xfs
[Top] [All Lists]

[PATCH] xfs: check magic numbers in dir3 leaf verifier first

To: xfs@xxxxxxxxxxx
Subject: [PATCH] xfs: check magic numbers in dir3 leaf verifier first
From: Dave Chinner <david@xxxxxxxxxxxxx>
Date: Mon, 2 Sep 2013 20:50:20 +1000
Delivered-to: xfs@xxxxxxxxxxx
From: Dave Chinner <dchinner@xxxxxxxxxx>

Calling xfs_dir3_leaf_hdr_from_disk() in a verifier before
validating the magic numbers in the buffer results in ASSERT
failures due to mismatching magic numbers when a corruption occurs.
Seeing as the verifier is supposed to catch the corruption and pass
it back to the caller, having the verifier assert fail on error
defeats the purpose of detecting the errors in the first place.

Check the magic numbers direct from the buffer before decoding the
header.

Signed-off-by: Dave Chinner <dchinner@xxxxxxxxxx>
---
 fs/xfs/xfs_dir2_leaf.c | 21 ++++++++++++++-------
 1 file changed, 14 insertions(+), 7 deletions(-)

diff --git a/fs/xfs/xfs_dir2_leaf.c b/fs/xfs/xfs_dir2_leaf.c
index 08984ee..fa46d4b 100644
--- a/fs/xfs/xfs_dir2_leaf.c
+++ b/fs/xfs/xfs_dir2_leaf.c
@@ -165,6 +165,7 @@ xfs_dir3_leaf_check_int(
            (char *)&ents[hdr->count] > (char *)xfs_dir2_leaf_bests_p(ltp))
                return false;
 
+
        /* Check hash value order, count stale entries.  */
        for (i = stale = 0; i < hdr->count; i++) {
                if (i + 1 < hdr->count) {
@@ -180,6 +181,11 @@ xfs_dir3_leaf_check_int(
        return true;
 }
 
+/*
+ * We verify the magic numbers before decoding the leaf header so that on debug
+ * kernels we don't get assertion failures in xfs_dir3_leaf_hdr_from_disk() due
+ * to incorrect magic numbers.
+ */
 static bool
 xfs_dir3_leaf_verify(
        struct xfs_buf          *bp,
@@ -191,24 +197,25 @@ xfs_dir3_leaf_verify(
 
        ASSERT(magic == XFS_DIR2_LEAF1_MAGIC || magic == XFS_DIR2_LEAFN_MAGIC);
 
-       xfs_dir3_leaf_hdr_from_disk(&leafhdr, leaf);
        if (xfs_sb_version_hascrc(&mp->m_sb)) {
                struct xfs_dir3_leaf_hdr *leaf3 = bp->b_addr;
+               __uint16_t              magic3;
 
-               if ((magic == XFS_DIR2_LEAF1_MAGIC &&
-                    leafhdr.magic != XFS_DIR3_LEAF1_MAGIC) ||
-                   (magic == XFS_DIR2_LEAFN_MAGIC &&
-                    leafhdr.magic != XFS_DIR3_LEAFN_MAGIC))
-                       return false;
+               magic3 = (magic == XFS_DIR2_LEAF1_MAGIC) ? XFS_DIR3_LEAF1_MAGIC
+                                                        : XFS_DIR3_LEAFN_MAGIC;
 
+               if (leaf3->info.hdr.magic != cpu_to_be16(magic3))
+                       return false;
                if (!uuid_equal(&leaf3->info.uuid, &mp->m_sb.sb_uuid))
                        return false;
                if (be64_to_cpu(leaf3->info.blkno) != bp->b_bn)
                        return false;
        } else {
-               if (leafhdr.magic != magic)
+               if (leaf->hdr.info.magic != cpu_to_be32(magic))
                        return false;
        }
+
+       xfs_dir3_leaf_hdr_from_disk(&leafhdr, leaf);
        return xfs_dir3_leaf_check_int(mp, &leafhdr, leaf);
 }
 
-- 
1.8.3.2

<Prev in Thread] Current Thread [Next in Thread>