix glock reference problem in gfs2_trans_remove_revoke	2019-12-17 20:35:55 +01:00
lops.h	GFS2: Introduce new gfs2_log_header_v2	2018-01-23 07:38:53 -07:00
main.c	gfs2: Fix wrong error handling in init_gfs2_fs()	2017-11-27 10:47:22 -06:00
Makefile	License cleanup: add SPDX GPL-2.0 license identifier to files with no license	2017-11-02 11:10:55 +01:00
meta_io.c	gfs2: Don't withdraw under a spin lock	2018-06-21 07:39:44 -05:00
meta_io.h
ops_fstype.c	gfs2: add validation checks for size of superblock	2020-11-05 11:08:44 +01:00
quota.c	gfs2: move privileged user check to gfs2_quota_lock_check	2020-06-03 08:19:28 +02:00
quota.h	gfs2: move privileged user check to gfs2_quota_lock_check	2020-06-03 08:19:28 +02:00
recovery.c	GFS2: Fix recovery issues for spectators	2018-07-25 00:06:24 +02:00
recovery.h
rgrp.c	gfs2: Fix marking bitmaps non-full	2019-12-01 09:16:15 +01:00
rgrp.h	GFS2: Non-recursive delete	2017-04-19 08:25:43 -04:00
super.c	GFS2: Flush the GFS2 delete workqueue before stopping the kernel threads	2019-11-24 08:20:48 +01:00
super.h
sys.c	GFS2: Fix recovery issues for spectators	2018-07-25 00:06:24 +02:00
sys.h
trace_gfs2.h	gfs2: eliminate rs_inum and reduce the size of gfs2 inodes	2018-06-21 07:39:31 -05:00
trans.c	gfs2: initialize transaction tr_ailX_lists earlier	2020-09-23 12:10:56 +02:00
trans.h	gfs2: Eliminate redundant ip->i_rgd	2018-07-05 17:47:16 +02:00
util.c	gfs2: slow the deluge of io error messages	2019-11-24 08:20:26 +01:00
util.h	gfs2: Don't withdraw under a spin lock	2018-06-21 07:39:44 -05:00
xattr.c	gfs2: Get rid of gfs2_ea_strlen	2018-08-03 13:20:02 +01:00
xattr.h