drop queue-5.10/btrfs-tree-checker-check-item_size-for-dev_item.patch

author Greg Kroah-Hartman <gregkh@linuxfoundation.org>

Fri, 18 Feb 2022 10:37:41 +0000 (11:37 +0100)

committer Greg Kroah-Hartman <gregkh@linuxfoundation.org>

Fri, 18 Feb 2022 10:37:41 +0000 (11:37 +0100)
author Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Fri, 18 Feb 2022 10:37:41 +0000 (11:37 +0100)
committer Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Fri, 18 Feb 2022 10:37:41 +0000 (11:37 +0100)
diff --git a/queue-5.10/btrfs-tree-checker-check-item_size-for-dev_item.patch b/queue-5.10/btrfs-tree-checker-check-item_size-for-dev_item.patch

deleted file mode 100644 (file)

index 273d1a6..0000000
--- a/queue-5.10/btrfs-tree-checker-check-item_size-for-dev_item.patch
+++ /dev/null
@@ -1,49 +0,0 @@
-From 5811a731fdbc775afd25f9b3f907ae7e939861a9 Mon Sep 17 00:00:00 2001
-From: Sasha Levin <sashal@kernel.org>
-Date: Fri, 21 Jan 2022 17:33:35 +0800
-Subject: btrfs: tree-checker: check item_size for dev_item
-
-From: Su Yue <l@damenly.su>
-
-[ Upstream commit ea1d1ca4025ac6c075709f549f9aa036b5b6597d ]
-
-Check item size before accessing the device item to avoid out of bound
-access, similar to inode_item check.
-
-Signed-off-by: Su Yue <l@damenly.su>
-Reviewed-by: David Sterba <dsterba@suse.com>
-Signed-off-by: David Sterba <dsterba@suse.com>
-Signed-off-by: Sasha Levin <sashal@kernel.org>
----
- fs/btrfs/tree-checker.c | 8 ++++++++
- 1 file changed, 8 insertions(+)
-
-diff --git a/fs/btrfs/tree-checker.c b/fs/btrfs/tree-checker.c
-index d4a3a56726aa8..4a5ee516845f7 100644
---- a/fs/btrfs/tree-checker.c
-+++ b/fs/btrfs/tree-checker.c
-@@ -947,6 +947,7 @@ static int check_dev_item(struct extent_buffer *leaf,
-                         struct btrfs_key *key, int slot)
- {
-       struct btrfs_dev_item *ditem;
-+      const u32 item_size = btrfs_item_size(leaf, slot);
- 
-       if (key->objectid != BTRFS_DEV_ITEMS_OBJECTID) {
-               dev_item_err(leaf, slot,
-@@ -954,6 +955,13 @@ static int check_dev_item(struct extent_buffer *leaf,
-                            key->objectid, BTRFS_DEV_ITEMS_OBJECTID);
-               return -EUCLEAN;
-       }
-+
-+      if (unlikely(item_size != sizeof(*ditem))) {
-+              dev_item_err(leaf, slot, "invalid item size: has %u expect %zu",
-+                           item_size, sizeof(*ditem));
-+              return -EUCLEAN;
-+      }
-+
-       ditem = btrfs_item_ptr(leaf, slot, struct btrfs_dev_item);
-       if (btrfs_device_id(leaf, ditem) != key->offset) {
-               dev_item_err(leaf, slot,
--- 
-2.34.1
-
diff --git a/queue-5.10/series b/queue-5.10/series

index 939d532d8cbf26bdf7e056fa972e3b1b46dcd505..26ff02588b8a0e05b30ef28d2f77f055ce2e0b6b 100644 (file)
--- a/queue-5.10/series
+++ b/queue-5.10/series
@@ -32,7 +32,6 @@ selftests-skip-mincore.check_file_mmap-when-fs-lacks.patch
  ax25-improve-the-incomplete-fix-to-avoid-uaf-and-npd.patch
  vfs-make-freeze_super-abort-when-sync_filesystem-ret.patch
  quota-make-dquot_quota_sync-return-errors-from-sync_.patch
-btrfs-tree-checker-check-item_size-for-dev_item.patch
  scsi-pm8001-fix-use-after-free-for-aborted-tmf-sas_t.patch
  scsi-pm8001-fix-use-after-free-for-aborted-ssp-stp-s.patch
  nvme-fix-a-possible-use-after-free-in-controller-res.patch
author	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Fri, 18 Feb 2022 10:37:41 +0000 (11:37 +0100)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Fri, 18 Feb 2022 10:37:41 +0000 (11:37 +0100)
queue-5.10/btrfs-tree-checker-check-item_size-for-dev_item.patch	[deleted file]	patch \| blob \| blame \| history
queue-5.10/series		patch \| blob \| blame \| history