> xfs: fix untrusted inode number lookup
>
> From: Dave Chinner <dchinner@xxxxxxxxxx>
>
> Commit 7124fe0a5b619d65b739477b3b55a20bf805b06d ("xfs: validate untrusted
> inode
> numbers during lookup") changes the inode lookup code to do btree lookups for
> untrusted inode numbers. This change made an invalid assumption about the
> alignment of inodes and hence incorrectly calculated the first inode in the
> cluster. As a result, some inode numbers were being incorrectly considered
> invalid when they were actually valid.
>
> The issue was not picked up by the xfstests suite because it always runs fsr
> and dump (the two utilities that utilise the bulkstat interface) on cache hot
> inodes and hence the lookup code in the cold cache path was not sufficiently
> exercised to uncover this intermittent problem.
>
> Fix the issue by relaxing the btree lookup criteria and then checking if the
> record returned contains the inode number we are lookup for. If it we get an
> incorrect record, then the inode number is invalid.
Looks good and fixes the dump issues I've seen in xfstests.
Reviewed-by: Christoph Hellwig <hch@xxxxxx>
|