linux_dsm_epyc7002/fs/xfs
Dave Chinner 4536f2ad8b xfs: fix untrusted inode number lookup
Commit 7124fe0a5b ("xfs: validate untrusted inode
numbers during lookup") changes the inode lookup code to do btree lookups for
untrusted inode numbers. This change made an invalid assumption about the
alignment of inodes and hence incorrectly calculated the first inode in the
cluster. As a result, some inode numbers were being incorrectly considered
invalid when they were actually valid.

The issue was not picked up by the xfstests suite because it always runs fsr
and dump (the two utilities that utilise the bulkstat interface) on cache hot
inodes and hence the lookup code in the cold cache path was not sufficiently
exercised to uncover this intermittent problem.

Fix the issue by relaxing the btree lookup criteria and then checking if the
record returned contains the inode number we are lookup for. If it we get an
incorrect record, then the inode number is invalid.

Cc: <stable@kernel.org>
Signed-off-by: Dave Chinner <dchinner@redhat.com>
Reviewed-by: Christoph Hellwig <hch@lst.de>
2010-08-24 11:42:30 +10:00
..
linux-2.6 Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6 2010-08-10 11:26:52 -07:00
quota Merge branch 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jack/linux-fs-2.6 2010-08-07 12:57:07 -07:00
support xfs: drop dmapi hooks 2010-07-26 13:16:33 -05:00
Kconfig xfs: use generic Posix ACL code 2009-06-10 17:07:47 +02:00
Makefile xfs: simplify log item descriptor tracking 2010-07-26 13:16:34 -05:00
xfs_acl.h xfs: constify xattr_handler 2010-05-21 18:31:19 -04:00
xfs_ag.h xfs: fix access to upper inodes without inode64 2010-05-28 15:19:56 -05:00
xfs_alloc_btree.c xfs: remove unneeded #include statements 2010-07-26 13:16:33 -05:00
xfs_alloc_btree.h
xfs_alloc.c xfs: fix gcc 4.6 set but not read and unused statement warnings 2010-07-26 13:16:51 -05:00
xfs_alloc.h xfs: do not use emums for flags used in tracing 2010-07-26 13:16:43 -05:00
xfs_arch.h xfs: use generic Posix ACL code 2009-06-10 17:07:47 +02:00
xfs_attr_leaf.c xfs: remove unused delta tracking code in xfs_bmapi 2010-07-26 13:16:39 -05:00
xfs_attr_leaf.h [XFS] Remove macro-to-function indirections in attr code 2009-01-09 15:46:44 +11:00
xfs_attr_sf.h xfs: convert attr to use unsigned names 2010-01-20 10:47:48 +11:00
xfs_attr.c xfs: remove unused delta tracking code in xfs_bmapi 2010-07-26 13:16:39 -05:00
xfs_attr.h xfs: convert attr to use unsigned names 2010-01-20 10:47:48 +11:00
xfs_bit.c
xfs_bit.h [XFS] Remove macro-to-function indirections in the mask code 2009-01-09 15:53:54 +11:00
xfs_bmap_btree.c xfs: remove unneeded #include statements 2010-07-26 13:16:33 -05:00
xfs_bmap_btree.h xfs: make several more functions static 2010-01-15 15:31:38 -06:00
xfs_bmap.c xfs: clean up xfs_bmap_get_bp 2010-07-26 13:16:53 -05:00
xfs_bmap.h xfs: remove unused delta tracking code in xfs_bmapi 2010-07-26 13:16:39 -05:00
xfs_btree_trace.c
xfs_btree_trace.h xfs: event tracing support 2009-12-14 23:08:16 -06:00
xfs_btree.c xfs: remove unneeded #include statements 2010-07-26 13:16:33 -05:00
xfs_btree.h xfs: add more statics & drop some unused functions 2009-08-31 14:46:20 -05:00
xfs_buf_item.c xfs: kill the b_strat callback in xfs_buf 2010-07-26 13:16:52 -05:00
xfs_buf_item.h xfs: give li_cb callbacks the correct prototype 2010-07-26 13:16:35 -05:00
xfs_da_btree.c xfs: fix gcc 4.6 set but not read and unused statement warnings 2010-07-26 13:16:51 -05:00
xfs_da_btree.h xfs: convert dirnameops to unsigned char names 2010-01-20 10:47:17 +11:00
xfs_dfrag.c xfs: simplify inode to transaction joining 2010-07-26 13:16:36 -05:00
xfs_dfrag.h xfs: clean up inconsistent variable naming in xfs_swap_extent 2010-01-15 15:31:23 -06:00
xfs_dinode.h xfs: remove m_litino 2009-03-29 09:51:14 +02:00
xfs_dir2_block.c xfs: fix gcc 4.6 set but not read and unused statement warnings 2010-07-26 13:16:51 -05:00
xfs_dir2_block.h
xfs_dir2_data.c xfs: remove unneeded #include statements 2010-07-26 13:16:33 -05:00
xfs_dir2_data.h xfs: fix various typos 2009-03-29 09:55:42 +02:00
xfs_dir2_leaf.c xfs: remove unused delta tracking code in xfs_bmapi 2010-07-26 13:16:39 -05:00
xfs_dir2_leaf.h
xfs_dir2_node.c xfs: remove unneeded #include statements 2010-07-26 13:16:33 -05:00
xfs_dir2_node.h xfs: make several more functions static 2010-01-15 15:31:38 -06:00
xfs_dir2_sf.c xfs: remove unneeded #include statements 2010-07-26 13:16:33 -05:00
xfs_dir2_sf.h
xfs_dir2.c xfs: split xfs_itrace_entry 2010-07-26 13:16:44 -05:00
xfs_dir2.h xfs: make xfs_dir_cilookup_result use unsigned char 2010-01-20 10:47:25 +11:00
xfs_error.c xfs: remove unneeded #include statements 2010-07-26 13:16:33 -05:00
xfs_error.h xfs: add const qualifiers to xfs error function args 2010-05-19 09:58:11 -05:00
xfs_extfree_item.c xfs: fix the xfs_log_iovec i_addr type 2010-07-26 13:16:36 -05:00
xfs_extfree_item.h [XFS] remove always-true #ifndef HAVE_FORMAT32 tests 2009-01-22 14:07:31 +11:00
xfs_filestream.c xfs: clean up filestreams helpers 2010-07-26 13:16:51 -05:00
xfs_filestream.h xfs: clean up filestreams helpers 2010-07-26 13:16:51 -05:00
xfs_fs.h xfs: return inode fork offset in bulkstat for fsr 2010-03-05 11:02:07 -06:00
xfs_fsops.c xfs: simplify inode to transaction joining 2010-07-26 13:16:36 -05:00
xfs_fsops.h filesystem freeze: add error handling of write_super_lockfs/unlockfs 2009-01-09 16:54:42 -08:00
xfs_ialloc_btree.c xfs: remove unneeded #include statements 2010-07-26 13:16:33 -05:00
xfs_ialloc_btree.h xfs: remove superflous inobt macros 2009-02-09 08:37:14 +01:00
xfs_ialloc.c xfs: fix untrusted inode number lookup 2010-08-24 11:42:30 +10:00
xfs_ialloc.h xfs: rationalize xfs_inobt_lookup* 2009-09-01 12:45:39 -05:00
xfs_iget.c xfs: fix gcc 4.6 set but not read and unused statement warnings 2010-07-26 13:16:51 -05:00
xfs_inode_item.c xfs: fix big endian build 2010-07-26 16:07:38 -05:00
xfs_inode_item.h xfs: simplify inode to transaction joining 2010-07-26 13:16:36 -05:00
xfs_inode.c xfs: ensure we mark all inodes in a freed cluster XFS_ISTALE 2010-08-24 11:42:41 +10:00
xfs_inode.h xfs: simplify and remove xfs_ireclaim 2010-07-26 13:16:48 -05:00
xfs_inum.h xfs: remove XFS_INO64_OFFSET 2009-08-31 14:46:22 -05:00
xfs_iomap.c xfs: small cleanups for xfs_iomap / __xfs_get_blocks 2010-07-26 13:16:42 -05:00
xfs_iomap.h xfs: do not use emums for flags used in tracing 2010-07-26 13:16:43 -05:00
xfs_itable.c xfs: remove xfs_iput 2010-07-26 13:16:44 -05:00
xfs_itable.h xfs: remove block number from inode lookup code 2010-06-24 11:35:17 +10:00
xfs_log_cil.c xfs: unlock items before allowing the CIL to commit 2010-08-24 11:42:52 +10:00
xfs_log_priv.h xfs: enable background pushing of the CIL 2010-05-24 10:38:20 -05:00
xfs_log_recover.c xfs: fix the xfs_log_iovec i_addr type 2010-07-26 13:16:36 -05:00
xfs_log_recover.h xfs: Clean up XFS_BLI_* flag namespace 2010-05-24 10:33:39 -05:00
xfs_log.c xfs: fix gcc 4.6 set but not read and unused statement warnings 2010-07-26 13:16:51 -05:00
xfs_log.h xfs: remove the unused XFS_LOG_SLEEP and XFS_LOG_NOSLEEP flags 2010-07-26 13:16:38 -05:00
xfs_mount.c xfs: remove unneeded #include statements 2010-07-26 13:16:33 -05:00
xfs_mount.h xfs: remove obsolete osyncisosync mount option 2010-07-26 13:16:51 -05:00
xfs_mru_cache.c xfs: Kill filestreams cache flush 2010-01-15 15:34:22 -06:00
xfs_mru_cache.h xfs: Kill filestreams cache flush 2010-01-15 15:34:22 -06:00
xfs_quota.h xfs: removed unused XFS_QMOPT_ flags 2010-05-19 09:58:15 -05:00
xfs_refcache.h
xfs_rename.c xfs: split xfs_itrace_entry 2010-07-26 13:16:44 -05:00
xfs_rtalloc.c xfs: remove unused delta tracking code in xfs_bmapi 2010-07-26 13:16:39 -05:00
xfs_rtalloc.h xfs: be more explicit if RT mount fails due to config 2010-05-28 14:58:24 -05:00
xfs_rw.c xfs: remove unneeded #include statements 2010-07-26 13:16:33 -05:00
xfs_rw.h xfs: only clear the suid bit once in xfs_write 2010-02-12 13:43:57 -06:00
xfs_sb.h [XFS] Remove the rest of the macro-to-function indirections. 2009-01-19 14:45:55 +11:00
xfs_trans_ail.c xfs: drop dmapi hooks 2010-07-26 13:16:33 -05:00
xfs_trans_buf.c xfs: give li_cb callbacks the correct prototype 2010-07-26 13:16:35 -05:00
xfs_trans_extfree.c xfs: simplify log item descriptor tracking 2010-07-26 13:16:34 -05:00
xfs_trans_inode.c xfs: simplify inode to transaction joining 2010-07-26 13:16:36 -05:00
xfs_trans_priv.h xfs: unlock items before allowing the CIL to commit 2010-08-24 11:42:52 +10:00
xfs_trans_space.h xfs: remove superflous inobt macros 2009-02-09 08:37:14 +01:00
xfs_trans.c xfs: unlock items before allowing the CIL to commit 2010-08-24 11:42:52 +10:00
xfs_trans.h xfs: remove the unused XFS_TRANS_NOSLEEP/XFS_TRANS_WAIT flags 2010-07-26 13:16:38 -05:00
xfs_types.h xfs: make the log ticket ID available outside the log infrastructure 2010-05-24 10:33:52 -05:00
xfs_utils.c xfs: simplify xfs_truncate_file 2010-07-26 13:16:52 -05:00
xfs_utils.h xfs: simplify xfs_truncate_file 2010-07-26 13:16:52 -05:00
xfs_vnodeops.c xfs: new truncate sequence 2010-08-09 16:47:42 -04:00
xfs_vnodeops.h xfs: kill xfs_lrw.h 2010-03-01 16:35:44 -06:00
xfs.h xfs: event tracing support 2009-12-14 23:08:16 -06:00