CVE-2024-35844

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> f2fs: compress: fix reserve_cblocks counting error when out of space<br /> <br /> When a file only needs one direct_node, performing the following<br /> operations will cause the file to be unrepairable:<br /> <br /> unisoc # ./f2fs_io compress test.apk<br /> unisoc #df -h | grep dm-48<br /> /dev/block/dm-48 112G 112G 1.2M 100% /data<br /> <br /> unisoc # ./f2fs_io release_cblocks test.apk<br /> 924<br /> unisoc # df -h | grep dm-48<br /> /dev/block/dm-48 112G 112G 4.8M 100% /data<br /> <br /> unisoc # dd if=/dev/random of=file4 bs=1M count=3<br /> 3145728 bytes (3.0 M) copied, 0.025 s, 120 M/s<br /> unisoc # df -h | grep dm-48<br /> /dev/block/dm-48 112G 112G 1.8M 100% /data<br /> <br /> unisoc # ./f2fs_io reserve_cblocks test.apk<br /> F2FS_IOC_RESERVE_COMPRESS_BLOCKS failed: No space left on device<br /> <br /> adb reboot<br /> unisoc # df -h | grep dm-48<br /> /dev/block/dm-48 112G 112G 11M 100% /data<br /> unisoc # ./f2fs_io reserve_cblocks test.apk<br /> 0<br /> <br /> This is because the file has only one direct_node. After returning<br /> to -ENOSPC, reserved_blocks += ret will not be executed. As a result,<br /> the reserved_blocks at this time is still 0, which is not the real<br /> number of reserved blocks. Therefore, fsck cannot be set to repair<br /> the file.<br /> <br /> After this patch, the fsck flag will be set to fix this problem.<br /> <br /> unisoc # df -h | grep dm-48<br /> /dev/block/dm-48 112G 112G 1.8M 100% /data<br /> unisoc # ./f2fs_io reserve_cblocks test.apk<br /> F2FS_IOC_RESERVE_COMPRESS_BLOCKS failed: No space left on device<br /> <br /> adb reboot then fsck will be executed<br /> unisoc # df -h | grep dm-48<br /> /dev/block/dm-48 112G 112G 11M 100% /data<br /> unisoc # ./f2fs_io reserve_cblocks test.apk<br /> 924