projects / platform / kernel / linux-rpi.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 8bb82bc)
xfs: don't accept inode buffers with suspicious unlinked chains
authorDarrick J. Wong <darrick.wong@oracle.com>
Fri, 23 Mar 2018 17:06:56 +0000 (10:06 -0700)
committerDarrick J. Wong <darrick.wong@oracle.com>
Sat, 24 Mar 2018 01:05:08 +0000 (18:05 -0700)
When we're verifying inode buffers, sanity-check the unlinked pointer.
We don't want to run the risk of trying to purge something that's
obviously broken.

Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com>
Reviewed-by: Brian Foster <bfoster@redhat.com>
fs/xfs/libxfs/xfs_inode_buf.c patch | blob | history

diff --git a/fs/xfs/libxfs/xfs_inode_buf.c b/fs/xfs/libxfs/xfs_inode_buf.c
index cdd4c1d..f0cfcd7 100644 (file)
--- a/fs/xfs/libxfs/xfs_inode_buf.c
+++ b/fs/xfs/libxfs/xfs_inode_buf.c
@@ -93,20 +93,26 @@ xfs_inode_buf_verify(
        bool            readahead)
 {
        struct xfs_mount *mp = bp->b_target->bt_mount;
+       xfs_agnumber_t  agno;
        int             i;
        int             ni;
 
        /*
         * Validate the magic number and version of every inode in the buffer
         */
+       agno = xfs_daddr_to_agno(mp, XFS_BUF_ADDR(bp));
        ni = XFS_BB_TO_FSB(mp, bp->b_length) * mp->m_sb.sb_inopblock;
        for (i = 0; i < ni; i++) {
                int             di_ok;
                xfs_dinode_t    *dip;
+               xfs_agino_t     unlinked_ino;
 
                dip = xfs_buf_offset(bp, (i << mp->m_sb.sb_inodelog));
+               unlinked_ino = be32_to_cpu(dip->di_next_unlinked);
                di_ok = dip->di_magic == cpu_to_be16(XFS_DINODE_MAGIC) &&
-                       xfs_dinode_good_version(mp, dip->di_version);
+                       xfs_dinode_good_version(mp, dip->di_version) &&
+                       (unlinked_ino == NULLAGINO ||
+                        xfs_verify_agino(mp, agno, unlinked_ino));
                if (unlikely(XFS_TEST_ERROR(!di_ok, mp,
                                                XFS_ERRTAG_ITOBP_INOTOBP))) {
                        if (readahead) {
@@ -124,9 +130,9 @@ xfs_inode_buf_verify(
                        xfs_buf_verifier_error(bp, -EFSCORRUPTED,
                                        __func__, dip, sizeof(*dip),
                                        NULL);
+                       return;
                }
        }
-       xfs_inobp_check(mp, bp);
 }
 
 
Domain: System / Kernel;