From: "Darrick J. Wong" <darrick.wong@oracle.com>
To: Eric Sandeen <sandeen@sandeen.net>
Cc: sandeen@redhat.com, linux-xfs@vger.kernel.org
Subject: Re: [PATCH v8 1/5] xfs_db: sanitize agcount on load
Date: Tue, 24 Jan 2017 20:48:19 -0800 [thread overview]
Message-ID: <20170125044819.GI9134@birch.djwong.org> (raw)
In-Reply-To: <17bbf8d4-39f7-a542-6c9d-3cd96e865ddf@sandeen.net>
On Tue, Jan 24, 2017 at 09:09:01PM -0600, Eric Sandeen wrote:
> Before we get into libxfs_initialize_perag and try to blindly
> allocate a perag struct for every (possibly corrupted number of)
> AGs, see if we can read the last one. If not, assume it's corrupt,
> and load only the first AG.
>
> Do this only for an arbitrarily high-ish agcount, so that normal-ish
> geometry on a possibly truncated file or device will still do
> its best to make all readable AGs available.
>
> Signed-off-by: Eric Sandeen <sandeen@redhat.com>
> ---
Huh, what happened to v1-6? :)
> v7: blow it all up
> v8: use bare libxfs_readbuf so verifiers don't matter,
> "ours goes to 1 million!"
>
> diff --git a/libxfs/init.c b/libxfs/init.c
> index a08575a..a14aa17 100644
> --- a/libxfs/init.c
> +++ b/libxfs/init.c
> @@ -817,6 +817,29 @@ libxfs_mount(
> return NULL;
> }
>
> + /*
> + * libxfs_initialize_perag will allocate a perag structure for each ag.
> + * If agcount is corrupted and insanely high, this will OOM the box.
> + * If the agount seems (arbitrarily) high, try to read what would be
> + * the last AG, and if that fails for a relatively high agcount, just
> + * read the first one and let the user know to check the geometry.
> + */
> + if (sbp->sb_agcount > 1000000) {
> + bp = libxfs_readbuf(mp->m_dev,
> + XFS_AG_DADDR(mp, sbp->sb_agcount - 1, 0), 1,
> + !(flags & LIBXFS_MOUNT_DEBUGGER), NULL);
> + if (bp->b_error) {
> + fprintf(stderr, _("%s: read of AG %d failed\n"),
> + progname, sbp->sb_agcount);
AG counts are unsigned.
# xfs_db -x -c 'sb 0' -c 'fuzz -d agcount random' /dev/sdf
Allowing fuzz of corrupted data with good CRC
agcount = 3298133433
# xfs_db /dev/sdf
xfs_db: error - read only 0 of 512 bytes
xfs_db: read of AG -996833863 failed
xfs_db: limiting reads to AG 0
Assuming it passes testing, fix the two things, slap on a:
Reviewed-by: Darrick J. Wong <darrick.wong@oracle.com>
and let's call it done.
--D
> + if (!(flags & LIBXFS_MOUNT_DEBUGGER))
> + return NULL;
> + fprintf(stderr, _("%s: limiting reads to AG 0\n"),
> + progname);
> + sbp->sb_agcount = 1;
> + }
> + libxfs_putbuf(bp);
> + }
> +
> error = libxfs_initialize_perag(mp, sbp->sb_agcount, &mp->m_maxagi);
> if (error) {
> fprintf(stderr, _("%s: perag init failed\n"),
>
> --
> To unsubscribe from this list: send the line "unsubscribe linux-xfs" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
next prev parent reply other threads:[~2017-01-25 4:48 UTC|newest]
Thread overview: 36+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-01-20 20:25 [PATCH 0/5] xfsprogs: miscellaneous cleanups Darrick J. Wong
2017-01-20 20:25 ` [PATCH 1/5] xfs_db: sanitize geometry on load Darrick J. Wong
2017-01-20 23:33 ` Eric Sandeen
2017-01-21 0:15 ` [PATCH v5 " Darrick J. Wong
2017-01-23 20:02 ` Eric Sandeen
2017-01-23 20:35 ` Darrick J. Wong
2017-01-23 21:30 ` Darrick J. Wong
2017-01-23 21:31 ` [PATCH v6 " Darrick J. Wong
2017-01-24 22:38 ` Eric Sandeen
2017-01-24 22:52 ` [PATCH v7 1/5] xfs_db: sanitize agcount " Eric Sandeen
2017-01-25 0:21 ` Darrick J. Wong
2017-01-25 0:55 ` Eric Sandeen
2017-01-25 3:09 ` [PATCH v8 " Eric Sandeen
2017-01-25 4:48 ` Darrick J. Wong [this message]
2017-01-26 1:05 ` [PATCH v9 " Eric Sandeen
2017-01-26 1:17 ` [PATCH v10 " Eric Sandeen
2017-01-26 1:27 ` Darrick J. Wong
2017-01-20 20:25 ` [PATCH 2/5] xfs_db: fix the 'source' command when passed as a -c option Darrick J. Wong
2017-01-23 22:29 ` Eric Sandeen
2017-01-23 23:39 ` Darrick J. Wong
2017-01-23 23:41 ` [PATCH v2 " Darrick J. Wong
2017-01-20 20:25 ` [PATCH 3/5] xfs_repair: strengthen geometry checks Darrick J. Wong
2017-01-23 23:47 ` Eric Sandeen
2017-01-24 0:13 ` Darrick J. Wong
2017-01-24 0:29 ` Eric Sandeen
2017-01-24 0:55 ` [PATCH v2 " Darrick J. Wong
2017-01-20 20:25 ` [PATCH 4/5] xfs_repair: zero shared_vn Darrick J. Wong
2017-01-20 22:20 ` Eric Sandeen
2017-01-20 22:51 ` Darrick J. Wong
2017-01-20 22:52 ` [PATCH v2 " Darrick J. Wong
2017-01-20 23:08 ` Eric Sandeen
2017-01-21 0:08 ` Darrick J. Wong
2017-01-21 0:09 ` [PATCH v3 " Darrick J. Wong
2017-01-24 2:38 ` Eric Sandeen
2017-01-20 20:25 ` [PATCH 5/5] xfs_repair: trash dirattr btrees that cycle to the root Darrick J. Wong
2017-01-24 3:03 ` Eric Sandeen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170125044819.GI9134@birch.djwong.org \
--to=darrick.wong@oracle.com \
--cc=linux-xfs@vger.kernel.org \
--cc=sandeen@redhat.com \
--cc=sandeen@sandeen.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.