libxfs: add more bounds checking to sb sanity checks

Source kernel commit: 8756a5af18191a471e670cc577aea60b652fea4c

Current sb verifier doesn't check bounds on sb_fdblocks and sb_ifree.
Add sanity checks for these parameters.

Signed-off-by: Bill O'Donnell <billodo@redhat.com>
[darrick: port to refactored sb validation predicates]
Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com>
Reviewed-by: Eric Sandeen <sandeen@redhat.com>
Signed-off-by: Eric Sandeen <sandeen@sandeen.net>

diff --git a/libxfs/xfs_sb.c b/libxfs/xfs_sb.c
index c9ad7e3646af8cfef034e2c823c85a66ff63c000..85210df8c04c400f8e62959b70450bf9dca2b4d0 100644 (file)
--- a/libxfs/xfs_sb.c
+++ b/libxfs/xfs_sb.c
@@ -147,6 +147,18 @@ xfs_validate_sb_write(
        struct xfs_mount        *mp,
        struct xfs_sb           *sbp)
 {
+       /*
+        * Carry out additional sb summary counter sanity checks when we write
+        * the superblock.  We skip this in the read validator because there
+        * could be newer superblocks in the log and if the values are garbage
+        * we'll recalculate them at the end of log mount.
+        */
+       if (sbp->sb_fdblocks > sbp->sb_dblocks ||
+           sbp->sb_ifree > sbp->sb_icount) {
+               xfs_warn(mp, "SB summary counter sanity check failed");
+               return -EFSCORRUPTED;
+       }
+
        if (XFS_SB_VERSION_NUM(sbp) != XFS_SB_VERSION_5)
                return 0;