From patchwork Fri Jul 1 15:27:52 2011 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tao Ma X-Patchwork-Id: 102915 Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id DEAA5B6F5B for ; Sat, 2 Jul 2011 01:30:29 +1000 (EST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751576Ab1GAPa2 (ORCPT ); Fri, 1 Jul 2011 11:30:28 -0400 Received: from oproxy1-pub.bluehost.com ([66.147.249.253]:45169 "HELO oproxy1-pub.bluehost.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with SMTP id S1751333Ab1GAPa2 (ORCPT ); Fri, 1 Jul 2011 11:30:28 -0400 Received: (qmail 13193 invoked by uid 0); 1 Jul 2011 15:30:27 -0000 Received: from unknown (HELO box585.bluehost.com) (66.147.242.185) by cpoproxy1.bluehost.com with SMTP; 1 Jul 2011 15:30:27 -0000 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=default; d=tao.ma; h=Received:From:To:Cc:Subject:Date:Message-Id:X-Mailer:In-Reply-To:References:X-Identified-User; b=qAQ/oajPzkbjUFB00XVS5PXeaiKzT4o1XwyePrkA03+dyH3mKx4H+FH+5pevZkEBJTcbcFAaLMCenn0bM/hd411vn7YwhNKXEp4OkKpIJYKMlBWawfH//NmSSvgTKvMV; Received: from [221.217.32.225] (helo=localhost.localdomain) by box585.bluehost.com with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.69) (envelope-from ) id 1Qcffm-0005kf-6L; Fri, 01 Jul 2011 09:30:27 -0600 From: Tao Ma To: linux-ext4@vger.kernel.org Cc: tytso@mit.edu, Lukas Czerner Subject: [PATCH 1/5] ext4: fix trim length underflow with small trim length. Date: Fri, 1 Jul 2011 23:27:52 +0800 Message-Id: <1309534076-2784-1-git-send-email-tm@tao.ma> X-Mailer: git-send-email 1.7.4.1 In-Reply-To: <4E0DE63A.7030103@tao.ma> References: <4E0DE63A.7030103@tao.ma> X-Identified-User: {1390:box585.bluehost.com:colyli:tao.ma} {sentby:smtp auth 221.217.32.225 authed with tm@tao.ma} Sender: linux-ext4-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-ext4@vger.kernel.org From: Tao Ma In 0f0a25b, we adjust 'len' with s_first_data_block - start, but it could underflow in case blocksize=1K, fstrim_range.len=512 and fstrim_range.start = 0. In this case, when we run the code: len -= first_data_blk - start; len will be underflow to -1ULL. In the end, although we are safe that last_group check later will limit the trim to the whole volume, but that isn't what the user really want. So this patch fix it. It also adds the check for 'start' like ext3 so that we can break immediately if the start is invalid. Cc: Lukas Czerner Signed-off-by: Tao Ma --- fs/ext4/mballoc.c | 3 +++ 1 files changed, 3 insertions(+), 0 deletions(-) diff --git a/fs/ext4/mballoc.c b/fs/ext4/mballoc.c index 6ed859d..604b706 100644 --- a/fs/ext4/mballoc.c +++ b/fs/ext4/mballoc.c @@ -4904,6 +4904,8 @@ int ext4_trim_fs(struct super_block *sb, struct fstrim_range *range) if (unlikely(minlen > EXT4_BLOCKS_PER_GROUP(sb))) return -EINVAL; + if (start + len <= first_data_blk) + goto out; if (start < first_data_blk) { len -= first_data_blk - start; start = first_data_blk; @@ -4952,5 +4954,6 @@ int ext4_trim_fs(struct super_block *sb, struct fstrim_range *range) } range->len = trimmed * sb->s_blocksize; +out: return ret; }