Message ID | 20190313085511.23540-5-wqu@suse.com (mailing list archive) |
---|---|
State | New, archived |
Headers | show |
Series | btrfs: Enhance tree checker and runtime checker to handle the new wave of fuzzed image attack | expand |
On 13.03.19 г. 10:55 ч., Qu Wenruo wrote: > Btrfs-progs already has comprehensive type checker, to ensure there is > only 0 (SINGLE profile) or 1 (DUP/RAID0/1/5/6/10) bit set for chunk > profile bits. > > Do the same work for kernel. > > Reported-by: Yoon Jungyeon <jungyeon@gatech.edu> > Link: https://bugzilla.kernel.org/show_bug.cgi?id=202765 > Signed-off-by: Qu Wenruo <wqu@suse.com> Reviewed-by: Nikolay Borisov <nborisov@suse.com> > --- > fs/btrfs/tree-checker.c | 7 +++++++ > 1 file changed, 7 insertions(+) > > diff --git a/fs/btrfs/tree-checker.c b/fs/btrfs/tree-checker.c > index 5ccb4be583ea..c08609627720 100644 > --- a/fs/btrfs/tree-checker.c > +++ b/fs/btrfs/tree-checker.c > @@ -551,6 +551,13 @@ int btrfs_check_chunk_valid(struct btrfs_fs_info *fs_info, > return -EUCLEAN; > } > > + if (!is_power_of_2(type & BTRFS_BLOCK_GROUP_PROFILE_MASK) && > + (type & BTRFS_BLOCK_GROUP_PROFILE_MASK) != 0) { > + chunk_err(fs_info, leaf, chunk, logical, > + "invalid chunk profile flag: 0x%llx, expect 0 or 1 bit set", > + type & BTRFS_BLOCK_GROUP_PROFILE_MASK); > + return -EUCLEAN; > + } > if ((type & BTRFS_BLOCK_GROUP_TYPE_MASK) == 0) { > chunk_err(fs_info, leaf, chunk, logical, > "missing chunk type flag: 0x%llx", type); >
diff --git a/fs/btrfs/tree-checker.c b/fs/btrfs/tree-checker.c index 5ccb4be583ea..c08609627720 100644 --- a/fs/btrfs/tree-checker.c +++ b/fs/btrfs/tree-checker.c @@ -551,6 +551,13 @@ int btrfs_check_chunk_valid(struct btrfs_fs_info *fs_info, return -EUCLEAN; } + if (!is_power_of_2(type & BTRFS_BLOCK_GROUP_PROFILE_MASK) && + (type & BTRFS_BLOCK_GROUP_PROFILE_MASK) != 0) { + chunk_err(fs_info, leaf, chunk, logical, + "invalid chunk profile flag: 0x%llx, expect 0 or 1 bit set", + type & BTRFS_BLOCK_GROUP_PROFILE_MASK); + return -EUCLEAN; + } if ((type & BTRFS_BLOCK_GROUP_TYPE_MASK) == 0) { chunk_err(fs_info, leaf, chunk, logical, "missing chunk type flag: 0x%llx", type);
Btrfs-progs already has comprehensive type checker, to ensure there is only 0 (SINGLE profile) or 1 (DUP/RAID0/1/5/6/10) bit set for chunk profile bits. Do the same work for kernel. Reported-by: Yoon Jungyeon <jungyeon@gatech.edu> Link: https://bugzilla.kernel.org/show_bug.cgi?id=202765 Signed-off-by: Qu Wenruo <wqu@suse.com> --- fs/btrfs/tree-checker.c | 7 +++++++ 1 file changed, 7 insertions(+)