| Message ID | 20230529000825.2325477-3-david@fromorbit.com (mailing list archive) |
|---|---|
| State | Accepted |
| Headers | show |
| Series | xfs: improve AGF/AGFL verification | expand |
Looks good:
Reviewed-by: Christoph Hellwig <hch@lst.de>
On Mon, May 29, 2023 at 10:08:24AM +1000, Dave Chinner wrote: > From: Dave Chinner <dchinner@redhat.com> > > If the agfl or the indexing in the AGF has been corrupted, getting a > block form the AGFL could return an invalid block number. If this > happens, bad things happen. Check the agbno we pull off the AGFL > and return -EFSCORRUPTED if we find somethign bad. > > Signed-off-by: Dave Chinner <dchinner@redhat.com> This looks like a good addition to me, Reviewed-by: Darrick J. Wong <djwong@kernel.org> --D > --- > fs/xfs/libxfs/xfs_alloc.c | 3 +++ > 1 file changed, 3 insertions(+) > > diff --git a/fs/xfs/libxfs/xfs_alloc.c b/fs/xfs/libxfs/xfs_alloc.c > index fd3293a8c659..643d17877832 100644 > --- a/fs/xfs/libxfs/xfs_alloc.c > +++ b/fs/xfs/libxfs/xfs_alloc.c > @@ -2780,6 +2780,9 @@ xfs_alloc_get_freelist( > */ > agfl_bno = xfs_buf_to_agfl_bno(agflbp); > bno = be32_to_cpu(agfl_bno[be32_to_cpu(agf->agf_flfirst)]); > + if (XFS_IS_CORRUPT(tp->t_mountp, !xfs_verify_agbno(pag, bno))) > + return -EFSCORRUPTED; > + > be32_add_cpu(&agf->agf_flfirst, 1); > xfs_trans_brelse(tp, agflbp); > if (be32_to_cpu(agf->agf_flfirst) == xfs_agfl_size(mp)) > -- > 2.40.1 >
diff --git a/fs/xfs/libxfs/xfs_alloc.c b/fs/xfs/libxfs/xfs_alloc.c index fd3293a8c659..643d17877832 100644 --- a/fs/xfs/libxfs/xfs_alloc.c +++ b/fs/xfs/libxfs/xfs_alloc.c @@ -2780,6 +2780,9 @@ xfs_alloc_get_freelist( */ agfl_bno = xfs_buf_to_agfl_bno(agflbp); bno = be32_to_cpu(agfl_bno[be32_to_cpu(agf->agf_flfirst)]); + if (XFS_IS_CORRUPT(tp->t_mountp, !xfs_verify_agbno(pag, bno))) + return -EFSCORRUPTED; + be32_add_cpu(&agf->agf_flfirst, 1); xfs_trans_brelse(tp, agflbp); if (be32_to_cpu(agf->agf_flfirst) == xfs_agfl_size(mp))