* Re: [PATCH v2] ext4: ext4_fill_super shouldn't return 0 on corruption
2010-11-16 12:56 ` Lukas Czerner
@ 2010-11-16 17:43 ` Eric Sandeen
2010-11-16 22:55 ` Darrick J. Wong
2010-11-16 22:57 ` [PATCH] ext3: Return error code from generic_check_addressable Darrick J. Wong
2 siblings, 0 replies; 10+ messages in thread
From: Eric Sandeen @ 2010-11-16 17:43 UTC (permalink / raw)
To: Lukas Czerner
Cc: Darrick J. Wong, Theodore Ts'o, Patrick J. LoPresti,
linux-kernel, linux-ext4, Mingming Cao
On 11/16/10 6:56 AM, Lukas Czerner wrote:
> On Mon, 15 Nov 2010, Darrick J. Wong wrote:
>
>> At the start of ext4_fill_super, ret is set to -EINVAL, and any failure path
>> out of that function returns ret. However, the generic_check_addressable
>> clause sets ret = 0 (if it passes), which means that a subsequent failure (e.g.
>> a group checksum error) returns 0 even though the mount should fail. This
>> causes vfs_kern_mount in turn to think that the mount succeeded, leading to an
>> oops.
>>
>> A simple fix is to avoid using ret for the generic_check_addressable check,
>> which was last changed in commit 30ca22c70e3ef0a96ff84de69cd7e8561b416cb2.
>>
>> v2: Return -EFBIG in the error case, per Eric Sandeen's suggestion.
>>
>> Signed-off-by: Darrick J. Wong <djwong@us.ibm.com>
>> ---
>>
>> fs/ext4/super.c | 6 +++---
>> 1 files changed, 3 insertions(+), 3 deletions(-)
>>
>> diff --git a/fs/ext4/super.c b/fs/ext4/super.c
>> index 40131b7..120c034 100644
>> --- a/fs/ext4/super.c
>> +++ b/fs/ext4/super.c
>> @@ -3257,13 +3257,13 @@ static int ext4_fill_super(struct super_block *sb, void *data, int silent)
>> * Test whether we have more sectors than will fit in sector_t,
>> * and whether the max offset is addressable by the page cache.
>> */
>> - ret = generic_check_addressable(sb->s_blocksize_bits,
>> - ext4_blocks_count(es));
>> - if (ret) {
>> + if (generic_check_addressable(sb->s_blocksize_bits,
>> + ext4_blocks_count(es))) {
>> ext4_msg(sb, KERN_ERR, "filesystem"
>> " too large to mount safely on this system");
>> if (sizeof(sector_t) < 8)
>> ext4_msg(sb, KERN_WARNING, "CONFIG_LBDAF not enabled");
>> + ret = -EFBIG;
>> goto failed_mount;
>> }
>>
>> --
>> To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
>> the body of a message to majordomo@vger.kernel.org
>> More majordomo info at http://vger.kernel.org/majordomo-info.html
>>
>
> Hi,
>
> the untested diff below seems like a more general solution to me,
> since it allows to return the actual error from
> generic_check_addressable().
>
> Thanks.
good point, we can get -EINVAL or -EFBIG back, can't we.
Thanks,
-Eric
> -Lukas
>
>
> diff --git a/fs/ext4/super.c b/fs/ext4/super.c
> index 61182fe..3d89b72 100644
> --- a/fs/ext4/super.c
> +++ b/fs/ext4/super.c
> @@ -3268,13 +3268,14 @@ static int ext4_fill_super(struct super_block *sb, void *data, int silent)
> * Test whether we have more sectors than will fit in sector_t,
> * and whether the max offset is addressable by the page cache.
> */
> - ret = generic_check_addressable(sb->s_blocksize_bits,
> + err = generic_check_addressable(sb->s_blocksize_bits,
> ext4_blocks_count(es));
> - if (ret) {
> + if (err) {
> ext4_msg(sb, KERN_ERR, "filesystem"
> " too large to mount safely on this system");
> if (sizeof(sector_t) < 8)
> ext4_msg(sb, KERN_WARNING, "CONFIG_LBDAF not enabled");
> + ret = err;
> goto failed_mount;
> }
>
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [PATCH v2] ext4: ext4_fill_super shouldn't return 0 on corruption
2010-11-16 12:56 ` Lukas Czerner
2010-11-16 17:43 ` Eric Sandeen
@ 2010-11-16 22:55 ` Darrick J. Wong
2010-11-19 14:59 ` Ted Ts'o
2010-11-16 22:57 ` [PATCH] ext3: Return error code from generic_check_addressable Darrick J. Wong
2 siblings, 1 reply; 10+ messages in thread
From: Darrick J. Wong @ 2010-11-16 22:55 UTC (permalink / raw)
To: Lukas Czerner
Cc: Eric Sandeen, Theodore Ts'o, Patrick J. LoPresti,
linux-kernel, linux-ext4, Mingming Cao
On Tue, Nov 16, 2010 at 01:56:31PM +0100, Lukas Czerner wrote:
> On Mon, 15 Nov 2010, Darrick J. Wong wrote:
>
> > At the start of ext4_fill_super, ret is set to -EINVAL, and any failure path
> > out of that function returns ret. However, the generic_check_addressable
> > clause sets ret = 0 (if it passes), which means that a subsequent failure (e.g.
> > a group checksum error) returns 0 even though the mount should fail. This
> > causes vfs_kern_mount in turn to think that the mount succeeded, leading to an
> > oops.
> >
> > A simple fix is to avoid using ret for the generic_check_addressable check,
> > which was last changed in commit 30ca22c70e3ef0a96ff84de69cd7e8561b416cb2.
> >
> > v2: Return -EFBIG in the error case, per Eric Sandeen's suggestion.
> >
> > Signed-off-by: Darrick J. Wong <djwong@us.ibm.com>
> > ---
> >
> > fs/ext4/super.c | 6 +++---
> > 1 files changed, 3 insertions(+), 3 deletions(-)
> >
> > diff --git a/fs/ext4/super.c b/fs/ext4/super.c
> > index 40131b7..120c034 100644
> > --- a/fs/ext4/super.c
> > +++ b/fs/ext4/super.c
> > @@ -3257,13 +3257,13 @@ static int ext4_fill_super(struct super_block *sb, void *data, int silent)
> > * Test whether we have more sectors than will fit in sector_t,
> > * and whether the max offset is addressable by the page cache.
> > */
> > - ret = generic_check_addressable(sb->s_blocksize_bits,
> > - ext4_blocks_count(es));
> > - if (ret) {
> > + if (generic_check_addressable(sb->s_blocksize_bits,
> > + ext4_blocks_count(es))) {
> > ext4_msg(sb, KERN_ERR, "filesystem"
> > " too large to mount safely on this system");
> > if (sizeof(sector_t) < 8)
> > ext4_msg(sb, KERN_WARNING, "CONFIG_LBDAF not enabled");
> > + ret = -EFBIG;
> > goto failed_mount;
> > }
> >
> > --
> > To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
> > the body of a message to majordomo@vger.kernel.org
> > More majordomo info at http://vger.kernel.org/majordomo-info.html
> >
>
> Hi,
>
> the untested diff below seems like a more general solution to me,
> since it allows to return the actual error from
> generic_check_addressable().
It seems to work ok for me, so:
Acked-by: Darrick J. Wong <djwong@us.ibm.com>
I will make the same change to ext3.
--D
>
> Thanks.
>
> -Lukas
>
>
> diff --git a/fs/ext4/super.c b/fs/ext4/super.c
> index 61182fe..3d89b72 100644
> --- a/fs/ext4/super.c
> +++ b/fs/ext4/super.c
> @@ -3268,13 +3268,14 @@ static int ext4_fill_super(struct super_block *sb, void *data, int silent)
> * Test whether we have more sectors than will fit in sector_t,
> * and whether the max offset is addressable by the page cache.
> */
> - ret = generic_check_addressable(sb->s_blocksize_bits,
> + err = generic_check_addressable(sb->s_blocksize_bits,
> ext4_blocks_count(es));
> - if (ret) {
> + if (err) {
> ext4_msg(sb, KERN_ERR, "filesystem"
> " too large to mount safely on this system");
> if (sizeof(sector_t) < 8)
> ext4_msg(sb, KERN_WARNING, "CONFIG_LBDAF not enabled");
> + ret = err;
> goto failed_mount;
> }
>
> --
> To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [PATCH v2] ext4: ext4_fill_super shouldn't return 0 on corruption
2010-11-16 22:55 ` Darrick J. Wong
@ 2010-11-19 14:59 ` Ted Ts'o
0 siblings, 0 replies; 10+ messages in thread
From: Ted Ts'o @ 2010-11-19 14:59 UTC (permalink / raw)
To: Darrick J. Wong
Cc: Lukas Czerner, Eric Sandeen, Patrick J. LoPresti, linux-kernel,
linux-ext4, Mingming Cao
On Tue, Nov 16, 2010 at 02:55:38PM -0800, Darrick J. Wong wrote:
> > the untested diff below seems like a more general solution to me,
> > since it allows to return the actual error from
> > generic_check_addressable().
>
> It seems to work ok for me, so:
>
> Acked-by: Darrick J. Wong <djwong@us.ibm.com>
>
> I will make the same change to ext3.
OK, this is what I've added to the ext4 patch queue
---
ext4: ext4_fill_super shouldn't return 0 on corruption
From: "Darrick J. Wong" <djwong@us.ibm.com>
At the start of ext4_fill_super, ret is set to -EINVAL, and any
failure path out of that function returns ret. However, the
generic_check_addressable clause sets ret = 0 (if it passes), which
means that a subsequent failure (e.g. a group checksum error) returns
0 even though the mount should fail. This causes vfs_kern_mount in
turn to think that the mount succeeded, leading to an oops.
A simple fix is to avoid using ret for the generic_check_addressable
check, which was last changed in commit 30ca22c70e3.
Signed-off-by: Darrick J. Wong <djwong@us.ibm.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
---
diff --git a/fs/ext4/super.c b/fs/ext4/super.c
index 61182fe..3d89b72 100644
--- a/fs/ext4/super.c
+++ b/fs/ext4/super.c
@@ -3268,13 +3268,14 @@ static int ext4_fill_super(struct super_block *sb, void *data, int silent)
* Test whether we have more sectors than will fit in sector_t,
* and whether the max offset is addressable by the page cache.
*/
- ret = generic_check_addressable(sb->s_blocksize_bits,
+ err = generic_check_addressable(sb->s_blocksize_bits,
ext4_blocks_count(es));
- if (ret) {
+ if (err) {
ext4_msg(sb, KERN_ERR, "filesystem"
" too large to mount safely on this system");
if (sizeof(sector_t) < 8)
ext4_msg(sb, KERN_WARNING, "CONFIG_LBDAF not enabled");
+ ret = err;
goto failed_mount;
}
^ permalink raw reply related [flat|nested] 10+ messages in thread
* [PATCH] ext3: Return error code from generic_check_addressable
2010-11-16 12:56 ` Lukas Czerner
2010-11-16 17:43 ` Eric Sandeen
2010-11-16 22:55 ` Darrick J. Wong
@ 2010-11-16 22:57 ` Darrick J. Wong
2010-11-18 8:52 ` Lukas Czerner
2 siblings, 1 reply; 10+ messages in thread
From: Darrick J. Wong @ 2010-11-16 22:57 UTC (permalink / raw)
To: Theodore Ts'o
Cc: Lukas Czerner, Eric Sandeen, Patrick J. LoPresti, linux-kernel,
linux-ext4, Mingming Cao
ext3: Return error code from generic_check_accessible
ext3_fill_super should return the error code that generic_check_accessible
returns when an error condition occurs.
Signed-off-by: Darrick J. Wong <djwong@us.ibm.com>
---
fs/ext3/super.c | 6 ++++--
1 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/fs/ext3/super.c b/fs/ext3/super.c
index 2fedaf8..960629b 100644
--- a/fs/ext3/super.c
+++ b/fs/ext3/super.c
@@ -1842,13 +1842,15 @@ static int ext3_fill_super (struct super_block *sb, void *data, int silent)
goto failed_mount;
}
- if (generic_check_addressable(sb->s_blocksize_bits,
- le32_to_cpu(es->s_blocks_count))) {
+ err = generic_check_addressable(sb->s_blocksize_bits,
+ le32_to_cpu(es->s_blocks_count));
+ if (err) {
ext3_msg(sb, KERN_ERR,
"error: filesystem is too large to mount safely");
if (sizeof(sector_t) < 8)
ext3_msg(sb, KERN_ERR,
"error: CONFIG_LBDAF not enabled");
+ ret = err;
goto failed_mount;
}
^ permalink raw reply related [flat|nested] 10+ messages in thread
* Re: [PATCH] ext3: Return error code from generic_check_addressable
2010-11-16 22:57 ` [PATCH] ext3: Return error code from generic_check_addressable Darrick J. Wong
@ 2010-11-18 8:52 ` Lukas Czerner
2010-11-22 18:27 ` Jan Kara
0 siblings, 1 reply; 10+ messages in thread
From: Lukas Czerner @ 2010-11-18 8:52 UTC (permalink / raw)
To: Darrick J. Wong
Cc: Theodore Ts'o, Lukas Czerner, Eric Sandeen,
Patrick J. LoPresti, linux-kernel, linux-ext4, Mingming Cao,
Jan Kara
On Tue, 16 Nov 2010, Darrick J. Wong wrote:
> ext3: Return error code from generic_check_accessible
>
> ext3_fill_super should return the error code that generic_check_accessible
> returns when an error condition occurs.
>
> Signed-off-by: Darrick J. Wong <djwong@us.ibm.com>
> ---
>
> fs/ext3/super.c | 6 ++++--
> 1 files changed, 4 insertions(+), 2 deletions(-)
>
> diff --git a/fs/ext3/super.c b/fs/ext3/super.c
> index 2fedaf8..960629b 100644
> --- a/fs/ext3/super.c
> +++ b/fs/ext3/super.c
> @@ -1842,13 +1842,15 @@ static int ext3_fill_super (struct super_block *sb, void *data, int silent)
> goto failed_mount;
> }
>
> - if (generic_check_addressable(sb->s_blocksize_bits,
> - le32_to_cpu(es->s_blocks_count))) {
> + err = generic_check_addressable(sb->s_blocksize_bits,
> + le32_to_cpu(es->s_blocks_count));
> + if (err) {
> ext3_msg(sb, KERN_ERR,
> "error: filesystem is too large to mount safely");
> if (sizeof(sector_t) < 8)
> ext3_msg(sb, KERN_ERR,
> "error: CONFIG_LBDAF not enabled");
> + ret = err;
> goto failed_mount;
> }
>
>
Add Jan Kara to cc list.
-Lukas
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [PATCH] ext3: Return error code from generic_check_addressable
2010-11-18 8:52 ` Lukas Czerner
@ 2010-11-22 18:27 ` Jan Kara
0 siblings, 0 replies; 10+ messages in thread
From: Jan Kara @ 2010-11-22 18:27 UTC (permalink / raw)
To: Lukas Czerner
Cc: Darrick J. Wong, Theodore Ts'o, Eric Sandeen,
Patrick J. LoPresti, linux-kernel, linux-ext4, Mingming Cao,
Jan Kara
On Thu 18-11-10 09:52:51, Lukas Czerner wrote:
> On Tue, 16 Nov 2010, Darrick J. Wong wrote:
>
> > ext3: Return error code from generic_check_accessible
> >
> > ext3_fill_super should return the error code that generic_check_accessible
> > returns when an error condition occurs.
> >
> > Signed-off-by: Darrick J. Wong <djwong@us.ibm.com>
> > ---
> >
> > fs/ext3/super.c | 6 ++++--
> > 1 files changed, 4 insertions(+), 2 deletions(-)
> >
> > diff --git a/fs/ext3/super.c b/fs/ext3/super.c
> > index 2fedaf8..960629b 100644
> > --- a/fs/ext3/super.c
> > +++ b/fs/ext3/super.c
> > @@ -1842,13 +1842,15 @@ static int ext3_fill_super (struct super_block *sb, void *data, int silent)
> > goto failed_mount;
> > }
> >
> > - if (generic_check_addressable(sb->s_blocksize_bits,
> > - le32_to_cpu(es->s_blocks_count))) {
> > + err = generic_check_addressable(sb->s_blocksize_bits,
> > + le32_to_cpu(es->s_blocks_count));
> > + if (err) {
> > ext3_msg(sb, KERN_ERR,
> > "error: filesystem is too large to mount safely");
> > if (sizeof(sector_t) < 8)
> > ext3_msg(sb, KERN_ERR,
> > "error: CONFIG_LBDAF not enabled");
> > + ret = err;
> > goto failed_mount;
> > }
> >
> >
>
> Add Jan Kara to cc list.
Thanks for forwarding. Merged.
Honza
--
Jan Kara <jack@suse.cz>
SUSE Labs, CR
^ permalink raw reply [flat|nested] 10+ messages in thread