xfs: validity check agbnos on the AGFL

If the agfl or the indexing in the AGF has been corrupted, getting a block form the AGFL could return an invalid block number. If this happens, bad things happen. Check the agbno we pull off the AGFL and return -EFSCORRUPTED if we find somethign bad. Signed-off-by: Dave Chinner <[email protected]> Reviewed-by: Christoph Hellwig <[email protected]> Reviewed-by: Darrick J. Wong <[email protected]> Signed-off-by: Dave Chinner <[email protected]>
author: Dave Chinner <[email protected]> 2023-06-05 04:48:15 +0000
committer: Dave Chinner <[email protected]> 2023-06-05 04:48:15 +0000
commit: 3148ebf2c0782340946732bfaf3073d23ac833fa (patch)
tree: 5ea13b64bc2c428a71729668b7a466bbcfc038dc /fs/xfs/libxfs/xfs_alloc.c
parent: xfs: fix agf/agfl verification on v4 filesystems (diff)
download: kernel-3148ebf2c0782340946732bfaf3073d23ac833fa.tar.gz
kernel-3148ebf2c0782340946732bfaf3073d23ac833fa.zip
1 files changed, 3 insertions, 0 deletions
diff --git a/fs/xfs/libxfs/xfs_alloc.c b/fs/xfs/libxfs/xfs_alloc.c
index fd3293a8c659..643d17877832 100644
--- a/fs/xfs/libxfs/xfs_alloc.c
+++ b/fs/xfs/libxfs/xfs_alloc.c
@@ -2780,6 +2780,9 @@ xfs_alloc_get_freelist(
 	 */
 	agfl_bno = xfs_buf_to_agfl_bno(agflbp);
 	bno = be32_to_cpu(agfl_bno[be32_to_cpu(agf->agf_flfirst)]);
+	if (XFS_IS_CORRUPT(tp->t_mountp, !xfs_verify_agbno(pag, bno)))
+		return -EFSCORRUPTED;
+
 	be32_add_cpu(&agf->agf_flfirst, 1);
 	xfs_trans_brelse(tp, agflbp);
 	if (be32_to_cpu(agf->agf_flfirst) == xfs_agfl_size(mp))
author	Dave Chinner <[email protected]>	2023-06-05 04:48:15 +0000
committer	Dave Chinner <[email protected]>	2023-06-05 04:48:15 +0000
commit	3148ebf2c0782340946732bfaf3073d23ac833fa (patch)
tree	5ea13b64bc2c428a71729668b7a466bbcfc038dc /fs/xfs/libxfs/xfs_alloc.c
parent	xfs: fix agf/agfl verification on v4 filesystems (diff)
download	kernel-3148ebf2c0782340946732bfaf3073d23ac833fa.tar.gz kernel-3148ebf2c0782340946732bfaf3073d23ac833fa.zip