Commit fcdbc1d7 authored Apr 17, 2024 by Kent Overstreet

bcachefs: Check for journal entries overruning end of sb clean section



Fix a missing bounds check in superblock validation.

Note that we don't yet have repair code for this case - repair code for
individual items is generally low priority, since the whole superblock
is checksummed, validated prior to write, and we have backups.

Reported-by: lei lu <llfamsec@gmail.com>
Signed-off-by: Kent Overstreet <kent.overstreet@linux.dev>

parent 0389c09b

fs/bcachefs/sb-clean.c

+8 −0

Original line number	Diff line number	Diff line
		@@ -29,6 +29,14 @@ int bch2_sb_clean_validate_late(struct bch_fs c, struct bch_sb_field_clean cle
		for (entry = clean->start;
		entry < (struct jset_entry *) vstruct_end(&clean->field);
		entry = vstruct_next(entry)) {
		if (vstruct_end(entry) > vstruct_end(&clean->field)) {
		bch_err(c, "journal entry (u64s %u) overran end of superblock clean section (u64s %u) by %zu",
		le16_to_cpu(entry->u64s), le32_to_cpu(clean->field.u64s),
		(u64 ) vstruct_end(entry) - (u64 ) vstruct_end(&clean->field));
		bch2_sb_error_count(c, BCH_FSCK_ERR_sb_clean_entry_overrun);
		return -BCH_ERR_fsck_repair_unimplemented;
		}

		ret = bch2_journal_entry_validate(c, NULL, entry,
		le16_to_cpu(c->disk_sb.sb->version),
		BCH_SB_BIG_ENDIAN(c->disk_sb.sb),

fs/bcachefs/sb-errors_types.h

+2 −1

Original line number	Diff line number	Diff line
		@@ -271,7 +271,8 @@
		x(btree_root_unreadable_and_scan_found_nothing, 263) \
		x(snapshot_node_missing, 264) \
		x(dup_backpointer_to_bad_csum_extent, 265) \
		x(btree_bitmap_not_marked, 266)
		x(btree_bitmap_not_marked, 266) \
		x(sb_clean_entry_overrun, 267)

		enum bch_sb_error_id {
		#define x(t, n) BCH_FSCK_ERR_##t = n,