[PATCH] [RESEND] jffs2: bugfix of summary length
Brian Norris
computersforpeace at gmail.com
Fri Dec 12 19:20:47 PST 2014
On Fri, Dec 12, 2014 at 03:03:44AM +0800, chenjie6 at huawei.com wrote:
> From: chenjie <chenjie6 at huawei.com>
Can you put your real name here? You have it (presumably) correct in the
sign-off.
>
> When power is off, the magic of summary is writed but the length not
> so the length is 0xffffffff, sumlen maybe very large.
> The kmalloc() failed and mount failed.
Did you catch this during power-cut testing? On real hardware or
emulation?
> Cc: <stable at vger.kernel.org>
> Signed-off-by: Chen Jie <chenjie6 at huawei.com>
> ---
> fs/jffs2/scan.c | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/fs/jffs2/scan.c b/fs/jffs2/scan.c
> index 7654e87..6187e56 100644
> --- a/fs/jffs2/scan.c
> +++ b/fs/jffs2/scan.c
> @@ -510,6 +510,9 @@ static int jffs2_scan_eraseblock (struct jffs2_sb_info *c, struct jffs2_eraseblo
> sumlen = c->sector_size - je32_to_cpu(sm->offset);
> sumptr = buf + buf_size - sumlen;
>
> + if (sumlen > c->sector_size)
> + goto full_scan;
Can you add a comment above this to suggest why this would occur?
> +
> /* Now, make sure the summary itself is available */
> if (sumlen > buf_size) {
> /* Need to kmalloc for this. */
> @@ -544,6 +547,7 @@ static int jffs2_scan_eraseblock (struct jffs2_sb_info *c, struct jffs2_eraseblo
> }
> }
>
> +full_scan:
> buf_ofs = jeb->offset;
>
> if (!buf_size) {
I'll admit, I'm not much of a JFFS2 developer. I'll have to take a
little closer look at this before I'm comfortable taking this, esp. with
the -stable tag.
Brian
More information about the linux-mtd
mailing list