kpriv/linux-hardened
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
linux-hardened/fs/xfs/libxfs
History
Dave Chinner 7d71a671a2 xfs: verify extent size hint is valid in inode verifier 
There are rules for vald extent size hints. We enforce them when
applications set them, but fuzzers violate those rules and that
screws us over.

This results in alignment assertion failures when setting up
allocations such as this in direct IO:

XFS: Assertion failed: ap->length, file: fs/xfs/libxfs/xfs_bmap.c, line: 3432
....
Call Trace:
 xfs_bmap_btalloc+0x415/0x910
 xfs_bmapi_write+0x71c/0x12e0
 xfs_iomap_write_direct+0x2a9/0x420
 xfs_file_iomap_begin+0x4dc/0xa70
 iomap_apply+0x43/0x100
 iomap_file_buffered_write+0x62/0x90
 xfs_file_buffered_aio_write+0xba/0x300
 __vfs_write+0xd5/0x150
 vfs_write+0xb6/0x180
 ksys_write+0x45/0xa0
 do_syscall_64+0x5a/0x180
 entry_SYSCALL_64_after_hwframe+0x49/0xbe

And from xfs_db:

core.extsize = 10380288

Which is not an integer multiple of the block size, and so violates
Rule #7 for setting extent size hints. Validate extent size hint
rules in the inode verifier to catch this.

Signed-off-by: Dave Chinner <dchinner@redhat.com>
Reviewed-by: Carlos Maiolino <cmaiolino@redhat.com>
Reviewed-by: Darrick J. Wong <darrick.wong@oracle.com>
Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com>
2018-06-06 08:10:26 -07:00
..
xfs_ag.c xfs: factor the ag length extension code into libxfs 2018-05-15 18:12:51 -07:00
xfs_ag.h xfs: factor the ag length extension code into libxfs 2018-05-15 18:12:51 -07:00
xfs_ag_resv.c xfs: account only rmapbt-used blocks against rmapbt perag res 2018-03-11 20:27:57 -07:00
xfs_ag_resv.h xfs: account only rmapbt-used blocks against rmapbt perag res 2018-03-11 20:27:57 -07:00
xfs_alloc.c xfs: xfs_alloc_get_rec should return EFSCORRUPTED for obvious bnobt corruption 2018-06-04 14:45:30 -07:00
xfs_alloc.h xfs: hoist xfs_scrub_agfl_walk to libxfs as xfs_agfl_walk 2018-05-15 18:12:50 -07:00
xfs_alloc_btree.c xfs: don't ASSERT on short form btree root pointer of zero 2018-06-04 14:45:30 -07:00
xfs_alloc_btree.h xfs: add helpers to calculate btree size 2018-05-15 17:57:05 -07:00
xfs_attr.c xfs: remove unnecessary xfs_qm_dqattach parameter 2018-05-10 08:56:47 -07:00
xfs_attr_leaf.c Split buffer's b_fspriv field 2018-01-29 07:27:22 -08:00
xfs_attr_leaf.h xfs: create structure verifier function for shortform xattrs 2018-01-08 10:54:46 -08:00
xfs_attr_remote.c xfs: make xfs_buf_incore out of line 2018-05-09 10:04:00 -07:00
xfs_attr_remote.h
xfs_attr_sf.h xfs: remove double-underscore integer types 2017-06-19 14:11:33 -07:00
xfs_bit.c libxfs: Optimize the loop for xfs_bitmap_empty 2016-01-04 16:10:19 +11:00
xfs_bit.h xfs: remove double-underscore integer types 2017-06-19 14:11:33 -07:00
xfs_bmap.c xfs: don't assert when reporting on-disk corruption while loading btree 2018-06-04 14:45:29 -07:00
xfs_bmap.h xfs: make xfs_bmapi_remapi work with attribute forks 2018-05-15 18:12:50 -07:00
xfs_bmap_btree.c xfs: add helpers to calculate btree size 2018-05-15 17:57:05 -07:00
xfs_bmap_btree.h xfs: add helpers to calculate btree size 2018-05-15 17:57:05 -07:00
xfs_btree.c xfs: explicitly pass buffer size to xfs_corruption_error 2018-06-04 18:25:05 -07:00
xfs_btree.h xfs: add repair helpers for the reference count btree 2018-05-15 17:57:05 -07:00
xfs_cksum.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
xfs_da_btree.c xfs: explicitly pass buffer size to xfs_corruption_error 2018-06-04 18:25:05 -07:00
xfs_da_btree.h xfs: remove double-underscore integer types 2017-06-19 14:11:33 -07:00
xfs_da_format.c xfs: remove double-underscore integer types 2017-06-19 14:11:33 -07:00
xfs_da_format.h xfs: refactor the geometry structure filling function 2018-01-08 10:54:48 -08:00
xfs_defer.c xfs: adder caller IP to xfs_defer* tracepoints 2018-05-10 08:56:46 -07:00
xfs_defer.h xfs: defer agfl block frees when dfops is available 2018-05-09 10:04:02 -07:00
xfs_dir2.c xfs: refactor the geometry structure filling function 2018-01-08 10:54:48 -08:00
xfs_dir2.h xfs: sanity-check the unused space before trying to use it 2018-03-23 18:05:07 -07:00
xfs_dir2_block.c xfs: sanity-check the unused space before trying to use it 2018-03-23 18:05:07 -07:00
xfs_dir2_data.c xfs: explicitly pass buffer size to xfs_corruption_error 2018-06-04 18:25:05 -07:00
xfs_dir2_leaf.c xfs: explicitly pass buffer size to xfs_corruption_error 2018-06-04 18:25:05 -07:00
xfs_dir2_node.c xfs: explicitly pass buffer size to xfs_corruption_error 2018-06-04 18:25:05 -07:00
xfs_dir2_priv.h xfs: refactor short form directory structure verifier function 2018-01-08 10:54:46 -08:00
xfs_dir2_sf.c xfs: directory scrubber must walk through data block to offset 2018-01-17 21:00:46 -08:00
xfs_dquot_buf.c xfs: print specific dqblk that failed verifiers 2018-05-09 10:04:01 -07:00
xfs_errortag.h xfs: implement the metadata repair ioctl flag 2018-05-15 18:12:50 -07:00
xfs_format.h xfs: implement online get/set fs label 2018-05-16 08:50:16 -07:00
xfs_fs.h xfs: implement the metadata repair ioctl flag 2018-05-15 18:12:50 -07:00
xfs_ialloc.c xfs: verify AGI unlinked list contains valid blocks 2018-06-03 16:12:16 -07:00
xfs_ialloc.h xfs: expose various functions to repair code 2018-05-15 17:57:05 -07:00
xfs_ialloc_btree.c xfs: fix inobt magic number check 2018-05-29 10:46:03 -07:00
xfs_ialloc_btree.h xfs: add helpers to calculate btree size 2018-05-15 17:57:05 -07:00
xfs_iext_tree.c xfs: move xfs_iext_insert tracepoint to report useful information 2017-12-14 09:20:11 -08:00
xfs_inode_buf.c xfs: verify extent size hint is valid in inode verifier 2018-06-06 08:10:26 -07:00
xfs_inode_buf.h xfs: move inode extent size hint validation to libxfs 2018-03-23 18:05:08 -07:00
xfs_inode_fork.c xfs: refactor inode verifier error logging 2018-03-23 18:05:07 -07:00
xfs_inode_fork.h xfs: provide a centralized method for verifying inline fork data 2018-01-08 10:54:47 -08:00
xfs_log_format.h xfs: fix type usage 2017-11-16 12:06:45 -08:00
xfs_log_recover.h xfs: remove double-underscore integer types 2017-06-19 14:11:33 -07:00
xfs_log_rlimit.c xfs: trace log reservations at mount time 2018-01-08 10:54:47 -08:00
xfs_quota_defs.h xfs: replace XFS_QMOPT_DQALLOC with a simple boolean 2018-05-10 08:56:48 -07:00
xfs_refcount.c xfs: fix error handling in xfs_refcount_insert() 2018-06-01 09:00:16 -07:00
xfs_refcount.h xfs: add repair helpers for the reference count btree 2018-05-15 17:57:05 -07:00
xfs_refcount_btree.c xfs: don't ASSERT on short form btree root pointer of zero 2018-06-04 14:45:30 -07:00
xfs_refcount_btree.h xfs: non-scrub - remove unused function parameters 2018-04-09 10:23:42 -07:00
xfs_rmap.c xfs: add repair helpers for the reverse mapping btree 2018-05-15 17:57:05 -07:00
xfs_rmap.h xfs: add repair helpers for the reverse mapping btree 2018-05-15 17:57:05 -07:00
xfs_rmap_btree.c xfs: don't ASSERT on short form btree root pointer of zero 2018-06-04 14:45:30 -07:00
xfs_rmap_btree.h xfs: non-scrub - remove unused function parameters 2018-04-09 10:23:42 -07:00
xfs_rtbitmap.c xfs: fix xfs_rtalloc_rec units 2018-06-01 09:00:16 -07:00
xfs_sb.c xfs: catch bad stripe alignment configurations 2018-06-06 08:10:26 -07:00
xfs_sb.h xfs: repair superblocks 2018-05-30 08:03:15 -07:00
xfs_shared.h xfs: superblock scrub should use short-lived buffers 2018-05-15 17:57:05 -07:00
xfs_symlink_remote.c Split buffer's b_fspriv field 2018-01-29 07:27:22 -08:00
xfs_trans_resv.c xfs: non-scrub - remove unused function parameters 2018-04-09 10:23:42 -07:00
xfs_trans_resv.h xfs: increase log reservations for reflink 2016-10-05 16:26:29 -07:00
xfs_trans_space.h xfs: reserve enough blocks to handle btree splits when remapping 2017-05-03 13:21:40 -07:00
xfs_types.h xfs: xfs_rtword_t should be unsigned, not signed 2018-06-01 09:00:16 -07:00