On Mon, Apr 26, 2021 at 04:29:33PM +0800, Gao Xiang wrote:
commit 0dcd3c94e02438f4a571690e26f4ee997524102a upstream.
Each ondisk inode should be aligned with inode slot boundary (32-byte alignment) because of nid calculation formula, so all compact inodes (32 byte) cannot across page boundary. However, extended inode is now 64-byte form, which can across page boundary in principle if the location is specified on purpose, although it's hard to be generated by mkfs due to the allocation policy and rarely used by Android use case now mainly for > 4GiB files.
For now, only two fields `i_ctime_nsec` and `i_nlink' couldn't be read from disk properly and cause out-of-bound memory read with random value.
Let's fix now.
Fixes: 431339ba9042 ("staging: erofs: add inode operations") Cc: stable@vger.kernel.org # 4.19+ Link: https://lore.kernel.org/r/20200729175801.GA23973@xiangao.remote.csb Reviewed-by: Chao Yu yuchao0@huawei.com [ Gao Xiang: resolve non-trivial conflicts for latest 4.19.y. ] Signed-off-by: Gao Xiang hsiangkao@redhat.com
drivers/staging/erofs/inode.c | 135 ++++++++++++++++++++++------------ 1 file changed, 90 insertions(+), 45 deletions(-)
Thanks for the backport, I'll queue it up after this latest round of stable kernels is released later this week.
greg k-h