diff options
Diffstat (limited to '0001-xfs-enhance-dinode-verifier.patch')
| -rw-r--r-- | 0001-xfs-enhance-dinode-verifier.patch | 72 |
1 files changed, 72 insertions, 0 deletions
diff --git a/0001-xfs-enhance-dinode-verifier.patch b/0001-xfs-enhance-dinode-verifier.patch new file mode 100644 index 000000000..230e79387 --- /dev/null +++ b/0001-xfs-enhance-dinode-verifier.patch @@ -0,0 +1,72 @@ +From b42db0860e13067fcc7cbfba3966c9e652668bbc Mon Sep 17 00:00:00 2001 +From: Eric Sandeen <sandeen@sandeen.net> +Date: Mon, 16 Apr 2018 23:06:53 -0700 +Subject: [PATCH] xfs: enhance dinode verifier + +Add several more validations to xfs_dinode_verify: + +- For LOCAL data fork formats, di_nextents must be 0. +- For LOCAL attr fork formats, di_anextents must be 0. +- For inodes with no attr fork offset, + - format must be XFS_DINODE_FMT_EXTENTS if set at all + - di_anextents must be 0. + +Thanks to dchinner for pointing out a couple related checks I had +forgotten to add. + +Signed-off-by: Eric Sandeen <sandeen@redhat.com> +Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=199377 +Reviewed-by: Darrick J. Wong <darrick.wong@oracle.com> +Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com> +--- + fs/xfs/libxfs/xfs_inode_buf.c | 21 +++++++++++++++++++++ + 1 file changed, 21 insertions(+) + +diff --git a/fs/xfs/libxfs/xfs_inode_buf.c b/fs/xfs/libxfs/xfs_inode_buf.c +index ef68b1de006a..1201107eabc6 100644 +--- a/fs/xfs/libxfs/xfs_inode_buf.c ++++ b/fs/xfs/libxfs/xfs_inode_buf.c +@@ -466,6 +466,8 @@ xfs_dinode_verify( + return __this_address; + if (di_size > XFS_DFORK_DSIZE(dip, mp)) + return __this_address; ++ if (dip->di_nextents) ++ return __this_address; + /* fall through */ + case XFS_DINODE_FMT_EXTENTS: + case XFS_DINODE_FMT_BTREE: +@@ -484,12 +486,31 @@ xfs_dinode_verify( + if (XFS_DFORK_Q(dip)) { + switch (dip->di_aformat) { + case XFS_DINODE_FMT_LOCAL: ++ if (dip->di_anextents) ++ return __this_address; ++ /* fall through */ + case XFS_DINODE_FMT_EXTENTS: + case XFS_DINODE_FMT_BTREE: + break; + default: + return __this_address; + } ++ } else { ++ /* ++ * If there is no fork offset, this may be a freshly-made inode ++ * in a new disk cluster, in which case di_aformat is zeroed. ++ * Otherwise, such an inode must be in EXTENTS format; this goes ++ * for freed inodes as well. ++ */ ++ switch (dip->di_aformat) { ++ case 0: ++ case XFS_DINODE_FMT_EXTENTS: ++ break; ++ default: ++ return __this_address; ++ } ++ if (dip->di_anextents) ++ return __this_address; + } + + /* only version 3 or greater inodes are extensively verified here */ +-- +2.17.0 + |