xfs
[Top] [All Lists]

Re: [PATCH v3] xfs: check for possible overflow in xfs_ioc_trim

To: Tomas Racek <tracek@xxxxxxxxxx>
Subject: Re: [PATCH v3] xfs: check for possible overflow in xfs_ioc_trim
From: Dave Chinner <david@xxxxxxxxxxxxx>
Date: Fri, 10 Aug 2012 09:47:59 +1000
Cc: Alex Elder <elder@xxxxxxxxxx>, "supporter:XFS FILESYSTEM" <xfs@xxxxxxxxxxx>, Ben Myers <bpm@xxxxxxx>, lczerner@xxxxxxxxxx
In-reply-to: <1344503229-13022-1-git-send-email-tracek@xxxxxxxxxx>
References: <1344503229-13022-1-git-send-email-tracek@xxxxxxxxxx>
User-agent: Mutt/1.5.21 (2010-09-15)
[ Trimmed lkml from cc list.  There's no need to cc lkml on XFS
specific stuff. ]

[ Trimmed linux-xfs@xxxxxxxxxxxxxxx as that is not a list any XFS
developer is subscribed to. ]

On Thu, Aug 09, 2012 at 11:07:09AM +0200, Tomas Racek wrote:
> If range.start or range.minlen is bigger than filesystem size, return
> invalid value error. This fixes possible overflow in BTOBB macro when
> passed value was nearly ULLONG_MAX.
> 
> Signed-off-by: Tomas Racek <tracek@xxxxxxxxxx>
> ---
>  fs/xfs/xfs_discard.c |    6 ++++--
>  1 files changed, 4 insertions(+), 2 deletions(-)
> 
> diff --git a/fs/xfs/xfs_discard.c b/fs/xfs/xfs_discard.c
> index f9c3fe3..4e07a56 100644
> --- a/fs/xfs/xfs_discard.c
> +++ b/fs/xfs/xfs_discard.c
> @@ -179,12 +179,14 @@ xfs_ioc_trim(
>        * used by the fstrim application.  In the end it really doesn't
>        * matter as trimming blocks is an advisory interface.
>        */
> +     if (range.start >= XFS_FSB_TO_B(mp, mp->m_sb.sb_dblocks) ||
> +         range.minlen > XFS_FSB_TO_B(mp, mp->m_sb.sb_dblocks))
> +             return -XFS_ERROR(EINVAL);

That's not correct for minlen. The maximum minlen we can
support is the length of the largest freespace extent in the
filesystem, and that is limited to the size of an AG. i.e.
XFS_FSB_TO_B(mp, XFS_ALLOC_AG_MAX_USABLE(mp))

Cheers,

Dave.
-- 
Dave Chinner
david@xxxxxxxxxxxxx

<Prev in Thread] Current Thread [Next in Thread>