Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 514c7dca authored by Qu Wenruo's avatar Qu Wenruo Committed by David Sterba
Browse files

btrfs: Check that each block group has corresponding chunk at mount time 

A crafted btrfs image with incorrect chunk<->block group mapping will
trigger a lot of unexpected things as the mapping is essential.

Although the problem can be caught by block group item checker
added in "btrfs: tree-checker: Verify block_group_item", it's still not
sufficient.  A sufficiently valid block group item can pass the check
added by the mentioned patch but could fail to match the existing chunk.

This patch will add extra block group -> chunk mapping check, to ensure
we have a completely matching (start, len, flags) chunk for each block
group at mount time.

Here we reuse the original helper find_first_block_group(), which is
already doing the basic bg -> chunk checks, adding further checks of the
start/len and type flags.

Link: https://bugzilla.kernel.org/show_bug.cgi?id=199837


Reported-by: default avatarXu Wen <wen.xu@gatech.edu>
Signed-off-by: default avatarQu Wenruo <wqu@suse.com>
Reviewed-by: default avatarSu Yue <suy.fnst@cn.fujitsu.com>
Reviewed-by: default avatarDavid Sterba <dsterba@suse.com>
Signed-off-by: default avatarDavid Sterba <dsterba@suse.com>
parent 22d3151c

fs/btrfs/extent-tree.c

+27 −1
Original line number Diff line number Diff line
@@ -9532,6 +9532,8 @@ static int find_first_block_group(struct btrfs_fs_info *fs_info, 
	int ret = 0;

	struct btrfs_key found_key;

	struct extent_buffer *leaf;

	struct btrfs_block_group_item bg;

	u64 flags;

	int slot;



	ret = btrfs_search_slot(NULL, root, key, path, 0, 0);
@@ -9566,9 +9568,33 @@ static int find_first_block_group(struct btrfs_fs_info *fs_info, 
			"logical %llu len %llu found bg but no related chunk",

					  found_key.objectid, found_key.offset);

				ret = -ENOENT;

			} else if (em->start != found_key.objectid ||

				   em->len != found_key.offset) {

				btrfs_err(fs_info,

		"block group %llu len %llu mismatch with chunk %llu len %llu",

					  found_key.objectid, found_key.offset,

					  em->start, em->len);

				ret = -EUCLEAN;

			} else {

				read_extent_buffer(leaf, &bg,

					btrfs_item_ptr_offset(leaf, slot),

					sizeof(bg));

				flags = btrfs_block_group_flags(&bg) &

					BTRFS_BLOCK_GROUP_TYPE_MASK;



				if (flags != (em->map_lookup->type &

					      BTRFS_BLOCK_GROUP_TYPE_MASK)) {

					btrfs_err(fs_info,

"block group %llu len %llu type flags 0x%llx mismatch with chunk type flags 0x%llx",

						found_key.objectid,

						found_key.offset, flags,

						(BTRFS_BLOCK_GROUP_TYPE_MASK &

						 em->map_lookup->type));

					ret = -EUCLEAN;

				} else {

					ret = 0;

				}

			}

			free_extent_map(em);

			goto out;

		}