Eric Lee / smarc-fsl-linux-kernel

03 Aug, 2018

1 commit

  • a3f94cb99   Squashfs: Compute expected length from inode size rather than block length ... Browse Code »

    Previously in squashfs_readpage() when copying data into the page
    cache, it used the length of the datablock read from the filesystem
    (after decompression). However, if the filesystem has been corrupted
    this data block may be short, which will leave pages unfilled.

    The fix for this is to compute the expected number of bytes to copy
    from the inode size, and use this to detect if the block is short.

    Signed-off-by: Phillip Lougher
    Tested-by: Willy Tarreau
    Cc: Анатолий Тросиненко
    Signed-off-by: Linus Torvalds

    Phillip Lougher
     

02 Aug, 2018

1 commit

  • cdbb65c4c   squashfs metadata 2: electric boogaloo ... Browse Code »

    Anatoly continues to find issues with fuzzed squashfs images.

    This time, corrupt, missing, or undersized data for the page filling
    wasn't checked for, because the squashfs_{copy,read}_cache() functions
    did the squashfs_copy_data() call without checking the resulting data
    size.

    Which could result in the page cache pages being incompletely filled in,
    and no error indication to the user space reading garbage data.

    So make a helper function for the "fill in pages" case, because the
    exact same incomplete sequence existed in two places.

    [ I should have made a squashfs branch for these things, but I didn't
    intend to start doing them in the first place.

    My historical connection through cramfs is why I got into looking at
    these issues at all, and every time I (continue to) think it's a
    one-off.

    Because _this_ time is always the last time. Right? - Linus ]

    Reported-by: Anatoly Trosinenko
    Tested-by: Willy Tarreau
    Cc: Al Viro
    Cc: Phillip Lougher
    Signed-off-by: Linus Torvalds

    Linus Torvalds
     

30 Jul, 2018

1 commit

  • 01cfb7937   squashfs: be more careful about metadata corruption ... Browse Code »

    Anatoly Trosinenko reports that a corrupted squashfs image can cause a
    kernel oops. It turns out that squashfs can end up being confused about
    negative fragment lengths.

    The regular squashfs_read_data() does check for negative lengths, but
    squashfs_read_metadata() did not, and the fragment size code just
    blindly trusted the on-disk value. Fix both the fragment parsing and
    the metadata reading code.

    Reported-by: Anatoly Trosinenko
    Cc: Al Viro
    Cc: Phillip Lougher
    Cc: stable@kernel.org
    Signed-off-by: Linus Torvalds

    Linus Torvalds
     

05 Apr, 2016

2 commits

  • ea1754a08   mm, fs: remove remaining PAGE_CACHE_* and page_cache_{get,release} usage ... Browse Code »

    Mostly direct substitution with occasional adjustment or removing
    outdated comments.

    Signed-off-by: Kirill A. Shutemov
    Acked-by: Michal Hocko
    Signed-off-by: Linus Torvalds

    Kirill A. Shutemov
     
  • 09cbfeaf1   mm, fs: get rid of PAGE_CACHE_* and page_cache_{get,release} macros ... Browse Code »

    PAGE_CACHE_{SIZE,SHIFT,MASK,ALIGN} macros were introduced *long* time
    ago with promise that one day it will be possible to implement page
    cache with bigger chunks than PAGE_SIZE.

    This promise never materialized. And unlikely will.

    We have many places where PAGE_CACHE_SIZE assumed to be equal to
    PAGE_SIZE. And it's constant source of confusion on whether
    PAGE_CACHE_* or PAGE_* constant should be used in a particular case,
    especially on the border between fs and mm.

    Global switching to PAGE_CACHE_SIZE != PAGE_SIZE would cause to much
    breakage to be doable.

    Let's stop pretending that pages in page cache are special. They are
    not.

    The changes are pretty straight-forward:

    - << (PAGE_CACHE_SHIFT - PAGE_SHIFT) -> ;

    - >> (PAGE_CACHE_SHIFT - PAGE_SHIFT) -> ;

    - PAGE_CACHE_{SIZE,SHIFT,MASK,ALIGN} -> PAGE_{SIZE,SHIFT,MASK,ALIGN};

    - page_cache_get() -> get_page();

    - page_cache_release() -> put_page();

    This patch contains automated changes generated with coccinelle using
    script below. For some reason, coccinelle doesn't patch header files.
    I've called spatch for them manually.

    The only adjustment after coccinelle is revert of changes to
    PAGE_CAHCE_ALIGN definition: we are going to drop it later.

    There are few places in the code where coccinelle didn't reach. I'll
    fix them manually in a separate patch. Comments and documentation also
    will be addressed with the separate patch.

    virtual patch

    @@
    expression E;
    @@
    - E << (PAGE_CACHE_SHIFT - PAGE_SHIFT)
    + E

    @@
    expression E;
    @@
    - E >> (PAGE_CACHE_SHIFT - PAGE_SHIFT)
    + E

    @@
    @@
    - PAGE_CACHE_SHIFT
    + PAGE_SHIFT

    @@
    @@
    - PAGE_CACHE_SIZE
    + PAGE_SIZE

    @@
    @@
    - PAGE_CACHE_MASK
    + PAGE_MASK

    @@
    expression E;
    @@
    - PAGE_CACHE_ALIGN(E)
    + PAGE_ALIGN(E)

    @@
    expression E;
    @@
    - page_cache_get(E)
    + get_page(E)

    @@
    expression E;
    @@
    - page_cache_release(E)
    + put_page(E)

    Signed-off-by: Kirill A. Shutemov
    Acked-by: Michal Hocko
    Signed-off-by: Linus Torvalds

    Kirill A. Shutemov
     

20 Nov, 2013

1 commit

  • 5f55dbc0c   Squashfs: Restructure squashfs_readpage() ... Browse Code »

    Restructure squashfs_readpage() splitting it into separate
    functions for datablocks, fragments and sparse blocks.

    Move the memcpying (from squashfs cache entry) implementation of
    squashfs_readpage_block into file_cache.c

    This allows different implementations to be supported.

    Signed-off-by: Phillip Lougher
    Reviewed-by: Minchan Kim

    Phillip Lougher
     

20 Mar, 2012

1 commit

26 May, 2011

1 commit

21 Jan, 2010

1 commit

05 Jan, 2009

1 commit