| Message ID | 20180321032158.GR1757@magnolia (mailing list archive) |
|---|---|
| State | Accepted |
| Headers | show |
On Tue, Mar 20, 2018 at 08:21:58PM -0700, Darrick J. Wong wrote: > From: Darrick J. Wong <darrick.wong@oracle.com> > > If a directory's parent inode pointer doesn't point to an inode, flag > the directory as corrupt. Enable IGET_UNTRUSTED here so that we > can confirm with the inobt that the inode is present and allocated. > > Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com> > --- > fs/xfs/scrub/parent.c | 9 +++++++-- > 1 file changed, 7 insertions(+), 2 deletions(-) > > diff --git a/fs/xfs/scrub/parent.c b/fs/xfs/scrub/parent.c > index 0d38514..d1547ca 100644 > --- a/fs/xfs/scrub/parent.c > +++ b/fs/xfs/scrub/parent.c > @@ -167,9 +167,14 @@ xfs_scrub_parent_validate( > * if the parent pointer erroneously points to a file, we > * can't use DONTCACHE here because DONTCACHE inodes can trigger > * immediate inactive cleanup of the inode. > + * > + * If _iget returns -EINVAL then the parent inode number is garbage > + * and the directory is corrupt. > */ > - error = xfs_iget(mp, sc->tp, dnum, 0, 0, &dp); > - if (!xfs_scrub_fblock_xref_process_error(sc, XFS_DATA_FORK, 0, &error)) > + error = xfs_iget(mp, sc->tp, dnum, XFS_IGET_UNTRUSTED, 0, &dp); > + if (error == -EINVAL) > + error = -EFSCORRUPTED; > + if (!xfs_scrub_fblock_process_error(sc, XFS_DATA_FORK, 0, &error)) Ok, but it looks like we're also changing the error semantics here (xref_process_error() -> process_error()). Could you comment on that in the commit log as well? With that, looks fine: Reviewed-by: Brian Foster <bfoster@redhat.com> > goto out; > if (dp == sc->ip || !S_ISDIR(VFS_I(dp)->i_mode)) { > xfs_scrub_fblock_set_corrupt(sc, XFS_DATA_FORK, 0); > -- > To unsubscribe from this list: send the line "unsubscribe linux-xfs" in > the body of a message to majordomo@vger.kernel.org > More majordomo info at http://vger.kernel.org/majordomo-info.html -- To unsubscribe from this list: send the line "unsubscribe linux-xfs" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On Thu, Mar 22, 2018 at 10:34:35AM -0400, Brian Foster wrote: > On Tue, Mar 20, 2018 at 08:21:58PM -0700, Darrick J. Wong wrote: > > From: Darrick J. Wong <darrick.wong@oracle.com> > > > > If a directory's parent inode pointer doesn't point to an inode, flag > > the directory as corrupt. Enable IGET_UNTRUSTED here so that we > > can confirm with the inobt that the inode is present and allocated. > > > > Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com> > > --- > > fs/xfs/scrub/parent.c | 9 +++++++-- > > 1 file changed, 7 insertions(+), 2 deletions(-) > > > > diff --git a/fs/xfs/scrub/parent.c b/fs/xfs/scrub/parent.c > > index 0d38514..d1547ca 100644 > > --- a/fs/xfs/scrub/parent.c > > +++ b/fs/xfs/scrub/parent.c > > @@ -167,9 +167,14 @@ xfs_scrub_parent_validate( > > * if the parent pointer erroneously points to a file, we > > * can't use DONTCACHE here because DONTCACHE inodes can trigger > > * immediate inactive cleanup of the inode. > > + * > > + * If _iget returns -EINVAL then the parent inode number is garbage > > + * and the directory is corrupt. > > */ > > - error = xfs_iget(mp, sc->tp, dnum, 0, 0, &dp); > > - if (!xfs_scrub_fblock_xref_process_error(sc, XFS_DATA_FORK, 0, &error)) > > + error = xfs_iget(mp, sc->tp, dnum, XFS_IGET_UNTRUSTED, 0, &dp); > > + if (error == -EINVAL) > > + error = -EFSCORRUPTED; > > + if (!xfs_scrub_fblock_process_error(sc, XFS_DATA_FORK, 0, &error)) > > Ok, but it looks like we're also changing the error semantics here > (xref_process_error() -> process_error()). Could you comment on that in > the commit log as well? Ok, though it occurs to me that iget returning EFSCORRUPTED is still an xref error, not a corruption error, so this really ought to be: error = xfs_iget(mp, sc->tp, dnum, XFS_IGET_UNTRUSTED, 0, &dp); if (error == -EINVAL) { error = -EFSCORRUPTED; xfs_scrub_fblock_process_error(sc, XFS_DATA_FORK, 0, &error); goto out; } if (!xfs_scrub_fblock_xref_process_error(sc, XFS_DATA_FORK, 0, &error)) goto out; So I'll fix the code + commit message and send out a new patch. Thanks for reviewing! --D > With that, looks fine: > > Reviewed-by: Brian Foster <bfoster@redhat.com> > > > goto out; > > if (dp == sc->ip || !S_ISDIR(VFS_I(dp)->i_mode)) { > > xfs_scrub_fblock_set_corrupt(sc, XFS_DATA_FORK, 0); > > -- > > To unsubscribe from this list: send the line "unsubscribe linux-xfs" in > > the body of a message to majordomo@vger.kernel.org > > More majordomo info at http://vger.kernel.org/majordomo-info.html > -- > To unsubscribe from this list: send the line "unsubscribe linux-xfs" in > the body of a message to majordomo@vger.kernel.org > More majordomo info at http://vger.kernel.org/majordomo-info.html -- To unsubscribe from this list: send the line "unsubscribe linux-xfs" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/fs/xfs/scrub/parent.c b/fs/xfs/scrub/parent.c index 0d38514..d1547ca 100644 --- a/fs/xfs/scrub/parent.c +++ b/fs/xfs/scrub/parent.c @@ -167,9 +167,14 @@ xfs_scrub_parent_validate( * if the parent pointer erroneously points to a file, we * can't use DONTCACHE here because DONTCACHE inodes can trigger * immediate inactive cleanup of the inode. + * + * If _iget returns -EINVAL then the parent inode number is garbage + * and the directory is corrupt. */ - error = xfs_iget(mp, sc->tp, dnum, 0, 0, &dp); - if (!xfs_scrub_fblock_xref_process_error(sc, XFS_DATA_FORK, 0, &error)) + error = xfs_iget(mp, sc->tp, dnum, XFS_IGET_UNTRUSTED, 0, &dp); + if (error == -EINVAL) + error = -EFSCORRUPTED; + if (!xfs_scrub_fblock_process_error(sc, XFS_DATA_FORK, 0, &error)) goto out; if (dp == sc->ip || !S_ISDIR(VFS_I(dp)->i_mode)) { xfs_scrub_fblock_set_corrupt(sc, XFS_DATA_FORK, 0);