712e53e46a
A long time ago, xs->base is allocated a 4K size and all the contents in the bucket are copied to the it. Now we use ocfs2_xattr_bucket to abstract xattr bucket and xs->base is initialized to the start of the bu_bhs[0]. So xs->base + offset will overflow when the value root is stored outside the first block. Then why we can survive the xattr test by now? It is because we always read the bucket contiguously now and kernel mm allocate continguous memory for us. We are lucky, but we should fix it. So just get the right value root as other callers do. Signed-off-by: Tao Ma <tao.ma@oracle.com> Acked-by: Joel Becker <joel.becker@oracle.com> Signed-off-by: Mark Fasheh <mfasheh@suse.com> |
||
|---|---|---|
| .. | ||
| cluster | ||
| dlm | ||
| acl.c | ||
| acl.h | ||
| alloc.c | ||
| alloc.h | ||
| aops.c | ||
| aops.h | ||
| blockcheck.c | ||
| blockcheck.h | ||
| buffer_head_io.c | ||
| buffer_head_io.h | ||
| dcache.c | ||
| dcache.h | ||
| dir.c | ||
| dir.h | ||
| dlmglue.c | ||
| dlmglue.h | ||
| export.c | ||
| export.h | ||
| extent_map.c | ||
| extent_map.h | ||
| file.c | ||
| file.h | ||
| heartbeat.c | ||
| heartbeat.h | ||
| inode.c | ||
| inode.h | ||
| ioctl.c | ||
| ioctl.h | ||
| journal.c | ||
| journal.h | ||
| Kconfig | ||
| localalloc.c | ||
| localalloc.h | ||
| locks.c | ||
| locks.h | ||
| Makefile | ||
| mmap.c | ||
| mmap.h | ||
| namei.c | ||
| namei.h | ||
| ocfs1_fs_compat.h | ||
| ocfs2.h | ||
| ocfs2_fs.h | ||
| ocfs2_lockid.h | ||
| ocfs2_lockingver.h | ||
| quota.h | ||
| quota_global.c | ||
| quota_local.c | ||
| resize.c | ||
| resize.h | ||
| slot_map.c | ||
| slot_map.h | ||
| stack_o2cb.c | ||
| stack_user.c | ||
| stackglue.c | ||
| stackglue.h | ||
| suballoc.c | ||
| suballoc.h | ||
| super.c | ||
| super.h | ||
| symlink.c | ||
| symlink.h | ||
| sysfile.c | ||
| sysfile.h | ||
| uptodate.c | ||
| uptodate.h | ||
| ver.c | ||
| ver.h | ||
| xattr.c | ||
| xattr.h | ||