[PATCH] Backport security fixe to 4.9 and 4.4 stable trees
From: Siddharth Chandrasekaran
Date: Thu May 14 2020 - 17:03:16 EST
Due to lack of proper validation that cached inodes are free during allocation,
causes a crash (refer to CVE-2018-13093 for more details). To address this
issue, I'm backporting upstream commit [1] to 4.4 and 4.9 stable trees
(a backport of [1] to 4.14 already exists).
Also, commit [1] references another commit [2] which added checks only to
xfs_iget_cache_miss(). In this patch, those checks have been moved into a
dedicated checker method and both xfs_iget_cache_miss() and
xfs_iget_cache_hit() are made to call that method. This code reorg in commit
[1], makes commit [2] redundant in the history of the 4.9 and 4.4 stable
trees. So commit [2] is not being backported.
-- Sid
[1]: afca6c5b2595f ("xfs: validate cached inodes are free when allocated")
[2]: ee457001ed6c ("xfs: catch inode allocation state mismatch corruption")
[v4.9]
Dave Chinner (1):
xfs: More robust inode extent count validation
fs/xfs/libxfs/xfs_format.h | 3 ++
fs/xfs/libxfs/xfs_inode_buf.c | 112 ++++++++++++++++++++++++++++++++++++++++--
2 files changed, 112 insertions(+), 3 deletions(-)
[v.4.4]
Dave Chinner (1):
xfs: validate cached inodes are free when allocated
fs/xfs/xfs_icache.c | 57 ++++++++++++++++++++++++++++++++++++++++++++++-------
1 file changed, 50 insertions(+), 7 deletions(-)
--
2.7.4