| Message ID | 158388767279.939165.8430173747192985972.stgit@magnolia (mailing list archive) |
|---|---|
| State | Accepted |
| Headers | show |
| Series | xfs: fix errors in various verifiers | expand |
On Tue, Mar 10, 2020 at 05:47:52PM -0700, Darrick J. Wong wrote: > From: Darrick J. Wong <darrick.wong@oracle.com> > > Check the owner field of dir3 data block headers. If it's corrupt, > release the buffer and return EFSCORRUPTED. All callers handle this > properly. > > Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com> > --- > fs/xfs/libxfs/xfs_dir2_data.c | 31 ++++++++++++++++++++++++++++++- > 1 file changed, 30 insertions(+), 1 deletion(-) > > > diff --git a/fs/xfs/libxfs/xfs_dir2_data.c b/fs/xfs/libxfs/xfs_dir2_data.c > index b9eba8213180..8de9611387e5 100644 > --- a/fs/xfs/libxfs/xfs_dir2_data.c > +++ b/fs/xfs/libxfs/xfs_dir2_data.c > @@ -394,6 +394,22 @@ static const struct xfs_buf_ops xfs_dir3_data_reada_buf_ops = { > .verify_write = xfs_dir3_data_write_verify, > }; > > +static xfs_failaddr_t > +xfs_dir3_data_header_check( > + struct xfs_inode *dp, > + struct xfs_buf *bp) > +{ > + struct xfs_mount *mp = dp->i_mount; > + > + if (xfs_sb_version_hascrc(&mp->m_sb)) { > + struct xfs_dir3_data_hdr *hdr3 = bp->b_addr; > + > + if (be64_to_cpu(hdr3->hdr.owner) != dp->i_ino) > + return __this_address; > + } > + > + return NULL; > +} > > int > xfs_dir3_data_read( > @@ -403,11 +419,24 @@ xfs_dir3_data_read( > unsigned int flags, > struct xfs_buf **bpp) > { > + xfs_failaddr_t fa; > int err; > > err = xfs_da_read_buf(tp, dp, bno, flags, bpp, XFS_DATA_FORK, > &xfs_dir3_data_buf_ops); > - if (!err && tp && *bpp) > + if (err || !*bpp) > + return err; > + > + /* Check things that we can't do in the verifier. */ > + fa = xfs_dir3_data_header_check(dp, *bpp); > + if (fa) { > + __xfs_buf_mark_corrupt(*bpp, fa); > + xfs_trans_brelse(tp, *bpp); > + *bpp = NULL; > + return -EFSCORRUPTED; > + } > + > + if (tp) > xfs_trans_buf_set_type(tp, *bpp, XFS_BLFT_DIR_DATA_BUF); xfs_trans_buf_set_type() handles a null tp just fine. Otherwise OK. Reviewed-by: Dave Chinner <dchinner@redhat.com>
diff --git a/fs/xfs/libxfs/xfs_dir2_data.c b/fs/xfs/libxfs/xfs_dir2_data.c index b9eba8213180..8de9611387e5 100644 --- a/fs/xfs/libxfs/xfs_dir2_data.c +++ b/fs/xfs/libxfs/xfs_dir2_data.c @@ -394,6 +394,22 @@ static const struct xfs_buf_ops xfs_dir3_data_reada_buf_ops = { .verify_write = xfs_dir3_data_write_verify, }; +static xfs_failaddr_t +xfs_dir3_data_header_check( + struct xfs_inode *dp, + struct xfs_buf *bp) +{ + struct xfs_mount *mp = dp->i_mount; + + if (xfs_sb_version_hascrc(&mp->m_sb)) { + struct xfs_dir3_data_hdr *hdr3 = bp->b_addr; + + if (be64_to_cpu(hdr3->hdr.owner) != dp->i_ino) + return __this_address; + } + + return NULL; +} int xfs_dir3_data_read( @@ -403,11 +419,24 @@ xfs_dir3_data_read( unsigned int flags, struct xfs_buf **bpp) { + xfs_failaddr_t fa; int err; err = xfs_da_read_buf(tp, dp, bno, flags, bpp, XFS_DATA_FORK, &xfs_dir3_data_buf_ops); - if (!err && tp && *bpp) + if (err || !*bpp) + return err; + + /* Check things that we can't do in the verifier. */ + fa = xfs_dir3_data_header_check(dp, *bpp); + if (fa) { + __xfs_buf_mark_corrupt(*bpp, fa); + xfs_trans_brelse(tp, *bpp); + *bpp = NULL; + return -EFSCORRUPTED; + } + + if (tp) xfs_trans_buf_set_type(tp, *bpp, XFS_BLFT_DIR_DATA_BUF); return err; }