From patchwork Mon Dec 16 06:49:50 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Yuezhang.Mo@sony.com" X-Patchwork-Id: 13909282 Received: from mx08-001d1705.pphosted.com (mx08-001d1705.pphosted.com [185.183.30.70]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B0B711D0F46 for ; Mon, 16 Dec 2024 06:50:10 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=fail smtp.client-ip=185.183.30.70 ARC-Seal: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1734331813; cv=fail; b=kKp+GZfRDXNJpKPzq8XFxind3G1BRywVgUve01iB775KNGDVhTwTlS2xc29Ljy5bsoi+1WMMB5DzjxCGo+/l+VMnnGzU2q5rYcI3D6XbqlVpZzBT3kuo18fyLrjV2+5EPcNt8fo8JEad9wrpmSPYNB+mb4pNE532mzj1kNNYJX8= ARC-Message-Signature: i=2; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1734331813; c=relaxed/simple; bh=uNEcSL9ANicyq3/3uGc0+QhzzdGQxoSNu8UPJ0WqJhA=; h=From:To:CC:Subject:Date:Message-ID:Content-Type:MIME-Version; b=g7aY0/M+nLkUOF7lHF78LU3LXEMwCu3mKG13oHt9lYgnB4siKvdKz1Mn1e2GVxc6OaS0SAUvvN4D72QcHsdpXpiM4HCuxFEEysX7eGzmby3C4lpbh7AUYImXi7Qr1KWQtJ5OjYyLV6gYlTtc7oJDMnD2vFlGSXyEyuaef2RJblw= ARC-Authentication-Results: i=2; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=sony.com; spf=pass smtp.mailfrom=sony.com; dkim=pass (2048-bit key) header.d=sony.com header.i=@sony.com header.b=HpFCraF8; arc=fail smtp.client-ip=185.183.30.70 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=sony.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=sony.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=sony.com header.i=@sony.com header.b="HpFCraF8" Received: from pps.filterd (m0209319.ppops.net [127.0.0.1]) by mx08-001d1705.pphosted.com (8.18.1.2/8.18.1.2) with ESMTP id 4BG4f0u4001058; Mon, 16 Dec 2024 06:49:57 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sony.com; h=cc :content-type:date:from:message-id:mime-version:subject:to; s= S1; bh=RrfwBaCRwkT7srcPzS4EAy3Khf/VqAY/vN9J5afYjwg=; b=HpFCraF89 FzaUgWK5l0e6yimnrNa1VxlASDICRpjGW7bMJ/bPQWzVHuM22/F9enHVqqFSIx6s vz2AsdKAfDaEo9Y+6Dn1Qq1+R+L2uB+JF9YHxlae7Hze0du0vqmUhX8k86U27Fry p9FJKH4h50HYdZujuUDZCkjGdCMcTivgkiCQUJp1wmr6WUvTrogtUBrh88w938X3 8hsmpP96Q3Z6wwPIlXX86o/KlTXaaC4PfoLuufaOSdSj/oFJ7KfNRtB6ErrLKD+8 VUnQ2XImvjT5Vs8R8uidVHQYTy/rY+hhkQZF1Md4VZObKrIiwGysLerK+qZesmM5 8nPV1wVItBZeg== Received: from seypr02cu001.outbound.protection.outlook.com (mail-koreacentralazlp17013074.outbound.protection.outlook.com [40.93.138.74]) by mx08-001d1705.pphosted.com (PPS) with ESMTPS id 43h2dph6xu-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Mon, 16 Dec 2024 06:49:57 +0000 (GMT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=By5PLiNvt/YRdYb5I2YGBaj2Fu6wOsTYclHhr7p8o3bDUidgp097vLpMU026ulIM1g3mqS/JaP11fK7uTujCB+xl4h5qXztA3Vl3upXq5fPkdWRF4qp1YP4X3SA5m/seUTnerm1hErqWcGh9PAYfd4lWg5zIqtApv+Ux0MLTc5sS2T3X6egLzFpiOdM+PWdJu+LJgyyo71yJVrH6TOuZH71Q1lnYjjWqz/plgdJA6DHFdcZoci52QbNY4ytNfBp46lLzMV9Wnw8B+dR55DkgTRBhqFvtaElDw04bx+qEq0MbExrdu4DHTYXofAwnqpfW+y2ZiVq0y3NFssm1c1tmxw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=RrfwBaCRwkT7srcPzS4EAy3Khf/VqAY/vN9J5afYjwg=; b=OI943xe9WdY6J0Amxg1FScfQ6vxNsLtcyamcckS5jcliqc1CR1SKUV/qKNT+yF64hXUi5s97ScucFH/l1xVZF3ch7pQ/yxyhIesBiswSwe2PrlIEsMXIxbu9GY9SiMYW3p6vWGnhmX9rFifPg8ueVqE+l9equqmsLqJfIueNDf5AJslmPgmsgm2QhVn/XsDrH01IMY0te9dSkYpAO1b2bElc6NLkgUwBCqRutE4n5R3XhIuJkf5vWVkTj0sliwrAqDXkw+5ECSUWIUefGT3+U3ZGiJ9ObI3z1YdwAShxYLLIDp39rzk5ufBoRtZrwqpuLZzYHymqBYFFQLuoWZpu3A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=sony.com; dmarc=pass action=none header.from=sony.com; dkim=pass header.d=sony.com; arc=none Received: from PUZPR04MB6316.apcprd04.prod.outlook.com (2603:1096:301:fc::7) by JH0PR04MB8086.apcprd04.prod.outlook.com (2603:1096:990:9e::5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8251.20; Mon, 16 Dec 2024 06:49:51 +0000 Received: from PUZPR04MB6316.apcprd04.prod.outlook.com ([fe80::409e:64d3:cee0:7b06]) by PUZPR04MB6316.apcprd04.prod.outlook.com ([fe80::409e:64d3:cee0:7b06%4]) with mapi id 15.20.8251.015; Mon, 16 Dec 2024 06:49:50 +0000 From: "Yuezhang.Mo@sony.com" To: "linkinjeon@kernel.org" , "sj1557.seo@samsung.com" CC: "linux-fsdevel@vger.kernel.org" Subject: [PATCH v1] exfat: fix the infinite loop in __exfat_free_cluster() Thread-Topic: [PATCH v1] exfat: fix the infinite loop in __exfat_free_cluster() Thread-Index: AQHbT4ZwRRWPpYQMFkW/JmXzHxF1MA== Date: Mon, 16 Dec 2024 06:49:50 +0000 Message-ID: Accept-Language: en-US, zh-CN Content-Language: en-US X-MS-Has-Attach: yes X-MS-TNEF-Correlator: msip_labels: x-ms-publictraffictype: Email x-ms-traffictypediagnostic: PUZPR04MB6316:EE_|JH0PR04MB8086:EE_ x-ms-office365-filtering-correlation-id: 847a8d15-e7f9-4eb8-cb93-08dd1d9dd6e8 x-proofpoint-id: d8690225-876f-412f-87c6-a7cb45557a4c x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0;ARA:13230040|1800799024|376014|10070799003|366016|38070700018; x-microsoft-antispam-message-info: =?iso-8859-1?q?bzSTxk3FY4FUT7l+2dBRjMTPMu?= =?iso-8859-1?q?ArESXsDTPFEMdovnjsG/+OC3US1gTBiJ+ict/714bTsOHsIhXMAVtcsafuAz?= =?iso-8859-1?q?kj2DzmUZHzQBzLanEmObYVcR49DbGEJiXrVBUPHo1MSslk2X6tjlwPnR6L+M?= =?iso-8859-1?q?971DqGvYiqwKhv7Pg6z+NMX+BzDZjvtPjF8WHwTs1plJeIOhlKlGa+d286zW?= =?iso-8859-1?q?+MoaTfJeGjaq6cW+TPTqKS/0dryCRKSuAIErR24/hNlzjVigTRaOQUKbauGe?= =?iso-8859-1?q?qRnQAScMkc9Huh/myUO7vVlrH+ex0MoCBJNX26k2PTY1oaZYnBo5rH08T+oe?= =?iso-8859-1?q?m++w4PQj6Ru5642K3UOQ2O6msFOlwY2fzusAX+kDXYsk7uQOBaX10WCdSsh2?= =?iso-8859-1?q?N5ygeDxzAxckqUZwjAOFk7N0XFFe1qpbQQUg2ACwf2EgQt7/BzC8cQLEIeqX?= =?iso-8859-1?q?cIa5QjITID/iYteO6eOAs2eIOax37j0jcC0CUsI1jBUjjv1bVcm8DH3nX8p8?= =?iso-8859-1?q?EGaLXOACyfV75CxcYIaipGBg0XmuEmX40PJRNXuh7rwGBuaSKxVZ9Z7k2uro?= =?iso-8859-1?q?ucA0VXPjkEDZR8FmJSMql9bwocejSLgI8o34pV2DUhfrXgDJaBEWiYwMeEie?= =?iso-8859-1?q?5VgVqXhXfoT4KdPD2lBH6+2brjfl8lGB7uXCLzDuLoJSFu6SkM4ff1wKfMaE?= =?iso-8859-1?q?LXUrPMi0lUl3owCCy4IbkMTn4QIsXxS1bYdZC/A5GgZKmGX5BSCEWJkUKQ0s?= =?iso-8859-1?q?KsrMs+ZnL96K1t/y/7P+OLaXxshfcBAWscl50jHFWvsOWloATdbAAhcj4aNI?= =?iso-8859-1?q?CDY+F8wwvu8FziibaRkLCSMhPG5+ohC7ss7PnsiOdinQsRwRGPcJ29PTs14W?= =?iso-8859-1?q?C19/LSjwr8KGSb0ZZQzEnaDTAlS+LBUWHtFIFvdcfjA2eTvAFNzRObWNZ4+1?= =?iso-8859-1?q?QslDpSvhyY+XH3ciUhRWIlRkSpyYXvzZ6vh2lU2xzTbkQvg+N1Eg97AHAFMN?= =?iso-8859-1?q?WKAeBGCs7rDgH8wMy3+oH6SvjYk+HZmUQmArKLcqh1pb0Xux5HWpEVRN+qK7?= =?iso-8859-1?q?tBvGbl/zk5gRXMHnXRXukyc5YDENJPTlbFyxQAQOQ1x9NKuwDSuixdFAPVwc?= =?iso-8859-1?q?aMdOIkz88B7jTZ/LDxs042cU/0sUDggmcMYmJZUbq78HGQl9s1yawzalFnI3?= =?iso-8859-1?q?a2vNX1j/g3oFvEbZhaHoebMlXeXB/OPaaqsWJpHvuGTQVLamdOiGCWPunFgX?= =?iso-8859-1?q?L1lo0Lfn1StBrmsmbpPLiL/IK+xVRntHVlBxC866uyI96hmqufAunWzPGMyd?= =?iso-8859-1?q?16iFI6N/TptUdh5ekn2NGffHBWrx7TEz9Bv+UnEuQwnSEhOG8DB3A2Trdvby?= =?iso-8859-1?q?lHe5T1x3VydCCRe9ykFbxov9kEHT5lNxHJ6gvJ1WvyPTTwLCspcBJevtg6OF?= =?iso-8859-1?q?XG?= x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:PUZPR04MB6316.apcprd04.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(1800799024)(376014)(10070799003)(366016)(38070700018);DIR:OUT;SFP:1101; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?iso-8859-1?q?LVn5bx9SIf6RfH9YcZLgAdT?= =?iso-8859-1?q?+2FjN73yuVdVi2LcNB8CI9bjwdGr3T5qrq3NFOxVlHFA1hlZarGDYbhNyjw6?= =?iso-8859-1?q?GxTWmi/2EN+4zVveK4X+QACscnaHVtxWuavUoEvQFk53QQTtt5+urGVjnhZz?= =?iso-8859-1?q?mPdV6eytWyXBNw5+xevjP2ACanzr3dVdQV3NxsApnI7yW+JjTVNhRjIT5XrM?= =?iso-8859-1?q?6bhNbLQ4i3gafFcStUWgfNfWxJsvHncTHLi7XpRHcpo8UUofahVAVXF4KkXS?= =?iso-8859-1?q?zTL/AS91flCRjkfw/DdKFRyJZHwETBnuE/bkYH+UKN3MTWA3P3DixCDPXRoU?= =?iso-8859-1?q?da2oxcE/XrEN8IAP6GoRJ/1EoQxXcz/QzIH4N+Ck1QOqkHrRHJFP0+k7Z10+?= =?iso-8859-1?q?aFMGKidI6Ij+BpLk/ViWrt27zVqT2TIqVfgygwspaDzFzRN0Wc9TEYRZU8ST?= =?iso-8859-1?q?WKvRP1S3z8DKR9bMpZOpBKhzrR9D6fWyHIGTiWE3A3l8ZHFK6zH5JZbk+lVx?= =?iso-8859-1?q?2NHsJ99Dolqa6x+AYdgDeAteBZ43AzF+8OVLSm5FYQmlqRMuOcBB1Y36aqoV?= =?iso-8859-1?q?d6hk0KnYA2ZXM7yT43m2YWoakG8ZbbXKmn3DESPCl7j4Z/8vBqcWmZusXwTx?= =?iso-8859-1?q?TBUAfe1gTnp0Cfv5iEJXVuBePckBKO82cRdgoeNGP+VzO2ccUW+pUyeqnmBb?= =?iso-8859-1?q?VOPEOv2CG1Jw7NPUymD+zpTSTPjagxBVVgkXqZ7lC2oHZyHL9lErkweWkQg0?= =?iso-8859-1?q?QuA5snbN4o+XSPpkFsceshluOoF7nG2qwI+jiPWyXb8Kr4D/2EDqB/wdJRpx?= =?iso-8859-1?q?tA02OXvyL6stdsiPjRrZOan0VnkrYumjwUP6KYyo2/0pn0ReXNj0n1dTOgNI?= =?iso-8859-1?q?uXoIrTXM0woEiEOKmogJw7wRv0N60h5M1u3NaW3cFM968Sp2wDGWDWf3QIIw?= =?iso-8859-1?q?p7bcbbe6WRH5UOsLzzqbh7UTj56Gk9UrLI4Z4t9gxIo1A0ZfldHxWuVR2f/u?= =?iso-8859-1?q?tGSdIY5fLHu3U0Kojt7FLvjOLyXj0yXWB5fm6i+Lk9uil/FFNfWm1+ccVjIb?= =?iso-8859-1?q?eSQ7n7+xDtJYHZiaBHdBrtwqXRArC6W3MfJepE82QDZtYZFDCy3G5O9K/ysX?= =?iso-8859-1?q?Lqu64PNPrgWs6RMe/Ud8OBKhlO5ddZ7RPoERcLtxo+zDOiRnXpdyTZTJm5jn?= =?iso-8859-1?q?QZSnkFn/f6FQhk0vvJSaQQeCj37MdIQ6PhDdmYvdmYjC/1Epr/5r06fRW2a1?= =?iso-8859-1?q?11wASfqlLfg3Naej1hnOKcRKRcVw74sOMJO2bnEYsIgmgU+0qSg0RFX8wcwU?= =?iso-8859-1?q?kUB6WJNLT85nATkNW9ku3e2u3sGzQbv/0PE/wfNzCoA/4gG9pR3ixGMuPbgy?= =?iso-8859-1?q?qAI5IDMhzCjqm7SHmgioZybH72RJOT5FCFBIwwAMFIgTTBldrg8OksCGTv05?= =?iso-8859-1?q?fbGjod8SB+sUTNVvm/6uX6In/fzfO+/2CpORUVBvpbYafCZaESBVK760Lo7b?= =?iso-8859-1?q?80dsnqDgYN0GqPYWPTAVZaATrO4FPGmz0zvEB3dnCMi5a+FDaHk7wOcQCnut?= =?iso-8859-1?q?EaULy6Tfm59f+DAjxIqSFwxoTBIyDT2fctZP5arys3bfhaow5lBQK3cdvRdU?= =?iso-8859-1?q?8GPOs7Xhm1KnCmcDV0W3HEF4r4pzl7F5J7ReW+hF9eCl8xifEs6SlS4BsS4k?= =?iso-8859-1?q?=3D?= Precedence: bulk X-Mailing-List: linux-fsdevel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-MS-Exchange-AntiSpam-ExternalHop-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-ExternalHop-MessageData-0: TTibb5kmRJD9FTpAgIK+r7jYCcEKhM/4WjuKazhojw1/X8UVffuglyO624HiO5rIPuWT6fDqORY0wP3hV13BmUIBt4pI0tWuskLPb3LKooUzwvbftqQYeuRG1PLT0VZ+6QPnTuyLhlyCAR9GQzqlIxz4n/Wj5LeyEh5ExO8wcShezJ2bB2wvrXCC1242GpsJh9B63chXXKmb7UFxc+t1/tZYkjGo77S9m7MlUzQuyKU/hCqGgj1QtKH4EGAP/KFHU+uX8UQ4GpkI+akxrcWtNfvZ+Q3NP4zwNf/BKqGgd5/PzIUR23yP5rUUMJv1NQwkp6L0swGTahA+/ZlsOliOekQfC43q9riGtCekt041CeitNcmprjXDZPQdubyqGHPqH0+ud3JZAUOP/OXa9OwpHPtWZc2bOm8rSMTGdY/Bqu8pY6rwEn2MAYHZ7BAVsj0z4ywRUEGdJ6IjGkkkNeQuPBSN+dcprqvC8U0cUMvHnXlruTTex96qZoWSrdXeVT6GeCwpys/zeZfgyZSYQpBDiAvEgF1aF+zWClwy2ktIPoeQgZNJd3aI2A8662smlQRBp4Z4FP4G6JjRFvsx4lbBEYvPU/5uCLC+vEI18CqXRxJg3fX0LjSQohwPQYKfub7t X-OriginatorOrg: sony.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: PUZPR04MB6316.apcprd04.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 847a8d15-e7f9-4eb8-cb93-08dd1d9dd6e8 X-MS-Exchange-CrossTenant-originalarrivaltime: 16 Dec 2024 06:49:50.8829 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 66c65d8a-9158-4521-a2d8-664963db48e4 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: A4nQS7mHUwC00qGxBpOhjjNeEUDjYVAjEXxLJldPEOqbS0+nUf1lLdE6b83LoX/p7U4k6gFfPjPFGq+pNnXuBw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: JH0PR04MB8086 X-Proofpoint-GUID: cCYgIDm4-c7SNQOSEx6kb484t-ntxSEL X-Proofpoint-ORIG-GUID: cCYgIDm4-c7SNQOSEx6kb484t-ntxSEL X-Sony-Outbound-GUID: cCYgIDm4-c7SNQOSEx6kb484t-ntxSEL X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1057,Hydra:6.0.680,FMLib:17.12.68.34 definitions=2024-12-16_02,2024-12-13_01,2024-11-22_01 In __exfat_free_cluster(), the cluster chain is traversed until the EOF cluster. If the cluster chain includes a loop due to file system corruption, the EOF cluster cannot be traversed, resulting in an infinite loop. To avoid this infinite loop, this commit changes to only traverse and free the number of clusters indicated by the file size. Reported-by: syzbot+1de5a37cb85a2d536330@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=1de5a37cb85a2d536330 Tested-by: syzbot+1de5a37cb85a2d536330@syzkaller.appspotmail.com Fixes: 31023864e67a ("exfat: add fat entry operations") Signed-off-by: Yuezhang Mo Suggested-by: Namjae Jeon --- fs/exfat/fatent.c | 2 ++ 1 file changed, 2 insertions(+) From a8c5502e729ad2c5f8bd2f30aeab787aca1eef06 Mon Sep 17 00:00:00 2001 From: Yuezhang Mo Date: Mon, 16 Dec 2024 13:39:42 +0800 Subject: [PATCH v1] exfat: fix the infinite loop in __exfat_free_cluster() In __exfat_free_cluster(), the cluster chain is traversed until the EOF cluster. If the cluster chain includes a loop due to file system corruption, the EOF cluster cannot be traversed, resulting in an infinite loop. To avoid this infinite loop, this commit changes to only traverse and free the number of clusters indicated by the file size. Reported-by: syzbot+1de5a37cb85a2d536330@syzkaller.appspotmail.com Closes: https://syzkaller.appspot.com/bug?extid=1de5a37cb85a2d536330 Tested-by: syzbot+1de5a37cb85a2d536330@syzkaller.appspotmail.com Fixes: 31023864e67a ("exfat: add fat entry operations") Signed-off-by: Yuezhang Mo Suggested-by: Namjae Jeon --- fs/exfat/fatent.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/fs/exfat/fatent.c b/fs/exfat/fatent.c index 773c320d68f3..ab29c30ebaab 100644 --- a/fs/exfat/fatent.c +++ b/fs/exfat/fatent.c @@ -201,6 +201,8 @@ static int __exfat_free_cluster(struct inode *inode, struct exfat_chain *p_chain if (err || n_clu == EXFAT_EOF_CLUSTER) sync = true; + else if (num_clusters >= p_chain->size) + break; else next_cmap_i = BITMAP_OFFSET_SECTOR_INDEX(sb, CLUSTER_TO_BITMAP_ENT(n_clu)); -- 2.43.0