[Top] [All Lists]

[PATCH] fix overflow in xfs_growfs_data_private

To: xfs-oss <xfs@xxxxxxxxxxx>
Subject: [PATCH] fix overflow in xfs_growfs_data_private
From: Eric Sandeen <sandeen@xxxxxxxxxxx>
Date: Sat, 23 May 2009 14:30:12 -0500
Cc: Richard Ems <Richard.Ems@xxxxxxxxxxxxxxxxx>
User-agent: Thunderbird (Macintosh/20090302)
In the case where growing a filesystem would leave the last AG
too small, the fixup code has an overflow in the calculation
of the new size with one fewer ag, because "nagcount" is a 32
bit number.  If the new filesystem has > 2^32 blocks in it
this causes a problem resulting in an EINVAL return from growfs:

# xfs_io -f -c "truncate 19998630180864" fsfile
# mkfs.xfs -f -bsize=4096 -dagsize=76288719b,size=3905982455b fsfile
# mount -o loop fsfile mnt/
# xfs_growfs mnt/
meta-data=/dev/loop0             isize=256    agcount=52,
agsize=76288719 blks
         =                       sectsz=512   attr=2
data     =                       bsize=4096   blocks=3905982455, imaxpct=5
         =                       sunit=0      swidth=0 blks
naming   =version 2              bsize=4096   ascii-ci=0
log      =internal               bsize=4096   blocks=32768, version=2
         =                       sectsz=512   sunit=0 blks, lazy-count=0
realtime =none                   extsz=4096   blocks=0, rtextents=0
xfs_growfs: XFS_IOC_FSGROWFSDATA xfsctl failed: Invalid argument

Reported-by: richard.ems@xxxxxxxxxxxxxxxxx
Signed-off-by: Eric Sandeen <sandeen@xxxxxxxxxxx>

Index: linux-2.6/fs/xfs/xfs_fsops.c
--- linux-2.6.orig/fs/xfs/xfs_fsops.c
+++ linux-2.6/fs/xfs/xfs_fsops.c
@@ -160,7 +160,7 @@ xfs_growfs_data_private(
        nagcount = new + (nb_mod != 0);
        if (nb_mod && nb_mod < XFS_MIN_AG_BLOCKS) {
-               nb = nagcount * mp->m_sb.sb_agblocks;
+               nb = (xfs_rfsblock_t)nagcount * mp->m_sb.sb_agblocks;
                if (nb < mp->m_sb.sb_dblocks)
                        return XFS_ERROR(EINVAL);

<Prev in Thread] Current Thread [Next in Thread>