xfs: provide a centralized method for verifying inline fork data
Replace the current haphazard dir2 shortform verifier callsites with a centralized verifier function that can be called either with the default verifier functions or with a custom set. This helps us strengthen integrity checking while providing us with flexibility for repair tools. xfs_repair wants this to be able to supply its own verifier functions when trying to fix possibly corrupt metadata. Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com> Reviewed-by: Dave Chinner <dchinner@redhat.com>
This commit is contained in:
parent
dc042c2d8f
commit
9cfb9b4747
|
@ -35,6 +35,8 @@
|
|||
#include "xfs_da_format.h"
|
||||
#include "xfs_da_btree.h"
|
||||
#include "xfs_dir2_priv.h"
|
||||
#include "xfs_attr_leaf.h"
|
||||
#include "xfs_shared.h"
|
||||
|
||||
kmem_zone_t *xfs_ifork_zone;
|
||||
|
||||
|
@ -97,14 +99,6 @@ xfs_iformat_fork(
|
|||
if (error)
|
||||
return error;
|
||||
|
||||
/* Check inline dir contents. */
|
||||
if (S_ISDIR(inode->i_mode) && dip->di_format == XFS_DINODE_FMT_LOCAL) {
|
||||
if (xfs_dir2_sf_verify(ip)) {
|
||||
xfs_idestroy_fork(ip, XFS_DATA_FORK);
|
||||
return -EFSCORRUPTED;
|
||||
}
|
||||
}
|
||||
|
||||
if (xfs_is_reflink_inode(ip)) {
|
||||
ASSERT(ip->i_cowfp == NULL);
|
||||
xfs_ifork_init_cow(ip);
|
||||
|
@ -121,18 +115,6 @@ xfs_iformat_fork(
|
|||
atp = (xfs_attr_shortform_t *)XFS_DFORK_APTR(dip);
|
||||
size = be16_to_cpu(atp->hdr.totsize);
|
||||
|
||||
if (unlikely(size < sizeof(struct xfs_attr_sf_hdr))) {
|
||||
xfs_warn(ip->i_mount,
|
||||
"corrupt inode %Lu (bad attr fork size %Ld).",
|
||||
(unsigned long long) ip->i_ino,
|
||||
(long long) size);
|
||||
XFS_CORRUPTION_ERROR("xfs_iformat(8)",
|
||||
XFS_ERRLEVEL_LOW,
|
||||
ip->i_mount, dip);
|
||||
error = -EFSCORRUPTED;
|
||||
break;
|
||||
}
|
||||
|
||||
error = xfs_iformat_local(ip, dip, XFS_ATTR_FORK, size);
|
||||
break;
|
||||
case XFS_DINODE_FMT_EXTENTS:
|
||||
|
@ -740,3 +722,45 @@ xfs_ifork_init_cow(
|
|||
ip->i_cformat = XFS_DINODE_FMT_EXTENTS;
|
||||
ip->i_cnextents = 0;
|
||||
}
|
||||
|
||||
/* Default fork content verifiers. */
|
||||
struct xfs_ifork_ops xfs_default_ifork_ops = {
|
||||
.verify_attr = xfs_attr_shortform_verify,
|
||||
.verify_dir = xfs_dir2_sf_verify,
|
||||
.verify_symlink = xfs_symlink_shortform_verify,
|
||||
};
|
||||
|
||||
/* Verify the inline contents of the data fork of an inode. */
|
||||
xfs_failaddr_t
|
||||
xfs_ifork_verify_data(
|
||||
struct xfs_inode *ip,
|
||||
struct xfs_ifork_ops *ops)
|
||||
{
|
||||
/* Non-local data fork, we're done. */
|
||||
if (ip->i_d.di_format != XFS_DINODE_FMT_LOCAL)
|
||||
return NULL;
|
||||
|
||||
/* Check the inline data fork if there is one. */
|
||||
switch (VFS_I(ip)->i_mode & S_IFMT) {
|
||||
case S_IFDIR:
|
||||
return ops->verify_dir(ip);
|
||||
case S_IFLNK:
|
||||
return ops->verify_symlink(ip);
|
||||
default:
|
||||
return NULL;
|
||||
}
|
||||
}
|
||||
|
||||
/* Verify the inline contents of the attr fork of an inode. */
|
||||
xfs_failaddr_t
|
||||
xfs_ifork_verify_attr(
|
||||
struct xfs_inode *ip,
|
||||
struct xfs_ifork_ops *ops)
|
||||
{
|
||||
/* There has to be an attr fork allocated if aformat is local. */
|
||||
if (ip->i_d.di_aformat != XFS_DINODE_FMT_LOCAL)
|
||||
return NULL;
|
||||
if (!XFS_IFORK_PTR(ip, XFS_ATTR_FORK))
|
||||
return __this_address;
|
||||
return ops->verify_attr(ip);
|
||||
}
|
||||
|
|
|
@ -186,4 +186,18 @@ extern struct kmem_zone *xfs_ifork_zone;
|
|||
|
||||
extern void xfs_ifork_init_cow(struct xfs_inode *ip);
|
||||
|
||||
typedef xfs_failaddr_t (*xfs_ifork_verifier_t)(struct xfs_inode *);
|
||||
|
||||
struct xfs_ifork_ops {
|
||||
xfs_ifork_verifier_t verify_symlink;
|
||||
xfs_ifork_verifier_t verify_dir;
|
||||
xfs_ifork_verifier_t verify_attr;
|
||||
};
|
||||
extern struct xfs_ifork_ops xfs_default_ifork_ops;
|
||||
|
||||
xfs_failaddr_t xfs_ifork_verify_data(struct xfs_inode *ip,
|
||||
struct xfs_ifork_ops *ops);
|
||||
xfs_failaddr_t xfs_ifork_verify_attr(struct xfs_inode *ip,
|
||||
struct xfs_ifork_ops *ops);
|
||||
|
||||
#endif /* __XFS_INODE_FORK_H__ */
|
||||
|
|
|
@ -473,6 +473,11 @@ xfs_iget_cache_miss(
|
|||
if (error)
|
||||
goto out_destroy;
|
||||
|
||||
if (!xfs_inode_verify_forks(ip)) {
|
||||
error = -EFSCORRUPTED;
|
||||
goto out_destroy;
|
||||
}
|
||||
|
||||
trace_xfs_iget_miss(ip);
|
||||
|
||||
if ((VFS_I(ip)->i_mode == 0) && !(flags & XFS_IGET_CREATE)) {
|
||||
|
|
|
@ -3479,6 +3479,34 @@ xfs_iflush(
|
|||
return error;
|
||||
}
|
||||
|
||||
/*
|
||||
* If there are inline format data / attr forks attached to this inode,
|
||||
* make sure they're not corrupt.
|
||||
*/
|
||||
bool
|
||||
xfs_inode_verify_forks(
|
||||
struct xfs_inode *ip)
|
||||
{
|
||||
xfs_failaddr_t fa;
|
||||
|
||||
fa = xfs_ifork_verify_data(ip, &xfs_default_ifork_ops);
|
||||
if (fa) {
|
||||
xfs_alert(ip->i_mount,
|
||||
"%s: bad inode %llu inline data fork at %pF",
|
||||
__func__, ip->i_ino, fa);
|
||||
return false;
|
||||
}
|
||||
|
||||
fa = xfs_ifork_verify_attr(ip, &xfs_default_ifork_ops);
|
||||
if (fa) {
|
||||
xfs_alert(ip->i_mount,
|
||||
"%s: bad inode %llu inline attr fork at %pF",
|
||||
__func__, ip->i_ino, fa);
|
||||
return false;
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
STATIC int
|
||||
xfs_iflush_int(
|
||||
struct xfs_inode *ip,
|
||||
|
@ -3557,10 +3585,8 @@ xfs_iflush_int(
|
|||
if (ip->i_d.di_version < 3)
|
||||
ip->i_d.di_flushiter++;
|
||||
|
||||
/* Check the inline directory data. */
|
||||
if (S_ISDIR(VFS_I(ip)->i_mode) &&
|
||||
ip->i_d.di_format == XFS_DINODE_FMT_LOCAL &&
|
||||
xfs_dir2_sf_verify(ip))
|
||||
/* Check the inline fork data before we write out. */
|
||||
if (!xfs_inode_verify_forks(ip))
|
||||
goto corrupt_out;
|
||||
|
||||
/*
|
||||
|
|
|
@ -491,4 +491,6 @@ extern struct kmem_zone *xfs_inode_zone;
|
|||
/* The default CoW extent size hint. */
|
||||
#define XFS_DEFAULT_COWEXTSZ_HINT 32
|
||||
|
||||
bool xfs_inode_verify_forks(struct xfs_inode *ip);
|
||||
|
||||
#endif /* __XFS_INODE_H__ */
|
||||
|
|
|
@ -2957,6 +2957,10 @@ xfs_recover_inode_owner_change(
|
|||
if (error)
|
||||
goto out_free_ip;
|
||||
|
||||
if (!xfs_inode_verify_forks(ip)) {
|
||||
error = -EFSCORRUPTED;
|
||||
goto out_free_ip;
|
||||
}
|
||||
|
||||
if (in_f->ilf_fields & XFS_ILOG_DOWNER) {
|
||||
ASSERT(in_f->ilf_fields & XFS_ILOG_DBROOT);
|
||||
|
|
Loading…
Reference in New Issue