Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 0964fc1a authored by Sheng Yong's avatar Sheng Yong Committed by Jaegeuk Kim
Browse files

f2fs: fix potential corruption in area before F2FS_SUPER_OFFSET 



sb_getblk does not guarantee the buffer head is uptodate. If bh is not
uptodate, the data (may be used as boot code) in area before
F2FS_SUPER_OFFSET may get corrupted when super block is committed.

Signed-off-by: default avatarSheng Yong <shengyong1@huawei.com>
Reviewed-by: default avatarChao Yu <yuchao0@huawei.com>
Signed-off-by: default avatarJaegeuk Kim <jaegeuk@kernel.org>
parent bdbc90fa

fs/f2fs/super.c

+2 −3
Original line number Diff line number Diff line
@@ -1894,7 +1894,6 @@ static int __f2fs_commit_super(struct buffer_head *bh, 
	lock_buffer(bh);

	if (super)

		memcpy(bh->b_data + F2FS_SUPER_OFFSET, super, sizeof(*super));

	set_buffer_uptodate(bh);

	set_buffer_dirty(bh);

	unlock_buffer(bh);
@@ -2334,7 +2333,7 @@ int f2fs_commit_super(struct f2fs_sb_info *sbi, bool recover) 
	}



	/* write back-up superblock first */

	bh = sb_getblk(sbi->sb, sbi->valid_super_block ? 0: 1);

	bh = sb_bread(sbi->sb, sbi->valid_super_block ? 0 : 1);

	if (!bh)

		return -EIO;

	err = __f2fs_commit_super(bh, F2FS_RAW_SUPER(sbi));
@@ -2345,7 +2344,7 @@ int f2fs_commit_super(struct f2fs_sb_info *sbi, bool recover) 
		return err;



	/* write current valid superblock */

	bh = sb_getblk(sbi->sb, sbi->valid_super_block);

	bh = sb_bread(sbi->sb, sbi->valid_super_block);

	if (!bh)

		return -EIO;

	err = __f2fs_commit_super(bh, F2FS_RAW_SUPER(sbi));