mirrors
/
linux-stable
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
1
0
Fork 0
Code Issues Releases Wiki Activity
linux-stable/fs
History
Dave Chinner 9e6c08d4a8 xfs: validate btree records on retrieval 
So we don't check the validity of records as we walk the btree. When
there are corrupt records in the free space btree (e.g. zero
startblock/length or beyond EOAG) we just blindly use it and things
go bad from there. That leads to assert failures on debug kernels
like this:

XFS: Assertion failed: fs_is_ok, file: fs/xfs/libxfs/xfs_alloc.c, line: 450
....
Call Trace:
 xfs_alloc_fixup_trees+0x368/0x5c0
 xfs_alloc_ag_vextent_near+0x79a/0xe20
 xfs_alloc_ag_vextent+0x1d3/0x330
 xfs_alloc_vextent+0x5e9/0x870

Or crashes like this:

XFS (loop0): xfs_buf_find: daddr 0x7fb28 out of range, EOFS 0x8000
.....
BUG: unable to handle kernel NULL pointer dereference at 00000000000000c8
....
Call Trace:
 xfs_bmap_add_extent_hole_real+0x67d/0x930
 xfs_bmapi_write+0x934/0xc90
 xfs_da_grow_inode_int+0x27e/0x2f0
 xfs_dir2_grow_inode+0x55/0x130
 xfs_dir2_sf_to_block+0x94/0x5d0
 xfs_dir2_sf_addname+0xd0/0x590
 xfs_dir_createname+0x168/0x1a0
 xfs_rename+0x658/0x9b0

By checking that free space records pulled from the trees are
within the valid range, we catch many of these corruptions before
they can do damage.

This is a generic btree record checking deficiency. We need to
validate the records we fetch from all the different btrees before
we use them to catch corruptions like this.

This patch results in a corrupt record emitting an error message and
returning -EFSCORRUPTED, and the higher layers catch that and abort:

 XFS (loop0): Size Freespace BTree record corruption in AG 0 detected!
 XFS (loop0): start block 0x0 block count 0x0
 XFS (loop0): Internal error xfs_trans_cancel at line 1012 of file fs/xfs/xfs_trans.c.  Caller xfs_create+0x42a/0x670
 .....
 Call Trace:
  dump_stack+0x85/0xcb
  xfs_trans_cancel+0x19f/0x1c0
  xfs_create+0x42a/0x670
  xfs_generic_create+0x1f6/0x2c0
  vfs_create+0xf9/0x180
  do_mknodat+0x1f9/0x210
  do_syscall_64+0x5a/0x180
  entry_SYSCALL_64_after_hwframe+0x49/0xbe
.....
 XFS (loop0): xfs_do_force_shutdown(0x8) called from line 1013 of file fs/xfs/xfs_trans.c.  Return address = ffffffff81500868
 XFS (loop0): Corruption of in-memory data detected.  Shutting down filesystem

Signed-off-by: Dave Chinner <dchinner@redhat.com>

Reviewed-by: Darrick J. Wong <darrick.wong@oracle.com>
Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com>
 		2018-06-06 08:12:00 -07:00
..
9p fscache development 2018-04-07 09:08:24 -07:00
adfs Rename superblock flags (MS_xyz -> SB_xyz) 2017-11-27 13:05:09 -08:00
affs iversion: Rename make inode_cmp_iversion{+raw} to inode_eq_iversion{+raw} 2018-02-01 08:15:25 -05:00
afs afs: Fix server record deletion 2018-04-20 09:59:33 -07:00
autofs4 autofs: mount point create should honour passed in mode 2018-04-20 17:18:35 -07:00
befs befs: Define usercopy region in befs_inode_cache slab cache 2018-01-15 12:07:54 -08:00
bfs
btrfs for-4.17-rc3-tag 2018-05-04 20:32:18 -10:00
cachefiles fscache: Pass object size in rather than calling back for it 2018-04-06 14:05:14 +01:00
ceph ceph: check if mds create snaprealm when setting quota 2018-04-23 17:35:19 +02:00
cifs First pull request for 4.17-rc 2018-05-04 20:51:10 -10:00
coda vfs: do bulk POLL* -> EPOLL* replacement 2018-02-11 14:34:03 -08:00
configfs
cramfs cramfs: better MTD dependency expression 2018-02-08 11:37:31 -08:00
crypto fscrypt: fix build with pre-4.6 gcc versions 2018-02-01 10:51:18 -05:00
debugfs debugfs_lookup(): switch to lookup_one_len_unlocked() 2018-03-29 15:07:47 -04:00
devpts devpts: comment devpts_mntget() 2018-03-14 13:31:23 +01:00
dlm net: make getname() functions return length rather than use int* parameter 2018-02-12 14:15:04 -05:00
ecryptfs eCryptfs: don't pass up plaintext names when using filename encryption 2018-04-16 18:51:22 +00:00
efivarfs efivarfs: Limit the rate for non-root to read files 2018-02-22 10:21:02 -08:00
efs Rename superblock flags (MS_xyz -> SB_xyz) 2017-11-27 13:05:09 -08:00
exofs iversion.h related cleanup for v4.16 2018-02-07 14:25:22 -08:00
exportfs ovl: do not try to reconnect a disconnected origin dentry 2018-04-12 12:04:49 +02:00
ext2 dax: change bdev_dax_supported() to support boolean returns 2018-05-31 08:58:34 -07:00
ext4 iomap: inline data should be an iomap type, not a flag 2018-06-01 18:37:32 -07:00
f2fs page cache: use xa_lock 2018-04-11 10:28:39 -07:00
fat iversion: Rename make inode_cmp_iversion{+raw} to inode_eq_iversion{+raw} 2018-02-01 08:15:25 -05:00
freevxfs vxfs: Define usercopy region in vxfs_inode slab cache 2018-01-15 12:07:57 -08:00
fscache fscache: use appropriate radix tree accessors 2018-04-11 10:28:39 -07:00
fuse fuse: define the filesystem as untrusted 2018-03-23 06:31:37 -04:00
gfs2 iomap: move IOMAP_F_BOUNDARY to gfs2 2018-06-01 18:37:32 -07:00
hfs Rename superblock flags (MS_xyz -> SB_xyz) 2017-11-27 13:05:09 -08:00
hfsplus hfsplus: honor setgid flag on directories 2018-02-06 18:32:45 -08:00
hostfs hostfs: rename do_rmdir() to hostfs_do_rmdir() 2018-04-02 20:15:53 +02:00
hpfs hpfs: don't bother with the i_version counter or f_version 2017-12-10 12:58:18 -08:00
hugetlbfs hugetlbfs: fix bug in pgoff overflow checking 2018-04-05 21:36:21 -07:00
isofs isofs: fix potential memory leak in mount option parsing 2018-04-16 09:47:41 +02:00
jbd2 ext4: set h_journal if there is a failure starting a reserved handle 2018-04-18 11:49:31 -04:00
jffs2 jffs2_kill_sb(): deal with failed allocations 2018-04-15 23:49:05 -04:00
jfs Currently, hardened usercopy performs dynamic bounds checking on slab 2018-02-03 16:25:42 -08:00
kernfs vfs: do bulk POLL* -> EPOLL* replacement 2018-02-11 14:34:03 -08:00
lockd net: Drop pernet_operations::async 2018-03-27 13:18:09 -04:00
minix treewide: simplify Kconfig dependencies for removed archs 2018-03-26 15:55:57 +02:00
nfs NFS client updates for Linux 4.17 2018-04-12 12:55:50 -07:00
nfs_common net: Drop pernet_operations::async 2018-03-27 13:18:09 -04:00
nfsd nfsd: fix incorrect umasks 2018-04-03 16:27:08 -04:00
nilfs2 page cache: use xa_lock 2018-04-11 10:28:39 -07:00
nls
notify fsnotify: fix ignore mask logic in send_to_group() 2018-04-13 15:52:49 +02:00
ntfs ntfs: fix bogus __mark_inode_dirty(I_DIRTY_SYNC | I_DIRTY_DATASYNC) call 2018-03-28 01:39:02 -04:00
ocfs2 Merge branch 'akpm' (patches from Andrew) 2018-04-06 14:19:26 -07:00
omfs
openpromfs Rename superblock flags (MS_xyz -> SB_xyz) 2017-11-27 13:05:09 -08:00
orangefs orangefs_kill_sb(): deal with allocation failures 2018-04-15 23:49:12 -04:00
overlayfs ovl: add support for "xino" mount and config options 2018-04-12 12:04:50 +02:00
proc proc: fix /proc/loadavg regression 2018-04-20 17:18:36 -07:00
pstore pstore: fix crypto dependencies without compression 2018-04-06 15:45:33 -07:00
qnx4 Rename superblock flags (MS_xyz -> SB_xyz) 2017-11-27 13:05:09 -08:00
qnx6 Rename superblock flags (MS_xyz -> SB_xyz) 2017-11-27 13:05:09 -08:00
quota fs: quota: Replace GFP_ATOMIC with GFP_KERNEL in dquot_init 2018-04-09 17:48:54 +02:00
ramfs
reiserfs fs/reiserfs/journal.c: add missing resierfs_warning() arg 2018-04-11 10:28:36 -07:00
romfs Rename superblock flags (MS_xyz -> SB_xyz) 2017-11-27 13:05:09 -08:00
squashfs Rename superblock flags (MS_xyz -> SB_xyz) 2017-11-27 13:05:09 -08:00
sysfs sysfs: symlink: export sysfs_create_link_nowarn() 2018-03-19 21:14:26 -04:00
sysv Rename superblock flags (MS_xyz -> SB_xyz) 2017-11-27 13:05:09 -08:00
tracefs
ubifs This pull request contains updates for both UBI and UBIFS: 2018-04-11 16:39:34 -07:00
udf udf: Fix leak of UTF-16 surrogates into encoded strings 2018-04-18 16:34:55 +02:00
ufs iversion.h related cleanup for v4.16 2018-02-07 14:25:22 -08:00
xfs xfs: validate btree records on retrieval 2018-06-06 08:12:00 -07:00
Kconfig libnvdimm for 4.16 2018-02-06 10:41:33 -08:00
Kconfig.binfmt treewide: simplify Kconfig dependencies for removed archs 2018-03-26 15:55:57 +02:00
Makefile split d_path() and friends into a separate file 2018-03-29 15:07:46 -04:00
aio.c fs/aio: Use rcu_work instead of explicit rcu and work item 2018-03-19 10:12:03 -07:00
anon_inodes.c
attr.c
bad_inode.c
binfmt_aout.c exec: introduce finalize_exec() before start_thread() 2018-04-11 10:28:37 -07:00
binfmt_elf.c fs, elf: don't complain MAP_FIXED_NOREPLACE unless -EEXIST error 2018-04-20 17:18:36 -07:00
binfmt_elf_fdpic.c exec: introduce finalize_exec() before start_thread() 2018-04-11 10:28:37 -07:00
binfmt_em86.c
binfmt_flat.c exec: introduce finalize_exec() before start_thread() 2018-04-11 10:28:37 -07:00
binfmt_misc.c fs: add ksys_close() wrapper; remove in-kernel calls to sys_close() 2018-04-02 20:16:00 +02:00
binfmt_script.c
block_dev.c libnvdimm for 4.17 2018-04-10 10:25:57 -07:00
buffer.c fs: move page_cache_seek_hole_data to iomap.c 2018-06-01 18:37:33 -07:00
char_dev.c block, char_dev: Use correct format specifier for unsigned ints 2018-03-15 17:59:24 +01:00
compat.c
compat_binfmt_elf.c
compat_ioctl.c fs: compat_ioctl: add new DVB demux ioctls 2017-12-28 11:17:29 -05:00
coredump.c Merge branch 'misc.compat' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2017-11-17 11:54:55 -08:00
d_path.c split d_path() and friends into a separate file 2018-03-29 15:07:46 -04:00
dax.c page cache: use xa_lock 2018-04-11 10:28:39 -07:00
dcache.c fs/dcache.c: add cond_resched() in shrink_dentry_list() 2018-04-11 10:28:38 -07:00
dcookies.c fs: add do_lookup_dcookie() helper; remove in-kernel call to syscall 2018-04-02 20:15:39 +02:00
direct-io.c Merge branch 'akpm' (patches from Andrew) 2018-04-06 14:19:26 -07:00
drop_caches.c
eventfd.c fs: add do_eventfd() helper; remove internal call to sys_eventfd() 2018-04-02 20:15:39 +02:00
eventpoll.c fs: add do_epoll_*() helpers; remove internal calls to sys_epoll_*() 2018-04-02 20:15:37 +02:00
exec.c exec: pin stack limit during exec 2018-04-11 10:28:37 -07:00
fcntl.c fs: add do_compat_fcntl64() helper; remove in-kernel call to compat syscall 2018-04-02 20:15:42 +02:00
fhandle.c vfs: Copy struct mount.mnt_id to userspace using put_user() 2018-01-15 12:07:51 -08:00
file.c fs: add ksys_close() wrapper; remove in-kernel calls to sys_close() 2018-04-02 20:16:00 +02:00
file_table.c vfs: remove unused hardirq.h 2017-12-07 14:23:30 -05:00
filesystems.c
fs-writeback.c bdi: Fix oops in wb_workfn() 2018-05-03 16:11:37 -06:00
fs_pin.c Merge branch 'linus' into locking/core, to resolve conflicts 2017-11-07 10:32:44 +01:00
fs_struct.c
inode.c fs: clear writeback errors in inode_init_always 2018-05-29 10:46:03 -07:00
internal.h Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2018-04-06 11:07:08 -07:00
ioctl.c fs: add ksys_ioctl() helper; remove in-kernel calls to sys_ioctl() 2018-04-02 20:16:03 +02:00
iomap.c iomap: fsync swap files before iterating mappings 2018-06-05 09:53:05 -07:00
libfs.c fs, dax: prepare for dax-specific address_space_operations 2018-03-30 11:34:55 -07:00
locks.c treewide: Align function definition open/close braces 2018-03-26 11:13:09 +02:00
mbcache.c mbcache: make sure c_entry_count is not decremented past zero 2018-01-09 23:57:52 -05:00
mount.h
mpage.c
namei.c Merge branch 'work.namei' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2018-04-09 12:48:05 -07:00
namespace.c vfs: Undo an overly zealous MS_RDONLY -> SB_RDONLY conversion 2018-04-20 09:59:33 -07:00
no-block.c
nsfs.c net: Export open_related_ns() 2018-02-15 15:34:42 -05:00
open.c Merge branch 'work.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2018-04-06 11:07:08 -07:00
pipe.c fs: add do_pipe2() helper; remove internal call to sys_pipe2() 2018-04-02 20:15:35 +02:00
pnode.c
pnode.h
posix_acl.c posix_acl: convert posix_acl.a_refcount from atomic_t to refcount_t 2018-01-02 19:27:28 -08:00
proc_namespace.c vfs: do bulk POLL* -> EPOLL* replacement 2018-02-11 14:34:03 -08:00
read_write.c fs: add ksys_p{read,write}64() helpers; remove in-kernel calls to syscalls 2018-04-02 20:16:09 +02:00
readdir.c fs: add ksys_getdents64() helper; remove in-kernel calls to sys_getdents64() 2018-04-02 20:16:02 +02:00
select.c fs: add do_compat_select() helper; remove in-kernel call to compat syscall 2018-04-02 20:15:42 +02:00
seq_file.c seq_file: account everything to kmemcg 2018-04-11 10:28:36 -07:00
signalfd.c fs: add do_compat_signalfd4() helper; remove in-kernel call to compat syscall 2018-04-02 20:15:43 +02:00
splice.c fs: add do_vmsplice() helper; remove in-kernel call to syscall 2018-04-02 20:15:40 +02:00
stack.c
stat.c fs: add do_readlinkat() helper; remove internal call to sys_readlinkat() 2018-04-02 20:15:34 +02:00
statfs.c Rename superblock flags (MS_xyz -> SB_xyz) 2017-11-27 13:05:09 -08:00
super.c mm,vmscan: Allow preallocating memory for register_shrinker(). 2018-04-16 02:06:47 -04:00
sync.c Changes for this release: 2018-04-04 12:44:02 -07:00
timerfd.c vfs: do bulk POLL* -> EPOLL* replacement 2018-02-11 14:34:03 -08:00
userfaultfd.c vfs: do bulk POLL* -> EPOLL* replacement 2018-02-11 14:34:03 -08:00
utimes.c fs: add do_compat_futimesat() helper; remove in-kernel call to compat syscall 2018-04-02 20:15:44 +02:00
xattr.c