Message ID | PUZPR04MB6316579893496BC54C4FE96F81EC9@PUZPR04MB6316.apcprd04.prod.outlook.com |
---|---|
State | New |
Headers |
Return-Path: <linux-kernel-owner@vger.kernel.org> Delivered-To: ouuuleilei@gmail.com Received: by 2002:a5d:4e01:0:0:0:0:0 with SMTP id p1csp789126wrt; Sun, 25 Dec 2022 23:29:05 -0800 (PST) X-Google-Smtp-Source: AMrXdXsLgUIMHNMp57NPzom3GTogY//9rS54m3VVn2ru9GspcgJab0UyfHlCsD2ZuSzDRWrjTjOm X-Received: by 2002:a05:6402:4005:b0:463:c2f9:8a0a with SMTP id d5-20020a056402400500b00463c2f98a0amr15725672eda.33.1672039745535; Sun, 25 Dec 2022 23:29:05 -0800 (PST) ARC-Seal: i=2; a=rsa-sha256; t=1672039745; cv=pass; d=google.com; s=arc-20160816; b=TGIo9Nikl+DabSKwQjda+Koyh6Vv1YSXGOpyqb4tzPCh6rm2WRrgwuwe7cxbG9zHjb 04m+CRkGwiwAhS/XhH/ns2Ha5e/KPB9vgiQvaROdZvMIf4Ab7XPayQh56j5APgriVkxd MDHlLQ/iq25/ZMNYJ1DiTLttZ86Kj+vHQdcmvHqwaNaCVtw16r4DHBeToI2Ctjv4tAqa YtWjVrnwpRCimOE5hbzWuf0hOloxVnY+C4EhdMlijmO6eHyO9pvhy+Yp+2vwrLp1Ac/J il0l7eTh70YlLIyM325jdiQYFZpkO9b2LJcj9ycALjH1L/iO4qNiQgdrLVwDHSKoRtol exnQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:mime-version:content-transfer-encoding :content-language:accept-language:message-id:date:thread-index :thread-topic:subject:cc:to:from:dkim-signature; bh=5V90Y5iO0rPnnAT0Gqah7F4YF/76PfwXWTuYIIGcKJo=; b=n0S+rsNgVO5ERt0NyoU8ZJaKrBFm3U4vxZM0gXx66wZEb13BjB31MLwcFIQsYkmu2F 9oSOXhYH0jTz3oncbF6h+ziVSPMolHAOmoCUa7Tuv2LOy9Ib/kB5cKNsq6fCIwiOdRi9 Gop6ZeR0Y6+sKpyZbLRfJBhFid7Wz/ASbHr1FTlXIMVLUeuMEAyiX8hglIqKbTqlkljR EllZXXt89CJJ3hajfmGFhTVS97p+AINP/MyPG+H+OacSwWOFzDpsq/wACu//WEjMEdVa tceUS5RnxPsvq8NM1ZmO72QGOOlG3cPcvcwzGlF9oEcB77NO6HcD/Dnkgw5sp+gu0YXR 6TsA== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@sony.com header.s=S1 header.b=ibxsQ9mM; arc=pass (i=1 spf=pass spfdomain=sony.com dkim=pass dkdomain=sony.com dmarc=pass fromdomain=sony.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=sony.com Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id v21-20020a056402349500b004673015ab88si9066274edc.19.2022.12.25.23.28.41; Sun, 25 Dec 2022 23:29:05 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@sony.com header.s=S1 header.b=ibxsQ9mM; arc=pass (i=1 spf=pass spfdomain=sony.com dkim=pass dkdomain=sony.com dmarc=pass fromdomain=sony.com); spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=sony.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231714AbiLZHYA (ORCPT <rfc822;eddaouddi.ayoub@gmail.com> + 99 others); Mon, 26 Dec 2022 02:24:00 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55160 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229447AbiLZHX6 (ORCPT <rfc822;linux-kernel@vger.kernel.org>); Mon, 26 Dec 2022 02:23:58 -0500 Received: from mx08-001d1705.pphosted.com (mx08-001d1705.pphosted.com [185.183.30.70]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9A7972DDA; Sun, 25 Dec 2022 23:23:55 -0800 (PST) Received: from pps.filterd (m0209320.ppops.net [127.0.0.1]) by mx08-001d1705.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 2BQ5jskX031801; Mon, 26 Dec 2022 07:23:38 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sony.com; h=from : to : cc : subject : date : message-id : content-type : content-transfer-encoding : mime-version; s=S1; bh=5V90Y5iO0rPnnAT0Gqah7F4YF/76PfwXWTuYIIGcKJo=; b=ibxsQ9mMXdHPRXYzetCR4OLfsp5yV8E4L8yFLjq64nRVx3xnVWhMpfoZ9meM+7L4A2Zs r6DECjK3jb02mz12DkfsLtFmLHoXPpzfVpwYLJN7OdutPQeyjpUfiYpuqorkzhBg+ytG o/uZFKjawzIrtLz0kSBdwd3Hsw4ZQ8RuW7ZKP95S/BTSuu8+H9Y+ZxfOa6nGdGPLMLRA n/eP0kmksDovoaYQaTLe45vDYSy+jRFQoFfgzE0sozP9UanYlWIiaQk78TEv/D2FGD6A Vfn9sLky8vQ8vE+jNaGfmMxhlvmn4TqttydQO1gl/KUG0HgQDLFx27OunCMNWZkMWCaR ow== Received: from apc01-tyz-obe.outbound.protection.outlook.com (mail-tyzapc01lp2047.outbound.protection.outlook.com [104.47.110.47]) by mx08-001d1705.pphosted.com (PPS) with ESMTPS id 3mnqamshtg-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 26 Dec 2022 07:23:37 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=hsoY09w5+429+md9wks6LMmBw8kxfonG/tcWfCkTkbmUH7gKCgNGEGZDKDPtXkemfDpwDKfnmZibHDOfKpUBVyaMXazLU4IsuN4LJcWt9rkt5GgpEa1urBmWJMgmRhfYf4b38QGX1LHBFKDKjUVNK03yZM3LV5NICbJ647+GZRqshzstC9KbTbTg8K0SRbK5f4AJqQgqJ/GMQSDkscKDG/mo2/u89vydKE4jLkn5L9mTxJgllGv/V3fYK3DtrZXJirV8nclQR2S2tAdC5LOqjHEPja0NOX+XeoypGIq7sQfJP/zQV6JgGfti5Smg9DYenhKhcdIo+Vp0v1MIC/r5Pw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=5V90Y5iO0rPnnAT0Gqah7F4YF/76PfwXWTuYIIGcKJo=; b=RjGphPow5rnaCnuFt5a1HY1zWlYhxmSmUIBbPDn4VKJkLsY67/6jPn9yJXRgosqrfgluldtn8tH9duNovzfQun8n7Xxr8qtpFtSEKt+pe32NAYQJCmeLcOHBG2PV96YFcg7QY7ophs8AEET5OgdmikfSnPvGM3R06JyBIavw5qNbW1tzDRVGj+ViLe6/xNVGCgW+RGlBNSiBFJ9CIJYgi4oB14ZBod0QPjLMNOOgNPuzwx57PmhY2rXcK4jKFiaHM7YJBUWXj/pUdkB8GRP1XCbI9Yyr/fPg3IUkXnGhuD0SW7PQGQ7ad/EIELBDPeRUH535Lq7jDKi/ikNBjUW3lw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=sony.com; dmarc=pass action=none header.from=sony.com; dkim=pass header.d=sony.com; arc=none Received: from PUZPR04MB6316.apcprd04.prod.outlook.com (2603:1096:301:fc::7) by SI2PR04MB4377.apcprd04.prod.outlook.com (2603:1096:4:e9::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5966.15; Mon, 26 Dec 2022 07:23:30 +0000 Received: from PUZPR04MB6316.apcprd04.prod.outlook.com ([fe80::1cb5:18cc:712d:1f13]) by PUZPR04MB6316.apcprd04.prod.outlook.com ([fe80::1cb5:18cc:712d:1f13%7]) with mapi id 15.20.5944.006; Mon, 26 Dec 2022 07:23:30 +0000 From: "Yuezhang.Mo@sony.com" <Yuezhang.Mo@sony.com> To: "linkinjeon@kernel.org" <linkinjeon@kernel.org>, "sj1557.seo@samsung.com" <sj1557.seo@samsung.com> CC: "linux-fsdevel@vger.kernel.org" <linux-fsdevel@vger.kernel.org>, "linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>, "Andy.Wu@sony.com" <Andy.Wu@sony.com>, "Wataru.Aoyama@sony.com" <Wataru.Aoyama@sony.com> Subject: [PATCH v1] exfat: fix reporting fs error when reading dir beyond EOF Thread-Topic: [PATCH v1] exfat: fix reporting fs error when reading dir beyond EOF Thread-Index: AdkY+qIINYyntsrGSEaOLoPl+jzKaQ== Date: Mon, 26 Dec 2022 07:23:29 +0000 Message-ID: <PUZPR04MB6316579893496BC54C4FE96F81EC9@PUZPR04MB6316.apcprd04.prod.outlook.com> Accept-Language: zh-CN, en-US Content-Language: zh-CN X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ms-publictraffictype: Email x-ms-traffictypediagnostic: PUZPR04MB6316:EE_|SI2PR04MB4377:EE_ x-ms-office365-filtering-correlation-id: 4810ee06-88a2-483c-4b9f-08dae712168f x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: it+6dP6K5xJgH9OgCY2JyU8JH9v834WB9+SsdN45W7YuwFHhbNUHKldp+SF74Wwz0UVrS/JaDIaNQR//jJWDXdjI1ciKk+44XxTP+nnUSz0aChbGWkzZBtPXTgofeL8VMd6lCC06ex9YAhRc6EsqxTYuoOuleruqZZcdQtj3yKQhc+BoLFKsCXMcQNrFFYJU9lsNsJyVnS4aChfissqUo5fHHlbp76kvtKXsP01oCno4Xpm/58r6XfvCsL7FWZbbrfJQHMviNOtquaj5IrPOu3PpGgaKJO5N2sWe3882nFOt34ryhZp/XBPWWkaGDxe/RIVi3N1jKjmm2nLxR7eK3jYTKOJ73NGyaLXLzrVD0jby0ozV4A4wVzg/JRWWZqOjqd3Kca1vbSaI5LU3757YUGge2/8GC6XG157JFuWyghK13S8IzAbIwFMIu+6WyD/Xbnh7zj46kgHIRwF1J6BCuPgfUaFtuQ0ePXbSZZ8a2e/vJbUmUWzFvEH/SoBpEHWHgUUxlwUvFp1SUejVcL+J5aI6DIiSXnhtTZyDdCaV7WPb2nqbR8YNG86EUbais+nOdWJDGAs0qhdpNNjxJToPoNUpw77sJ6gc0uJSJwJaelXTtV+mnRsdu5iZ8foDySGTj9jKEte4zdstKjnBnNWqYBZDbZRtGXB/T1Oc/wi5ND0GHe5PcrVpGSDWc9S4VlOruE/oy06v5erspGjQi4GbvQ== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:PUZPR04MB6316.apcprd04.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230022)(4636009)(39860400002)(346002)(366004)(396003)(376002)(136003)(451199015)(54906003)(110136005)(83380400001)(2906002)(33656002)(7696005)(316002)(38070700005)(107886003)(478600001)(82960400001)(186003)(122000001)(38100700002)(9686003)(6506007)(26005)(71200400001)(55016003)(86362001)(66946007)(66556008)(66476007)(52536014)(76116006)(41300700001)(4326008)(8676002)(8936002)(66446008)(5660300002)(64756008);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?utf-8?q?7sQmB5kGDTHLJYK/j66gT2u/AUTL?= =?utf-8?q?KnHEhYy6VE2mlWIVwEiGKA9zu3ZQvu3W60Ee5hKAh1vRLWC85DhWRuNh5dW0pHHK4?= =?utf-8?q?YdKA/qfha/QlIIDRCqc1lP+qQh7my+iKZev93J7PG6U4YfF4u2t347136ukfludo2?= =?utf-8?q?WrNeak//+1kSOWWviUEPW6E1UcP58EbQTkGxJKtlTpO1RpgyWa933CEBUWN+ZZQgm?= =?utf-8?q?7O16Zp6wSjZUcmmMo+GlBHhxp6M1ARv6BXX3Eo/LETxXoS2Q5P3YzIwmpXzMrNu0N?= =?utf-8?q?0DRRGYDYsog5hjuZqDq+x7tjX6e8msyKrB9f3ywgWNOIBIbQqh4923UNWXTXlUOl1?= =?utf-8?q?FMBcZHVLBbusOfQ7qGhNtBcmnWEkB8ZIMlOs8VqkdURXEzxF6xEVV6t/bX8+phNAW?= =?utf-8?q?Bl4/oHx57yIMeaNL7hWnumQn49BxOPR2humuP6C9n8dFZTETLeYfllsM1fRaJoe4T?= =?utf-8?q?oWzeCzgeYlb62FhBPwzZtDbPo1XKNUEfafm1m+Z+u3JR4Jw2LC3Kp3oA7pR2Aghka?= =?utf-8?q?q7tB1I2+auhppcMd6zGJ8Ca4qxiwcg100Dj/jDgifmCRqWKVutqC667d4n7etCeYR?= =?utf-8?q?Dr5slzc29muobV8/o5cr6krSMhjbfUVkjDphloOo1Lch1iUjaa8MUyZKirbdIKfaH?= =?utf-8?q?ArmxQl8jEOAk3EBeuAt1oZjWZ9MzEJbRz/oAyPqgxM8pfMABrPqYiaRS1SjgzkbJJ?= =?utf-8?q?ilPyiHr2gqwDivT5daSCkynKcEIBkcj5WBuzLUmi70i+AuVVIWJKtGcdrj1pDu94b?= =?utf-8?q?aTaWkSO8b3BuHVUrU+vWU2kJSI5rfZ0XCXY7JfVfrrDfjvlnhgND20/t+3+1zPPpp?= =?utf-8?q?SqR/Z2TBG+Vlczj3V5ubrHz7nwqb2+2UUq6Nha4URZTICXR6TqGfr52y/5AE18Vmi?= =?utf-8?q?XEfAz1Xq8Rg7arJiKdZ+2UkqHyd61/wLUvmydS0oIkzsCxJL0HhB8Gnm7xpTt+ARM?= =?utf-8?q?+rDCswvBJPmH8ZaexHm2dZT9ZY4zRXHtiMNTvWsyT6bdSHuy3bU9aS3weScLTYUYm?= =?utf-8?q?dF8IuWDEacXrzNQfitEK3Z34HfnQvTt1VvMcH9rOSsTEFALtL38PRY8m5FRCqlN5Q?= =?utf-8?q?TyC8L8/gw2lMvJBEFiKkS7uZymRXH62eD/bLXqhAOzfMP5GOslaFg2HzMrdDKg0F7?= =?utf-8?q?7tPpQes+K94BCCUILz3ziuERz9gxvJ80JdA4MHysvuR4lxVvm4DXYu5VomeYK74OK?= =?utf-8?q?8Gf2Zt6PN640lAljwR2TovmypEbOMoRBvPbuCdWOHU40Axl/ICTBOOtRrAVVpbhLL?= =?utf-8?q?LBPoeTHPMEtvG6C4db4P/0eTTkdjAUexBeTa8wDblK7NOersa/K5qs0Kqz2WV8YR3?= =?utf-8?q?Hh3tMGsAjBTG+wIUE2B16dk8mEVCcC30EMOYLl6OdabqAasFAUS0kBNvAsFcXTZ91?= =?utf-8?q?OsNTJE/JI5nsDwf5aKXrDO9VtQh5wmqNRGR42mTN0wCwmvwI+1vwhgG415AS0fay2?= =?utf-8?q?ZlbJoyu6qB+psyvJE3YvZUl/lKItPCFS4yAobu1VrgJDMNG0OAbAe25jcXswXI6RH?= =?utf-8?q?Ed3Ew+YGG+eH?= Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: base64 MIME-Version: 1.0 X-OriginatorOrg: sony.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: PUZPR04MB6316.apcprd04.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 4810ee06-88a2-483c-4b9f-08dae712168f X-MS-Exchange-CrossTenant-originalarrivaltime: 26 Dec 2022 07:23:29.9795 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 66c65d8a-9158-4521-a2d8-664963db48e4 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: QYHAdsOLU+PXIlpFAy8Eu63j/fqlqinNLKQDqOHdp2kD0Uarzgg4bWVAW5EM/vzbxABQnYE/8U4QPQwY+N+evg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SI2PR04MB4377 X-Proofpoint-GUID: 2cg_ezbUyyPGJzji1hXjefePGWWgXQSE X-Proofpoint-ORIG-GUID: 2cg_ezbUyyPGJzji1hXjefePGWWgXQSE X-Sony-Outbound-GUID: 2cg_ezbUyyPGJzji1hXjefePGWWgXQSE X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.923,Hydra:6.0.545,FMLib:17.11.122.1 definitions=2022-12-26_04,2022-12-23_01,2022-06-22_01 X-Spam-Status: No, score=-2.8 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_LOW, SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: <linux-kernel.vger.kernel.org> X-Mailing-List: linux-kernel@vger.kernel.org X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?= X-GMAIL-THRID: =?utf-8?q?1753260748196476267?= X-GMAIL-MSGID: =?utf-8?q?1753260748196476267?= |
Series |
[v1] exfat: fix reporting fs error when reading dir beyond EOF
|
|
Commit Message
Yuezhang.Mo@sony.com
Dec. 26, 2022, 7:23 a.m. UTC
Since seekdir() does not check whether the position is valid, the position may exceed the size of the directory. We found that for a directory with discontinuous clusters, if the position exceeds the size of the directory and the excess size is greater than or equal to the cluster size, exfat_readdir() will return -EIO, causing a file system error and making the file system unavailable. Reproduce this bug by: seekdir(dir, dir_size + cluster_size); dirent = readdir(dir); The following log will be printed if mount with 'errors=remount-ro'. [11166.712896] exFAT-fs (sdb1): error, invalid access to FAT (entry 0xffffffff) [11166.712905] exFAT-fs (sdb1): Filesystem has been set read-only Fixes: 1e5654de0f51 ("exfat: handle wrong stream entry size in exfat_readdir()") Signed-off-by: Yuezhang Mo <Yuezhang.Mo@sony.com> Reviewed-by: Andy Wu <Andy.Wu@sony.com> Reviewed-by: Aoyama Wataru <wataru.aoyama@sony.com> --- fs/exfat/dir.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -- 2.25.1
Comments
> Since seekdir() does not check whether the position is valid, the > position may exceed the size of the directory. We found that for > a directory with discontinuous clusters, if the position exceeds > the size of the directory and the excess size is greater than or > equal to the cluster size, exfat_readdir() will return -EIO, > causing a file system error and making the file system unavailable. > > Reproduce this bug by: > > seekdir(dir, dir_size + cluster_size); > dirent = readdir(dir); > > The following log will be printed if mount with 'errors=remount-ro'. > > [11166.712896] exFAT-fs (sdb1): error, invalid access to FAT (entry > 0xffffffff) > [11166.712905] exFAT-fs (sdb1): Filesystem has been set read-only > > Fixes: 1e5654de0f51 ("exfat: handle wrong stream entry size in > exfat_readdir()") > > Signed-off-by: Yuezhang Mo <Yuezhang.Mo@sony.com> > Reviewed-by: Andy Wu <Andy.Wu@sony.com> > Reviewed-by: Aoyama Wataru <wataru.aoyama@sony.com> Looks good. Thanks. Reviewed-by: Sungjong Seo <sj1557.seo@samsung.com> > --- > fs/exfat/dir.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/fs/exfat/dir.c b/fs/exfat/dir.c > index 1122bee3b634..158427e8124e 100644 > --- a/fs/exfat/dir.c > +++ b/fs/exfat/dir.c > @@ -100,7 +100,7 @@ static int exfat_readdir(struct inode *inode, loff_t > *cpos, struct exfat_dir_ent > clu.dir = ei->hint_bmap.clu; > } > > - while (clu_offset > 0) { > + while (clu_offset > 0 && clu.dir != EXFAT_EOF_CLUSTER) { > if (exfat_get_next_cluster(sb, &(clu.dir))) > return -EIO; > > -- > 2.25.1
2022-12-26 16:23 GMT+09:00, Yuezhang.Mo@sony.com <Yuezhang.Mo@sony.com>: > Since seekdir() does not check whether the position is valid, the > position may exceed the size of the directory. We found that for > a directory with discontinuous clusters, if the position exceeds > the size of the directory and the excess size is greater than or > equal to the cluster size, exfat_readdir() will return -EIO, > causing a file system error and making the file system unavailable. > > Reproduce this bug by: > > seekdir(dir, dir_size + cluster_size); > dirent = readdir(dir); > > The following log will be printed if mount with 'errors=remount-ro'. > > [11166.712896] exFAT-fs (sdb1): error, invalid access to FAT (entry > 0xffffffff) > [11166.712905] exFAT-fs (sdb1): Filesystem has been set read-only > > Fixes: 1e5654de0f51 ("exfat: handle wrong stream entry size in > exfat_readdir()") > > Signed-off-by: Yuezhang Mo <Yuezhang.Mo@sony.com> > Reviewed-by: Andy Wu <Andy.Wu@sony.com> > Reviewed-by: Aoyama Wataru <wataru.aoyama@sony.com> Applied, Thanks for your patch!
diff --git a/fs/exfat/dir.c b/fs/exfat/dir.c index 1122bee3b634..158427e8124e 100644 --- a/fs/exfat/dir.c +++ b/fs/exfat/dir.c @@ -100,7 +100,7 @@ static int exfat_readdir(struct inode *inode, loff_t *cpos, struct exfat_dir_ent clu.dir = ei->hint_bmap.clu; } - while (clu_offset > 0) { + while (clu_offset > 0 && clu.dir != EXFAT_EOF_CLUSTER) { if (exfat_get_next_cluster(sb, &(clu.dir))) return -EIO;