xfs
[Top] [All Lists]

[PATCH] xfs: overflow in xfs_iomap_eof_align_last_fsb

To: xfs@xxxxxxxxxxx
Subject: [PATCH] xfs: overflow in xfs_iomap_eof_align_last_fsb
From: Peter Watkins <treestem@xxxxxxxxx>
Date: Mon, 24 Nov 2014 14:06:13 -0500
Cc: Peter Watkins <treestem@xxxxxxxxx>
Delivered-to: xfs@xxxxxxxxxxx
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:to:cc:subject:date:message-id; bh=to30t8OZr/QwuwaHfr+0RbvByOZzOOEyum3FzRWtj2g=; b=KfaAslnuFJrmVXMWMsnShAgIOisXHfQV7UU4OhrURJJn2VPwMwDdBW6hxMpLqj2zzh S0DfZNIA3s0WhnItMzJ87nk1Airbe603iq08TXjXCmrCaMdMkfoEui6dfxo1wkFJcm58 uslE/QLmm7h1XOn0mPGdV3Qh26W9W9aGzKHOVUvSpUFgKAmnl6HzWXS/HbqvwOGXw02h sLOLj4g1hsK15FenGltWp7yiOZo1pcQCr4Ih4t8BTfxXTRjylNxFMTDdS8oDvoDiMUfX aKOg7XV2q7tTnRLlUdgmFQdd+SL/ukXLKdyW3E+M5fcoNuJcR4VXDVXHl2obzawjpoPX 3GIw==
Someone else may have run into this already, if not please take
a look.

 Peter

If extsize is set and new_last_fsb is larger than 32 bits, the
roundup to extsize will overflow the align variable. Instead,
combine alignments by rounding extsize hint up to stripe size.

Signed-off-by: Peter Watkins <treestem@xxxxxxxxx>
Reviewed-by: Nathaniel W. Turner <nate@xxxxxxxxxxxxxxx>
---
 fs/xfs/xfs_iomap.c |   19 ++++++++++---------
 1 file changed, 10 insertions(+), 9 deletions(-)

diff --git a/fs/xfs/xfs_iomap.c b/fs/xfs/xfs_iomap.c
index afcf3c9..0c4abfe 100644
--- a/fs/xfs/xfs_iomap.c
+++ b/fs/xfs/xfs_iomap.c
@@ -52,7 +52,7 @@ xfs_iomap_eof_align_last_fsb(
        xfs_extlen_t    extsize,
        xfs_fileoff_t   *last_fsb)
 {
-       xfs_fileoff_t   new_last_fsb = 0;
+       xfs_fileoff_t   new_last_fsb;
        xfs_extlen_t    align = 0;
        int             eof, error;
 
@@ -70,23 +70,24 @@ xfs_iomap_eof_align_last_fsb(
                else if (mp->m_dalign)
                        align = mp->m_dalign;
 
-               if (align && XFS_ISIZE(ip) >= XFS_FSB_TO_B(mp, align))
-                       new_last_fsb = roundup_64(*last_fsb, align);
+               if (align && XFS_ISIZE(ip) < XFS_FSB_TO_B(mp, align))
+                       align = 0;
        }
 
        /*
-        * Always round up the allocation request to an extent boundary
-        * (when file on a real-time subvolume or has di_extsize hint).
+        * Round up the allocation request to an extent boundary. If
+        * already aligned to a stripe, round extsize up to a stripe
+        * boundary.
         */
        if (extsize) {
-               if (new_last_fsb)
-                       align = roundup_64(new_last_fsb, extsize);
+               if (align)
+                       align = roundup_64(extsize, align);
                else
                        align = extsize;
-               new_last_fsb = roundup_64(*last_fsb, align);
        }
 
-       if (new_last_fsb) {
+       if (align) {
+               new_last_fsb = roundup_64(*last_fsb, align);
                error = xfs_bmap_eof(ip, new_last_fsb, XFS_DATA_FORK, &eof);
                if (error)
                        return error;
-- 
1.7.9.5

<Prev in Thread] Current Thread [Next in Thread>