git.baikalelectronics.ru Git - kernel.git/commit

author	Theodore Ts'o <tytso@mit.edu>
	Sat, 15 Feb 2020 21:40:37 +0000 (16:40 -0500)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Fri, 28 Feb 2020 16:22:22 +0000 (17:22 +0100)
commit	8ece390575f5edafaed479e1d1474e86427fbb41
tree	c06b203b0a03f0cb05d086445f7f7b76d184dc91	tree \| snapshot
parent	987d89b6442ba0e0758405f691f227fd564a918f	commit \| diff

ext4: fix potential race between online resizing and write operations

commit 8c7a15eb431d39411e4f7a82e0549d711b75af77 upstream.

During an online resize an array of pointers to buffer heads gets
replaced so it can get enlarged. If there is a racing block
allocation or deallocation which uses the old array, and the old array
has gotten reused this can lead to a GPF or some other random kernel
memory getting modified.

Link: https://bugzilla.kernel.org/show_bug.cgi?id=206443
Link: https://lore.kernel.org/r/20200221053458.730016-2-tytso@mit.edu
Reported-by: Suraj Jitindar Singh <surajjs@amazon.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Cc: stable@kernel.org
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

fs/ext4/balloc.c		diff \| blob \| history
fs/ext4/ext4.h		diff \| blob \| history
fs/ext4/resize.c		diff \| blob \| history
fs/ext4/super.c		diff \| blob \| history