[PATCH 4.14 027/146] btrfs: validate type when reading a chunk

From: Greg Kroah-Hartman
Date: Tue Dec 04 2018 - 06:03:20 EST

Next message: Greg Kroah-Hartman: "[PATCH 4.14 054/146] f2fs: fix to do sanity check with block address in main area"
Previous message: Greg Kroah-Hartman: "[PATCH 4.14 051/146] f2fs: fix to do sanity check with extra_attr feature"
In reply to: Greg Kroah-Hartman: "[PATCH 4.14 051/146] f2fs: fix to do sanity check with extra_attr feature"
Next in thread: Greg Kroah-Hartman: "[PATCH 4.14 054/146] f2fs: fix to do sanity check with block address in main area"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

4.14-stable review patch. If anyone has any objections, please let me know.

------------------

commit 315409b0098fb2651d86553f0436b70502b29bb2 upstream.

Reported in https://bugzilla.kernel.org/show_bug.cgi?id=199839, with an
image that has an invalid chunk type but does not return an error.

Add chunk type check in btrfs_check_chunk_valid, to detect the wrong
type combinations.

Link: https://bugzilla.kernel.org/show_bug.cgi?id=199839
Reported-by: Xu Wen <wen.xu@xxxxxxxxxx>
Reviewed-by: Qu Wenruo <wqu@xxxxxxxx>
Signed-off-by: Gu Jinxiang <gujx@xxxxxxxxxxxxxx>
Signed-off-by: David Sterba <dsterba@xxxxxxxx>
Signed-off-by: Ben Hutchings <ben.hutchings@xxxxxxxxxxxxxxx>
Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>
---
fs/btrfs/volumes.c | 28 ++++++++++++++++++++++++++++
1 file changed, 28 insertions(+)

diff --git a/fs/btrfs/volumes.c b/fs/btrfs/volumes.c
index a0947f4a3e87..cfd5728e7519 100644
--- a/fs/btrfs/volumes.c
+++ b/fs/btrfs/volumes.c
@@ -6353,6 +6353,8 @@ static int btrfs_check_chunk_valid(struct btrfs_fs_info *fs_info,
u16 num_stripes;
u16 sub_stripes;
u64 type;
+ u64 features;
+ bool mixed = false;

length = btrfs_chunk_length(leaf, chunk);
stripe_len = btrfs_chunk_stripe_len(leaf, chunk);
@@ -6391,6 +6393,32 @@ static int btrfs_check_chunk_valid(struct btrfs_fs_info *fs_info,
btrfs_chunk_type(leaf, chunk));
return -EIO;
}
+
+ if ((type & BTRFS_BLOCK_GROUP_TYPE_MASK) == 0) {
+ btrfs_err(fs_info, "missing chunk type flag: 0x%llx", type);
+ return -EIO;
+ }
+
+ if ((type & BTRFS_BLOCK_GROUP_SYSTEM) &&
+ (type & (BTRFS_BLOCK_GROUP_METADATA | BTRFS_BLOCK_GROUP_DATA))) {
+ btrfs_err(fs_info,
+ "system chunk with data or metadata type: 0x%llx", type);
+ return -EIO;
+ }
+
+ features = btrfs_super_incompat_flags(fs_info->super_copy);
+ if (features & BTRFS_FEATURE_INCOMPAT_MIXED_GROUPS)
+ mixed = true;
+
+ if (!mixed) {
+ if ((type & BTRFS_BLOCK_GROUP_METADATA) &&
+ (type & BTRFS_BLOCK_GROUP_DATA)) {
+ btrfs_err(fs_info,
+ "mixed chunk type in non-mixed mode: 0x%llx", type);
+ return -EIO;
+ }
+ }
+
if ((type & BTRFS_BLOCK_GROUP_RAID10 && sub_stripes != 2) ||
(type & BTRFS_BLOCK_GROUP_RAID1 && num_stripes < 1) ||
(type & BTRFS_BLOCK_GROUP_RAID5 && num_stripes < 2) ||
--
2.17.1

Next message: Greg Kroah-Hartman: "[PATCH 4.14 054/146] f2fs: fix to do sanity check with block address in main area"
Previous message: Greg Kroah-Hartman: "[PATCH 4.14 051/146] f2fs: fix to do sanity check with extra_attr feature"
In reply to: Greg Kroah-Hartman: "[PATCH 4.14 051/146] f2fs: fix to do sanity check with extra_attr feature"
Next in thread: Greg Kroah-Hartman: "[PATCH 4.14 054/146] f2fs: fix to do sanity check with block address in main area"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]