kpriv/linux-hardened
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
linux-hardened/fs/xfs
History
Dave Chinner 67dc288c21 xfs: ensure verifiers are attached to recovered buffers 
Crash testing of CRC enabled filesystems has resulted in a number of
reports of bad CRCs being detected after the filesystem was mounted.
Errors such as the following were being seen:

XFS (sdb3): Mounting V5 Filesystem
XFS (sdb3): Starting recovery (logdev: internal)
XFS (sdb3): Metadata CRC error detected at xfs_agf_read_verify+0x5a/0x100 [xfs], block 0x1
XFS (sdb3): Unmount and run xfs_repair
XFS (sdb3): First 64 bytes of corrupted metadata buffer:
ffff880136ffd600: 58 41 47 46 00 00 00 01 00 00 00 00 00 0f aa 40  XAGF...........@
ffff880136ffd610: 00 02 6d 53 00 02 77 f8 00 00 00 00 00 00 00 01  ..mS..w.........
ffff880136ffd620: 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 03  ................
ffff880136ffd630: 00 00 00 04 00 08 81 d0 00 08 81 a7 00 00 00 00  ................
XFS (sdb3): metadata I/O error: block 0x1 ("xfs_trans_read_buf_map") error 74 numblks 1

The errors were typically being seen in AGF, AGI and their related
btree block buffers some time after log recovery had run. Often it
wasn't until later subsequent mounts that the problem was
discovered. The common symptom was a buffer with the correct
contents, but a CRC and an LSN that matched an older version of the
contents.

Some debug added to _xfs_buf_ioapply() indicated that buffers were
being written without verifiers attached to them from log recovery,
and Jan Kara isolated the cause to log recovery readahead an dit's
interactions with buffers that had a more recent LSN on disk than
the transaction being recovered. In this case, the buffer did not
get a verifier attached, and os when the second phase of log
recovery ran and recovered EFIs and unlinked inodes, the buffers
were modified and written without the verifier running. Hence they
had up to date contents, but stale LSNs and CRCs.

Fix it by attaching verifiers to buffers we skip due to future LSN
values so they don't escape into the buffer cache without the
correct verifier attached.

This patch is based on analysis and a patch from Jan Kara.

cc: <stable@vger.kernel.org>
Reported-by: Jan Kara <jack@suse.cz>
Reported-by: Fanael Linithien <fanael4@gmail.com>
Reported-by: Grozdan <neutrino8@gmail.com>
Signed-off-by: Dave Chinner <dchinner@redhat.com>
Reviewed-by: Brian Foster <bfoster@redhat.com>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: Dave Chinner <david@fromorbit.com>
2014-08-04 12:43:06 +10:00
..
libxfs xfs: avoid false quotacheck after unclean shutdown 2014-08-04 11:35:44 +10:00
Kconfig xfs: introduce CONFIG_XFS_WARN 2013-05-07 18:45:36 -05:00
kmem.c xfs: use NOIO contexts for vm_map_ram 2014-03-07 16:19:14 +11:00
kmem.h xfs: simplify kmem_{zone_}zalloc 2013-11-06 16:31:27 -06:00
Makefile libxfs: move source files 2014-06-25 14:57:53 +10:00
mrlock.h xfs: introduce CONFIG_XFS_WARN 2013-05-07 18:45:36 -05:00
time.h
uuid.c
uuid.h
xfs.h xfs: introduce CONFIG_XFS_WARN 2013-05-07 18:45:36 -05:00
xfs_acl.c xfs: global error sign conversion 2014-06-25 14:58:08 +10:00
xfs_acl.h xfs: use generic posix ACL infrastructure 2014-01-25 23:58:21 -05:00
xfs_aops.c xfs: global error sign conversion 2014-06-25 14:58:08 +10:00
xfs_aops.h direct-io: Implement generic deferred AIO completions 2013-09-04 09:23:46 -04:00
xfs_attr.h xfs: kill xfs_vnodeops.[ch] 2013-08-12 16:53:39 -05:00
xfs_attr_inactive.c xfs: global error sign conversion 2014-06-25 14:58:08 +10:00
xfs_attr_list.c xfs: global error sign conversion 2014-06-25 14:58:08 +10:00
xfs_bit.c xfs: fix static and extern sparse warnings 2013-10-30 13:59:56 -05:00
xfs_bmap_util.c xfs: global error sign conversion 2014-06-25 14:58:08 +10:00
xfs_bmap_util.h xfs: block allocation work needs to be kswapd aware 2014-06-06 15:59:59 +10:00
xfs_buf.c xfs: catch buffers written without verifiers attached 2014-08-04 12:42:40 +10:00
xfs_buf.h xfs: global error sign conversion 2014-06-25 14:58:08 +10:00
xfs_buf_item.c xfs: global error sign conversion 2014-06-25 14:58:08 +10:00
xfs_buf_item.h xfs: decouple inode and bmap btree header files 2013-10-23 16:28:49 -05:00
xfs_dir2_readdir.c xfs: global error sign conversion 2014-06-25 14:58:08 +10:00
xfs_discard.c xfs: global error sign conversion 2014-06-25 14:58:08 +10:00
xfs_discard.h
xfs_dquot.c xfs: global error sign conversion 2014-06-25 14:58:08 +10:00
xfs_dquot.h xfs: remove dquot hints 2014-05-05 17:30:15 +10:00
xfs_dquot_item.c xfs: remove the quotaoff log format from the quotaoff log item 2013-12-13 11:34:08 +11:00
xfs_dquot_item.h xfs: remove the quotaoff log format from the quotaoff log item 2013-12-13 11:34:08 +11:00
xfs_error.c xfs: global error sign conversion 2014-06-25 14:58:08 +10:00
xfs_error.h xfs: global error sign conversion 2014-06-25 14:58:08 +10:00
xfs_export.c xfs: global error sign conversion 2014-06-25 14:58:08 +10:00
xfs_export.h
xfs_extent_busy.c xfs: decouple inode and bmap btree header files 2013-10-23 16:28:49 -05:00
xfs_extent_busy.h xfs: decouple inode and bmap btree header files 2013-10-23 16:28:49 -05:00
xfs_extfree_item.c xfs: global error sign conversion 2014-06-25 14:58:08 +10:00
xfs_extfree_item.h xfs: split out EFI/EFD log item format definition 2013-08-12 16:07:13 -05:00
xfs_file.c xfs: global error sign conversion 2014-06-25 14:58:08 +10:00
xfs_filestream.c xfs: global error sign conversion 2014-06-25 14:58:08 +10:00
xfs_filestream.h xfs: add filestream allocator tracepoints 2014-04-23 07:11:52 +10:00
xfs_fs.h xfs: report finobt status in fs geometry 2014-04-24 16:01:41 +10:00
xfs_fsops.c xfs: global error sign conversion 2014-06-25 14:58:08 +10:00
xfs_fsops.h
xfs_globals.c
xfs_icache.c xfs: global error sign conversion 2014-06-25 14:58:08 +10:00
xfs_icache.h xfs: global error sign conversion 2014-06-25 14:58:08 +10:00
xfs_icreate_item.c xfs: format log items write directly into the linear CIL buffer 2013-12-13 11:34:02 +11:00
xfs_icreate_item.h xfs: separate icreate log format definitions from xfs_icreate_item.h 2013-08-12 16:10:35 -05:00
xfs_inode.c xfs: global error sign conversion 2014-06-25 14:58:08 +10:00
xfs_inode.h Merge branch 'xfs-feature-bit-cleanup' into for-next 2014-05-20 08:57:02 +10:00
xfs_inode_item.c xfs: global error sign conversion 2014-06-25 14:58:08 +10:00
xfs_inode_item.h xfs: remove the inode log format from the inode log item 2013-12-13 11:34:05 +11:00
xfs_ioctl.c xfs: global error sign conversion 2014-06-25 14:58:08 +10:00
xfs_ioctl.h xfs: consolidate extent swap code 2013-08-12 16:56:06 -05:00
xfs_ioctl32.c xfs: global error sign conversion 2014-06-25 14:58:08 +10:00
xfs_ioctl32.h
xfs_iomap.c xfs: global error sign conversion 2014-06-25 14:58:08 +10:00
xfs_iomap.h xfs: get rid of count from xfs_iomap_write_allocate() 2013-10-01 15:42:34 -05:00
xfs_iops.c xfs: fix rounding error of fiemap length parameter 2014-08-04 11:35:35 +10:00
xfs_iops.h xfs: use generic posix ACL infrastructure 2014-01-25 23:58:21 -05:00
xfs_itable.c xfs: global error sign conversion 2014-06-25 14:58:08 +10:00
xfs_itable.h
xfs_linux.h xfs: return is not a function 2014-06-22 15:03:54 +10:00
xfs_log.c xfs: catch buffers written without verifiers attached 2014-08-04 12:42:40 +10:00
xfs_log.h xfs: log vector rounding leaks log space 2014-05-20 08:18:09 +10:00
xfs_log_cil.c xfs: global error sign conversion 2014-06-25 14:58:08 +10:00
xfs_log_priv.h xfs: decouple log and transaction headers 2013-10-23 16:17:44 -05:00
xfs_log_recover.c xfs: ensure verifiers are attached to recovered buffers 2014-08-04 12:43:06 +10:00
xfs_message.c xfs: decouple log and transaction headers 2013-10-23 16:17:44 -05:00
xfs_message.h xfs: introduce CONFIG_XFS_WARN 2013-05-07 18:45:36 -05:00
xfs_mount.c xfs: avoid false quotacheck after unclean shutdown 2014-08-04 11:35:44 +10:00
xfs_mount.h xfs: move node entry counts to xfs_da_geometry 2014-06-06 15:20:02 +10:00
xfs_mru_cache.c xfs: global error sign conversion 2014-06-25 14:58:08 +10:00
xfs_mru_cache.h xfs: embedd mru_elem into parent structure 2014-04-23 07:11:51 +10:00
xfs_qm.c xfs: global error sign conversion 2014-06-25 14:58:08 +10:00
xfs_qm.h xfs: integrate xfs_quota_priv header file to xfs_qm 2013-12-06 14:16:33 -06:00
xfs_qm_bhv.c xfs: global error sign conversion 2014-06-25 14:58:08 +10:00
xfs_qm_syscalls.c xfs: global error sign conversion 2014-06-25 14:58:08 +10:00
xfs_quota.h xfs: split dquot buffer operations out 2013-10-23 14:28:35 -05:00
xfs_quotaops.c xfs: global error sign conversion 2014-06-25 14:58:08 +10:00
xfs_rtalloc.c xfs: global error sign conversion 2014-06-25 14:58:08 +10:00
xfs_rtalloc.h xfs: global error sign conversion 2014-06-25 14:58:08 +10:00
xfs_stats.c xfs: support the XFS_BTNUM_FINOBT free inode btree type 2014-04-24 16:00:52 +10:00
xfs_stats.h xfs: support the XFS_BTNUM_FINOBT free inode btree type 2014-04-24 16:00:52 +10:00
xfs_super.c xfs: global error sign conversion 2014-06-25 14:58:08 +10:00
xfs_super.h
xfs_symlink.c xfs: global error sign conversion 2014-06-25 14:58:08 +10:00
xfs_symlink.h xfs: push down inactive transaction mgmt for remote symlinks 2013-10-08 14:53:02 -05:00
xfs_sysctl.c xfs: Convert use of typedef ctl_table to struct ctl_table 2013-06-17 17:42:25 -05:00
xfs_sysctl.h
xfs_trace.c xfs: add filestream allocator tracepoints 2014-04-23 07:11:52 +10:00
xfs_trace.h Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2014-06-12 10:30:18 -07:00
xfs_trans.c xfs: global error sign conversion 2014-06-25 14:58:08 +10:00
xfs_trans.h xfs: format log items write directly into the linear CIL buffer 2013-12-13 11:34:02 +11:00
xfs_trans_ail.c xfs: global error sign conversion 2014-06-25 14:58:08 +10:00
xfs_trans_buf.c xfs: global error sign conversion 2014-06-25 14:58:08 +10:00
xfs_trans_dquot.c xfs: global error sign conversion 2014-06-25 14:58:08 +10:00
xfs_trans_extfree.c xfs: decouple log and transaction headers 2013-10-23 16:17:44 -05:00
xfs_trans_inode.c xfs: open code inc_inode_iversion when logging an inode 2013-11-18 09:42:08 -06:00
xfs_trans_priv.h xfs: remove unused ail pointer arg from xfs_trans_ail_cursor_done() 2014-04-14 19:06:05 +10:00
xfs_types.h xfs: support the XFS_BTNUM_FINOBT free inode btree type 2014-04-24 16:00:52 +10:00
xfs_vnode.h xfs: remove unused FI_ flags 2013-12-04 14:11:05 -06:00
xfs_xattr.c xfs: global error sign conversion 2014-06-25 14:58:08 +10:00