From: "Darrick J. Wong" <darrick.wong@oracle.com>
To: Christoph Hellwig <hch@infradead.org>
Cc: sandeen@sandeen.net, linux-xfs@vger.kernel.org
Subject: Re: [PATCH 09/16] xfs_repair: convert to libxfs_verify_agbno
Date: Mon, 11 May 2020 09:22:03 -0700 [thread overview]
Message-ID: <20200511162203.GZ6714@magnolia> (raw)
In-Reply-To: <20200509171830.GC15381@infradead.org>
On Sat, May 09, 2020 at 10:18:30AM -0700, Christoph Hellwig wrote:
> On Sat, May 09, 2020 at 09:30:54AM -0700, Darrick J. Wong wrote:
> > From: Darrick J. Wong <darrick.wong@oracle.com>
> >
> > Convert the homegrown verify_agbno callers to use the libxfs function,
> > as needed.
> >
> > Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com>
>
> This looks mostly good, but there is one thing I wonder about:
>
> > bno = be32_to_cpu(agf->agf_roots[XFS_BTNUM_BNO]);
> > - if (bno != 0 && verify_agbno(mp, agno, bno)) {
> > + if (libxfs_verify_agbno(mp, agno, bno)) {
>
> Various of these block is non-zero check are going away. Did you
> audit if they weren't used as intentional escapes in a few places?
Yes. Each of those "bno != 0" checks occurs in the context of checking
an AG header's pointer to a btree root. The roots should never be zero
if the corresponding feature is enabled, and we're careful to check the
feature bits first.
AFAICT that bno != 0 check is actually there to cover a deficiency in
the verify_agbno function, which is that it only checked that the
supplied argument didn't go past the end of the AG and did not check
that the pointer didn't point into the AG header block(s).
Checking for a nonzero value is also insufficient, since on a
blocksize < sectorsize * 4 filesystem, the AGFL can end up in a nonzero
agbno. libxfs_verify_agbno covers all of these cases.
> Either way this should probably be documented in the changelog.
Ok, how about this for a commit message:
"Convert the homegrown verify_agbno callers to use the libxfs function,
as needed. In some places we drop the "bno != 0" checks because those
conditionals are checking btree roots; btree roots should never be
zero if the corresponding feature bit is set; and repair skips the if
clause entirely if the feature bit is disabled.
"In effect, this strengthens repair to validate that AG btree pointers
neither point to the AG headers nor point past the end of the AG."
--D
next prev parent reply other threads:[~2020-05-11 16:22 UTC|newest]
Thread overview: 40+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-05-09 16:29 [PATCH 00/16] xfs_repair: catch things that xfs_check misses Darrick J. Wong
2020-05-09 16:29 ` [PATCH 01/16] xfs_repair: fix missing dir buffer corruption checks Darrick J. Wong
2020-05-09 17:08 ` Christoph Hellwig
2020-05-11 16:44 ` Darrick J. Wong
2020-05-11 17:36 ` Darrick J. Wong
2020-05-12 17:29 ` [PATCH v2 " Darrick J. Wong
2020-05-13 6:22 ` Christoph Hellwig
2020-05-13 15:35 ` Darrick J. Wong
2020-05-09 16:30 ` [PATCH 02/16] xfs_repair: warn when we would have rebuilt a directory Darrick J. Wong
2020-05-09 17:09 ` Christoph Hellwig
2020-05-09 16:30 ` [PATCH 03/16] xfs_repair: check for AG btree records that would wrap around Darrick J. Wong
2020-05-09 17:09 ` Christoph Hellwig
2020-05-09 16:30 ` [PATCH 04/16] xfs_repair: fix bnobt and refcountbt record order checks Darrick J. Wong
2020-05-09 17:10 ` Christoph Hellwig
2020-05-09 16:30 ` [PATCH 05/16] xfs_repair: check for out-of-order inobt records Darrick J. Wong
2020-05-09 17:11 ` Christoph Hellwig
2020-05-09 16:30 ` [PATCH 06/16] xfs_repair: fix rmapbt record order check Darrick J. Wong
2020-05-10 7:33 ` Christoph Hellwig
2020-05-09 16:30 ` [PATCH 07/16] xfs_repair: tag inobt vs finobt errors properly Darrick J. Wong
2020-05-09 17:14 ` Christoph Hellwig
2020-05-09 16:30 ` [PATCH 08/16] xfs_repair: complain about bad interior btree pointers Darrick J. Wong
2020-05-09 17:15 ` Christoph Hellwig
2020-05-09 16:30 ` [PATCH 09/16] xfs_repair: convert to libxfs_verify_agbno Darrick J. Wong
2020-05-09 17:18 ` Christoph Hellwig
2020-05-11 16:22 ` Darrick J. Wong [this message]
2020-05-12 8:07 ` Christoph Hellwig
2020-05-09 16:31 ` [PATCH 10/16] xfs_repair: refactor verify_dfsbno_range Darrick J. Wong
2020-05-10 7:24 ` Christoph Hellwig
2020-05-09 16:31 ` [PATCH 11/16] xfs_repair: remove verify_dfsbno Darrick J. Wong
2020-05-10 7:24 ` Christoph Hellwig
2020-05-09 16:31 ` [PATCH 12/16] xfs_repair: remove verify_aginum Darrick J. Wong
2020-05-10 7:25 ` Christoph Hellwig
2020-05-09 16:31 ` [PATCH 13/16] xfs_repair: mark entire free space btree record as free1 Darrick J. Wong
2020-05-10 7:26 ` Christoph Hellwig
2020-05-09 16:31 ` [PATCH 14/16] xfs_repair: complain about free space only seen by one btree Darrick J. Wong
2020-05-10 7:26 ` Christoph Hellwig
2020-05-09 16:31 ` [PATCH 15/16] xfs_repair: complain about extents in unknown state Darrick J. Wong
2020-05-10 7:27 ` Christoph Hellwig
2020-05-09 16:31 ` [PATCH 16/16] xfs_repair: complain about any nonzero inprogress value, not just 1 Darrick J. Wong
2020-05-10 7:27 ` Christoph Hellwig
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200511162203.GZ6714@magnolia \
--to=darrick.wong@oracle.com \
--cc=hch@infradead.org \
--cc=linux-xfs@vger.kernel.org \
--cc=sandeen@sandeen.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.