ext4: avoid resizing to a partial cluster size

thefossguy-ciq · thefossguy-ciq · commit 8a3156924506 · 2025-08-20T11:26:09.000+05:30
jira VULN-69318 cve CVE-2022-50020 commit-author Kiselev, Oleg <okiselev@amazon.com> commit 69cb8e9 This patch avoids an attempt to resize the filesystem to an unaligned cluster boundary. An online resize to a size that is not integral to cluster size results in the last iteration attempting to grow the fs by a negative amount, which trips a BUG_ON and leaves the fs with a corrupted in-memory superblock. Signed-off-by: Oleg Kiselev <okiselev@amazon.com> Link: https://lore.kernel.org/r/0E92A0AB-4F16-4F1A-94B7-702CC6504FDE@amazon.com Signed-off-by: Theodore Ts'o <tytso@mit.edu> (cherry picked from commit 69cb8e9) Signed-off-by: Pratham Patel <ppatel@ciq.com>
diff --git a/fs/ext4/resize.c b/fs/ext4/resize.c
@@ -1943,6 +1943,16 @@ int ext4_resize_fs(struct super_block *sb, ext4_fsblk_t n_blocks_count)
 	}
 	brelse(bh);
 
+	/*
+	 * For bigalloc, trim the requested size to the nearest cluster
+	 * boundary to avoid creating an unusable filesystem. We do this
+	 * silently, instead of returning an error, to avoid breaking
+	 * callers that blindly resize the filesystem to the full size of
+	 * the underlying block device.
+	 */
+	if (ext4_has_feature_bigalloc(sb))
+		n_blocks_count &= ~((1 << EXT4_CLUSTER_BITS(sb)) - 1);
+
 retry:
 	o_blocks_count = ext4_blocks_count(es);
 
