xfs: fix agblocks check in the cow leftover recovery function

Source kernel commit: f1fdc8207840672a46f26414f2c989ec078a153b

As we've seen, refcount records use the upper bit of the rc_startblock
field to ensure that all the refcount records are at the right side of
the refcount btree.  This works because an AG is never allowed to have
more than (1U << 31) blocks in it.  If we ever encounter a filesystem
claiming to have that many blocks, we absolutely do not want reflink
touching it at all.

However, this test at the start of xfs_refcount_recover_cow_leftovers is
slightly incorrect -- it /should/ be checking that agblocks isn't larger
than the XFS_MAX_CRC_AG_BLOCKS constant, and it should check that the
constant is never large enough to conflict with that CoW flag.

Note that the V5 superblock verifier has not historically rejected
filesystems where agblocks >= XFS_MAX_CRC_AG_BLOCKS, which is why this
ended up in the COW recovery routine.

Signed-off-by: Darrick J. Wong <djwong@kernel.org>
Reviewed-by: Dave Chinner <dchinner@redhat.com>
Signed-off-by: Carlos Maiolino <cem@kernel.org>

diff --git a/libxfs/xfs_refcount.c b/libxfs/xfs_refcount.c
index 179b68679243b7123364ba00b42e9a07436d68c4..52983aeef11b2e16f6339825a8b5fcc86bd82264 100644 (file)
--- a/libxfs/xfs_refcount.c
+++ b/libxfs/xfs_refcount.c
@@ -1795,7 +1795,9 @@ xfs_refcount_recover_cow_leftovers(
        xfs_fsblock_t                   fsb;
        int                             error;
 
-       if (mp->m_sb.sb_agblocks >= XFS_REFC_COW_START)
+       /* reflink filesystems mustn't have AGs larger than 2^31-1 blocks */
+       BUILD_BUG_ON(XFS_MAX_CRC_AG_BLOCKS >= XFS_REFC_COW_START);
+       if (mp->m_sb.sb_agblocks > XFS_MAX_CRC_AG_BLOCKS)
                return -EOPNOTSUPP;
 
        INIT_LIST_HEAD(&debris);