Commit 77a884b5 authored by Long Li's avatar Long Li
Browse files

xfs: don't verify agf length when log recovery 

hulk inclusion
category: bugfix
bugzilla: 189177, https://gitee.com/openeuler/kernel/issues/I76JSK


CVE: NA

--------------------------------

The following corruption is reported when log recovery:

 XFS (loop0): Metadata corruption detected at xfs_agf_verify+0x386/0xb70, xfs_agf block 0x64001
 XFS (loop0): Unmount and run xfs_repair
 XFS (loop0): First 128 bytes of corrupted metadata buffer:
 00000000: 58 41 47 46 00 00 00 01 00 00 00 02 00 00 4b 88  XAGF..........K.
 00000010: 00 00 00 01 00 00 00 02 00 00 00 00 00 00 00 01  ................
 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
 00000030: 00 00 00 04 00 00 4b 7e 00 00 4b 7e 00 00 00 00  ......K~..K~....
 00000040: 3a 9d 97 6d b5 a0 42 13 a3 b3 7f 28 2a ac 3f e8  :..m..B....(*.?.
 00000050: 00 00 00 00 00 00 00 01 00 00 00 05 00 00 00 01  ................
 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
 XFS (loop0): Corruption of in-memory data (0x8) detected at _xfs_buf_ioapply+0xbc9/0xe60 (fs/xfs/xfs_buf.c:1593).  Shutting down filesystem.
 XFS (loop0): Please unmount the filesystem and rectify the problem(s)
 XFS (loop0): log mount/recovery failed: error -117
 XFS (loop0): log mount failed

This problem occurs during agf write verify, where the AG's agf_length is
smaller than sb_agblocks, and it is not the last AG. Consider the following
situation, the file system has 3 AG, and the last AG is not full size, now
the file system is growfs twice. In the first growfs, only AG2 is increased
some blocks. In the second growfs, AG2 is extent to the full AG size and an
AG3 is added.

 pre growfs:

 |----------|----------|-----|

 First growfs:

 |----------|----------|--------|

 Second growfs:

 |----------|----------|----------|-------|
      AG0       AG1          AG2     AG3

During each growfs, agf in AG2 and sb will be modified, if sb has already
written to metadata and agf has not yet, then a shutdown occurs. The next
time we mount the disk, the sb changes from the second growfs will have
taken effect in memory, when we recovery the agf from the first growfs will
report the above problem.

Fixes: edd8276d ("xfs: AGF length has never been bounds checked")
Signed-off-by: default avatarLong Li <leo.lilong@huawei.com>
parent 6dea55ea
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please to comment