From 0cf6a3a996001599a4cc6971b09b30c10475314c Mon Sep 17 00:00:00 2001 From: "Darrick J. Wong" Date: Wed, 18 Apr 2018 14:46:07 -0500 Subject: [PATCH] xfs: refactor bmap record validation Source kernel commit: 30b0984d9117dd14c895265886d34335856b712b Refactor the bmap validator into a more complete helper that looks for extents that run off the end of the device, overflow into the next AG, or have invalid flag states. Signed-off-by: Darrick J. Wong Reviewed-by: Brian Foster Signed-off-by: Eric Sandeen --- include/libxfs.h | 1 + libxfs/libxfs_api_defs.h | 1 + libxfs/libxfs_priv.h | 1 + libxfs/xfs_bmap.c | 46 +++++++++++++++++++++++++++++++++++++--- libxfs/xfs_bmap.h | 3 +++ libxfs/xfs_bmap_btree.h | 14 ------------ libxfs/xfs_inode_fork.c | 12 +++++++---- 7 files changed, 57 insertions(+), 21 deletions(-) diff --git a/include/libxfs.h b/include/libxfs.h index c5fb396e2..fbaae089a 100644 --- a/include/libxfs.h +++ b/include/libxfs.h @@ -227,6 +227,7 @@ libxfs_bmbt_disk_get_all( /* XXX: this is clearly a bug - a shared header needs to export this */ /* xfs_rtalloc.c */ int libxfs_rtfree_extent(struct xfs_trans *, xfs_rtblock_t, xfs_extlen_t); +bool libxfs_verify_rtbno(struct xfs_mount *mp, xfs_rtblock_t rtbno); /* XXX: need parts of xfs_attr.h in userspace */ #define LIBXFS_ATTR_ROOT 0x0002 /* use attrs in root namespace */ diff --git a/libxfs/libxfs_api_defs.h b/libxfs/libxfs_api_defs.h index 389f480f2..48cf25be0 100644 --- a/libxfs/libxfs_api_defs.h +++ b/libxfs/libxfs_api_defs.h @@ -77,6 +77,7 @@ #define xfs_bunmapi libxfs_bunmapi #define xfs_bmbt_get_all libxfs_bmbt_get_all #define xfs_rtfree_extent libxfs_rtfree_extent +#define xfs_verify_rtbno libxfs_verify_rtbno #define xfs_zero_extent libxfs_zero_extent #define xfs_defer_init libxfs_defer_init diff --git a/libxfs/libxfs_priv.h b/libxfs/libxfs_priv.h index cc19d509d..9a019b7ef 100644 --- a/libxfs/libxfs_priv.h +++ b/libxfs/libxfs_priv.h @@ -543,6 +543,7 @@ void xfs_inode_verifier_error(struct xfs_inode *ip, int error, /* XXX: this is clearly a bug - a shared header needs to export this */ /* xfs_rtalloc.c */ int libxfs_rtfree_extent(struct xfs_trans *, xfs_rtblock_t, xfs_extlen_t); +bool libxfs_verify_rtbno(struct xfs_mount *mp, xfs_rtblock_t rtbno); struct xfs_rtalloc_rec { xfs_rtblock_t ar_startblock; diff --git a/libxfs/xfs_bmap.c b/libxfs/xfs_bmap.c index afc569cf4..eca3e3da1 100644 --- a/libxfs/xfs_bmap.c +++ b/libxfs/xfs_bmap.c @@ -1252,11 +1252,15 @@ xfs_iread_extents( */ frp = XFS_BMBT_REC_ADDR(mp, block, 1); for (j = 0; j < num_recs; j++, frp++, i++) { + xfs_failaddr_t fa; + xfs_bmbt_disk_get_all(frp, &new); - if (!xfs_bmbt_validate_extent(mp, whichfork, &new)) { - XFS_ERROR_REPORT("xfs_bmap_read_extents(2)", - XFS_ERRLEVEL_LOW, mp); + fa = xfs_bmap_validate_extent(ip, whichfork, &new); + if (fa) { error = -EFSCORRUPTED; + xfs_inode_verifier_error(ip, error, + "xfs_iread_extents(2)", + frp, sizeof(*frp), fa); goto out_brelse; } xfs_iext_insert(ip, &icur, &new, state); @@ -6145,3 +6149,39 @@ xfs_bmap_finish_one( return error; } + +/* Check that an inode's extent does not have invalid flags or bad ranges. */ +xfs_failaddr_t +xfs_bmap_validate_extent( + struct xfs_inode *ip, + int whichfork, + struct xfs_bmbt_irec *irec) +{ + struct xfs_mount *mp = ip->i_mount; + xfs_fsblock_t endfsb; + bool isrt; + + isrt = XFS_IS_REALTIME_INODE(ip); + endfsb = irec->br_startblock + irec->br_blockcount - 1; + if (isrt) { + if (!xfs_verify_rtbno(mp, irec->br_startblock)) + return __this_address; + if (!xfs_verify_rtbno(mp, endfsb)) + return __this_address; + } else { + if (!xfs_verify_fsbno(mp, irec->br_startblock)) + return __this_address; + if (!xfs_verify_fsbno(mp, endfsb)) + return __this_address; + if (XFS_FSB_TO_AGNO(mp, irec->br_startblock) != + XFS_FSB_TO_AGNO(mp, endfsb)) + return __this_address; + } + if (irec->br_state != XFS_EXT_NORM) { + if (whichfork != XFS_DATA_FORK) + return __this_address; + if (!xfs_sb_version_hasextflgbit(&mp->m_sb)) + return __this_address; + } + return NULL; +} diff --git a/libxfs/xfs_bmap.h b/libxfs/xfs_bmap.h index e36d75799..f3be64162 100644 --- a/libxfs/xfs_bmap.h +++ b/libxfs/xfs_bmap.h @@ -274,4 +274,7 @@ static inline int xfs_bmap_fork_to_state(int whichfork) } } +xfs_failaddr_t xfs_bmap_validate_extent(struct xfs_inode *ip, int whichfork, + struct xfs_bmbt_irec *irec); + #endif /* __XFS_BMAP_H__ */ diff --git a/libxfs/xfs_bmap_btree.h b/libxfs/xfs_bmap_btree.h index 135b8c56d..e4505746c 100644 --- a/libxfs/xfs_bmap_btree.h +++ b/libxfs/xfs_bmap_btree.h @@ -118,18 +118,4 @@ extern int xfs_bmbt_change_owner(struct xfs_trans *tp, struct xfs_inode *ip, extern struct xfs_btree_cur *xfs_bmbt_init_cursor(struct xfs_mount *, struct xfs_trans *, struct xfs_inode *, int); -/* - * Check that the extent does not contain an invalid unwritten extent flag. - */ -static inline bool xfs_bmbt_validate_extent(struct xfs_mount *mp, int whichfork, - struct xfs_bmbt_irec *irec) -{ - if (irec->br_state == XFS_EXT_NORM) - return true; - if (whichfork == XFS_DATA_FORK && - xfs_sb_version_hasextflgbit(&mp->m_sb)) - return true; - return false; -} - #endif /* __XFS_BMAP_BTREE_H__ */ diff --git a/libxfs/xfs_inode_fork.c b/libxfs/xfs_inode_fork.c index d75db5bdb..dd622d7be 100644 --- a/libxfs/xfs_inode_fork.c +++ b/libxfs/xfs_inode_fork.c @@ -242,10 +242,14 @@ xfs_iformat_extents( xfs_iext_first(ifp, &icur); for (i = 0; i < nex; i++, dp++) { + xfs_failaddr_t fa; + xfs_bmbt_disk_get_all(dp, &new); - if (!xfs_bmbt_validate_extent(mp, whichfork, &new)) { - XFS_ERROR_REPORT("xfs_iformat_extents(2)", - XFS_ERRLEVEL_LOW, mp); + fa = xfs_bmap_validate_extent(ip, whichfork, &new); + if (fa) { + xfs_inode_verifier_error(ip, -EFSCORRUPTED, + "xfs_iformat_extents(2)", + dp, sizeof(*dp), fa); return -EFSCORRUPTED; } @@ -592,7 +596,7 @@ xfs_iextents_copy( for_each_xfs_iext(ifp, &icur, &rec) { if (isnullstartblock(rec.br_startblock)) continue; - ASSERT(xfs_bmbt_validate_extent(ip->i_mount, whichfork, &rec)); + ASSERT(xfs_bmap_validate_extent(ip, whichfork, &rec) == NULL); xfs_bmbt_disk_set_all(dp, &rec); trace_xfs_write_extent(ip, &icur, state, _RET_IP_); copied += sizeof(struct xfs_bmbt_rec); -- 2.47.2