diff mbox series

[04/10] xfs: improve the code that checks recovered rmap intent items

Message ID 160679388445.447963.9471776418395898485.stgit@magnolia (mailing list archive)
State Superseded, archived
Headers show
Series xfs: strengthen log intent validation | expand

Commit Message

Darrick J. Wong Dec. 1, 2020, 3:38 a.m. UTC 
From: Darrick J. Wong <darrick.wong@oracle.com>

The code that validates recovered rmap intent items is kind of a mess --
it doesn't use the standard xfs type validators, and it doesn't check
for things that it should.  Fix the validator function to use the
standard validation helpers and look for more types of obvious errors.

Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com>
---
 fs/xfs/xfs_rmap_item.c |   31 +++++++++++++++++++------------
 1 file changed, 19 insertions(+), 12 deletions(-)

Comments

Christoph Hellwig Dec. 1, 2020, 10:05 a.m. UTC | #1 
On Mon, Nov 30, 2020 at 07:38:04PM -0800, Darrick J. Wong wrote:
> +	if (!xfs_verify_ino(mp, rmap->me_owner) &&
> +	    !XFS_RMAP_NON_INODE_OWNER(rmap->me_owner))
> +		return false;

Wouldn't it make sense to reverse the order of the checks here?

> +	end = rmap->me_startblock + rmap->me_len - 1;
> +	if (!xfs_verify_fsbno(mp, rmap->me_startblock) ||
> +	    !xfs_verify_fsbno(mp, end))
>  		return false;

Nit: why not simply:

	if (!xfs_verify_fsbno(mp, rmap->me_startblock))
		return false;
	if (!xfs_verify_fsbno(mp, rmap->me_startblock + rmap->me_len - 1))
		return false;

?
Darrick J. Wong Dec. 1, 2020, 4:33 p.m. UTC | #2 
On Tue, Dec 01, 2020 at 10:05:35AM +0000, Christoph Hellwig wrote:
> On Mon, Nov 30, 2020 at 07:38:04PM -0800, Darrick J. Wong wrote:
> > +	if (!xfs_verify_ino(mp, rmap->me_owner) &&
> > +	    !XFS_RMAP_NON_INODE_OWNER(rmap->me_owner))
> > +		return false;
> 
> Wouldn't it make sense to reverse the order of the checks here?

Yep.  Fixed.

> > +	end = rmap->me_startblock + rmap->me_len - 1;
> > +	if (!xfs_verify_fsbno(mp, rmap->me_startblock) ||
> > +	    !xfs_verify_fsbno(mp, end))
> >  		return false;
> 
> Nit: why not simply:
> 
> 	if (!xfs_verify_fsbno(mp, rmap->me_startblock))
> 		return false;
> 	if (!xfs_verify_fsbno(mp, rmap->me_startblock + rmap->me_len - 1))
> 		return false;
> 
> ?

Yeah.

--D
diff mbox series

Patch

diff --git a/fs/xfs/xfs_rmap_item.c b/fs/xfs/xfs_rmap_item.c
index 871ed7fc43ee..2779cbee8fa8 100644
--- a/fs/xfs/xfs_rmap_item.c
+++ b/fs/xfs/xfs_rmap_item.c
@@ -466,11 +466,11 @@  xfs_rui_validate_map(
 	struct xfs_mount		*mp,
 	struct xfs_map_extent		*rmap)
 {
-	xfs_fsblock_t			startblock_fsb;
-	bool				op_ok;
+	xfs_fsblock_t			end;
+
+	if (rmap->me_flags & ~XFS_RMAP_EXTENT_FLAGS)
+		return false;
 
-	startblock_fsb = XFS_BB_TO_FSB(mp,
-			   XFS_FSB_TO_DADDR(mp, rmap->me_startblock));
 	switch (rmap->me_flags & XFS_RMAP_EXTENT_TYPE_MASK) {
 	case XFS_RMAP_EXTENT_MAP:
 	case XFS_RMAP_EXTENT_MAP_SHARED:
@@ -480,17 +480,24 @@  xfs_rui_validate_map(
 	case XFS_RMAP_EXTENT_CONVERT_SHARED:
 	case XFS_RMAP_EXTENT_ALLOC:
 	case XFS_RMAP_EXTENT_FREE:
-		op_ok = true;
 		break;
 	default:
-		op_ok = false;
-		break;
+		return false;
 	}
-	if (!op_ok || startblock_fsb == 0 ||
-	    rmap->me_len == 0 ||
-	    startblock_fsb >= mp->m_sb.sb_dblocks ||
-	    rmap->me_len >= mp->m_sb.sb_agblocks ||
-	    (rmap->me_flags & ~XFS_RMAP_EXTENT_FLAGS))
+
+	if (!xfs_verify_ino(mp, rmap->me_owner) &&
+	    !XFS_RMAP_NON_INODE_OWNER(rmap->me_owner))
+		return false;
+
+	if (rmap->me_startoff + rmap->me_len <= rmap->me_startoff)
+		return false;
+
+	if (rmap->me_startblock + rmap->me_len <= rmap->me_startblock)
+		return false;
+
+	end = rmap->me_startblock + rmap->me_len - 1;
+	if (!xfs_verify_fsbno(mp, rmap->me_startblock) ||
+	    !xfs_verify_fsbno(mp, end))
 		return false;
 
 	return true;