Brian Foster 2a2b5932db xfs: fix attr leaf header freemap.size underflow ... The leaf format xattr addition helper xfs_attr3_leaf_add_work() adjusts the block freemap in a couple places. The first update drops the size of the freemap that the caller had already selected to place the xattr name/value data. Before the function returns, it also checks whether the entries array has encroached on a freemap range by virtue of the new entry addition. This is necessary because the entries array grows from the start of the block (but end of the block header) towards the end of the block while the name/value data grows from the end of the block in the opposite direction. If the associated freemap is already empty, however, size is zero and the subtraction underflows the field and causes corruption. This is reproduced rarely by generic/070. The observed behavior is that a smaller sized freemap is aligned to the end of the entries list, several subsequent xattr additions land in larger freemaps and the entries list expands into the smaller freemap until it is fully consumed and then underflows. Note that it is not otherwise a corruption for the entries array to consume an empty freemap because the nameval list (i.e. the firstused pointer in the xattr header) starts beyond the end of the corrupted freemap. Update the freemap size modification to account for the fact that the freemap entry can be empty and thus stale. Signed-off-by: Brian Foster <bfoster@redhat.com> Reviewed-by: Darrick J. Wong <darrick.wong@oracle.com> Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com>		2019-11-15 21:15:29 -08:00
..
xfs_ag.c	xfs: remove unused flags arg from xfs_get_aghdr_buf()	2019-10-06 15:39:05 -07:00
xfs_ag.h	xfs: add a new ioctl to describe allocation group geometry	2019-04-14 18:15:57 -07:00
xfs_ag_resv.c	xfs: fix missing header includes	2019-11-07 13:00:53 -08:00
xfs_ag_resv.h	xfs: pass transaction lock while setting up agresv on cyclic metadata	2018-07-29 22:37:08 -07:00
xfs_alloc.c	xfs: convert open coded corruption check to use XFS_IS_CORRUPT	2019-11-13 11:08:01 -08:00
xfs_alloc.h	xfs: cleanup use of the XFS_ALLOC_ flags	2019-11-03 10:22:31 -08:00
xfs_alloc_btree.c	xfs: track active state of allocation btree cursors	2019-10-21 09:04:58 -07:00
xfs_alloc_btree.h	xfs: convert to SPDX license tags	2018-06-06 14:17:53 -07:00
xfs_attr.c	xfs: allocate xattr buffer on demand	2019-08-30 22:43:57 -07:00
xfs_attr.h	xfs: allocate xattr buffer on demand	2019-08-30 22:43:57 -07:00
xfs_attr_leaf.c	xfs: fix attr leaf header freemap.size underflow	2019-11-15 21:15:29 -08:00
xfs_attr_leaf.h	xfs: move incore structures out of xfs_da_format.h	2019-11-10 16:54:19 -08:00
xfs_attr_remote.c	xfs: fix missing header includes	2019-11-07 13:00:53 -08:00
xfs_attr_remote.h	xfs: convert to SPDX license tags	2018-06-06 14:17:53 -07:00
xfs_attr_sf.h	xfs: convert to SPDX license tags	2018-06-06 14:17:53 -07:00
xfs_bit.c	xfs: fix missing header includes	2019-11-07 13:00:53 -08:00
xfs_bit.h	xfs: convert to SPDX license tags	2018-06-06 14:17:53 -07:00
xfs_bmap.c	xfs: convert open coded corruption check to use XFS_IS_CORRUPT	2019-11-13 11:08:01 -08:00
xfs_bmap.h	xfs: use a struct iomap in xfs_writepage_ctx	2019-10-21 08:51:59 -07:00
xfs_bmap_btree.c	xfs: fix sign handling problem in xfs_bmbt_diff_two_keys	2019-08-28 08:31:01 -07:00
xfs_bmap_btree.h	xfs: convert to SPDX license tags	2018-06-06 14:17:53 -07:00
xfs_btree.c	xfs: convert open coded corruption check to use XFS_IS_CORRUPT	2019-11-13 11:08:01 -08:00
xfs_btree.h	xfs: actually check xfs_btree_check_block return in xfs_btree_islastblock	2019-11-11 12:42:52 -08:00
xfs_cksum.h	License cleanup: add SPDX GPL-2.0 license identifier to files with no license	2017-11-02 11:10:55 +01:00
xfs_da_btree.c	xfs: devirtualize ->m_dirnameops	2019-11-13 11:13:45 -08:00
xfs_da_btree.h	xfs: devirtualize ->m_dirnameops	2019-11-13 11:13:45 -08:00
xfs_da_format.h	xfs: move incore structures out of xfs_da_format.h	2019-11-10 16:54:19 -08:00
xfs_defer.c	fs: xfs: Remove KM_NOSLEEP and KM_SLEEP.	2019-08-26 12:06:22 -07:00
xfs_defer.h	xfs: streamline defer op type handling	2018-12-12 08:47:16 -08:00
xfs_dir2.c	xfs: devirtualize ->m_dirnameops	2019-11-13 11:13:45 -08:00
xfs_dir2.h	xfs: Fix deadlock between AGI and AGF when target_ip exists in xfs_rename()	2019-11-13 11:13:45 -08:00
xfs_dir2_block.c	xfs: devirtualize ->m_dirnameops	2019-11-13 11:13:45 -08:00
xfs_dir2_data.c	xfs: remove duplicated include from xfs_dir2_data.c	2019-11-13 18:22:41 -08:00
xfs_dir2_leaf.c	xfs: devirtualize ->m_dirnameops	2019-11-13 11:13:45 -08:00
xfs_dir2_node.c	xfs: devirtualize ->m_dirnameops	2019-11-13 11:13:45 -08:00
xfs_dir2_priv.h	xfs: devirtualize ->m_dirnameops	2019-11-13 11:13:45 -08:00
xfs_dir2_sf.c	xfs: Fix deadlock between AGI and AGF when target_ip exists in xfs_rename()	2019-11-13 11:13:45 -08:00
xfs_dquot_buf.c	xfs: remove the xfs_disk_dquot_t and xfs_dquot_t	2019-11-13 11:13:45 -08:00
xfs_errortag.h	xfs: cache unlinked pointers in an rhashtable	2019-02-11 16:07:01 -08:00
xfs_format.h	xfs: remove unused typedef definitions	2019-11-13 18:22:40 -08:00
xfs_fs.h	xfs: avoid time_t in user api	2019-11-13 11:13:45 -08:00
xfs_health.h	xfs: introduce new v5 bulkstat structure	2019-07-03 20:36:26 -07:00
xfs_ialloc.c	xfs: kill the XFS_WANT_CORRUPT_* macros	2019-11-12 17:19:02 -08:00
xfs_ialloc.h	xfs: refactor inode geometry setup routines	2019-06-12 08:37:40 -07:00
xfs_ialloc_btree.c	xfs: create simplified inode walk function	2019-07-02 09:40:05 -07:00
xfs_ialloc_btree.h	xfs: create simplified inode walk function	2019-07-02 09:40:05 -07:00
xfs_iext_tree.c	xfs: fix inode fork extent count overflow	2019-10-21 09:04:58 -07:00
xfs_inode_buf.c	xfs: don't reset the "inode core" in xfs_iread	2019-11-13 11:13:45 -08:00
xfs_inode_buf.h	xfs: merge the projid fields in struct xfs_icdinode	2019-11-13 11:13:45 -08:00
xfs_inode_fork.c	xfs: always log corruption errors	2019-11-04 13:55:54 -08:00
xfs_inode_fork.h	xfs: refactor "does this fork map blocks" predicate	2019-11-10 10:22:51 -08:00
xfs_log_format.h	xfs: Correct comment tyops -> typos	2019-11-10 10:21:57 -08:00
xfs_log_recover.h	xfs: remove unused typedef definitions	2019-11-13 18:22:40 -08:00
xfs_log_rlimit.c	xfs: remove unused header files	2019-06-28 19:30:43 -07:00
xfs_quota_defs.h	xfs: change some error-less functions to void types	2019-05-01 20:26:30 -07:00
xfs_refcount.c	xfs: convert open coded corruption check to use XFS_IS_CORRUPT	2019-11-13 11:08:01 -08:00
xfs_refcount.h	xfs: remove unnecessary int returns from deferred refcount functions	2019-08-28 08:31:02 -07:00
xfs_refcount_btree.c	xfs: remove unused header files	2019-06-28 19:30:43 -07:00
xfs_refcount_btree.h	xfs: pass transaction lock while setting up agresv on cyclic metadata	2018-07-29 22:37:08 -07:00
xfs_rmap.c	xfs: convert open coded corruption check to use XFS_IS_CORRUPT	2019-11-13 11:08:01 -08:00
xfs_rmap.h	xfs: reinitialize rm_flags when unpacking an offset into an rmap irec	2019-08-28 08:31:02 -07:00
xfs_rmap_btree.c	xfs: remove unused header files	2019-06-28 19:30:43 -07:00
xfs_rmap_btree.h	xfs: pass transaction lock while setting up agresv on cyclic metadata	2018-07-29 22:37:08 -07:00
xfs_rtbitmap.c	xfs: convert open coded corruption check to use XFS_IS_CORRUPT	2019-11-13 11:08:01 -08:00
xfs_sb.c	xfs: fix missing header includes	2019-11-07 13:00:53 -08:00
xfs_sb.h	xfs: change some error-less functions to void types	2019-05-01 20:26:30 -07:00
xfs_shared.h	xfs: remove all *_ITER_CONTINUE values	2019-08-30 22:43:56 -07:00
xfs_symlink_remote.c	xfs: remove unused header files	2019-06-28 19:30:43 -07:00
xfs_trans_inode.c	xfs: use a struct timespec64 for the in-core crtime	2019-11-13 11:13:45 -08:00
xfs_trans_resv.c	xfs: remove the xfs_qoff_logitem_t typedef	2019-11-13 18:22:28 -08:00
xfs_trans_resv.h	xfs: convert to SPDX license tags	2018-06-06 14:17:53 -07:00
xfs_trans_space.h	xfs: separate inode geometry	2019-06-12 08:37:40 -07:00
xfs_types.c	xfs: remove unused header files	2019-06-28 19:30:43 -07:00
xfs_types.h	xfs: remove unused structure members & simple typedefs	2019-11-13 18:22:41 -08:00