[PATCH 3.18 24/24] f2fs: do more integrity verification for superblock

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
	stable@vger.kernel.org, Chao Yu <chao2.yu@samsung.com>,
	Jaegeuk Kim <jaegeuk@kernel.org>
Subject: [PATCH 3.18 24/24] f2fs: do more integrity verification for superblock
Date: Thu, 31 Aug 2017 17:44:00 +0200	[thread overview]
Message-ID: <20170831154106.382195920@linuxfoundation.org> (raw)
In-Reply-To: <20170831154105.116844281@linuxfoundation.org>

3.18-stable review patch.  If anyone has any objections, please let me know.

------------------

From: Chao Yu <chao2.yu@samsung.com>

commit 9a59b62fd88196844cee5fff851bee2cfd7afb6e upstream.

Do more sanity check for superblock during ->mount.

Signed-off-by: Chao Yu <chao2.yu@samsung.com>
Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

---
 fs/f2fs/super.c |   98 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 98 insertions(+)

--- a/fs/f2fs/super.c
+++ b/fs/f2fs/super.c
@@ -845,6 +845,79 @@ static inline bool sanity_check_area_bou
 	return false;
 }
 
+static inline bool sanity_check_area_boundary(struct super_block *sb,
+					struct f2fs_super_block *raw_super)
+{
+	u32 segment0_blkaddr = le32_to_cpu(raw_super->segment0_blkaddr);
+	u32 cp_blkaddr = le32_to_cpu(raw_super->cp_blkaddr);
+	u32 sit_blkaddr = le32_to_cpu(raw_super->sit_blkaddr);
+	u32 nat_blkaddr = le32_to_cpu(raw_super->nat_blkaddr);
+	u32 ssa_blkaddr = le32_to_cpu(raw_super->ssa_blkaddr);
+	u32 main_blkaddr = le32_to_cpu(raw_super->main_blkaddr);
+	u32 segment_count_ckpt = le32_to_cpu(raw_super->segment_count_ckpt);
+	u32 segment_count_sit = le32_to_cpu(raw_super->segment_count_sit);
+	u32 segment_count_nat = le32_to_cpu(raw_super->segment_count_nat);
+	u32 segment_count_ssa = le32_to_cpu(raw_super->segment_count_ssa);
+	u32 segment_count_main = le32_to_cpu(raw_super->segment_count_main);
+	u32 segment_count = le32_to_cpu(raw_super->segment_count);
+	u32 log_blocks_per_seg = le32_to_cpu(raw_super->log_blocks_per_seg);
+
+	if (segment0_blkaddr != cp_blkaddr) {
+		f2fs_msg(sb, KERN_INFO,
+			"Mismatch start address, segment0(%u) cp_blkaddr(%u)",
+			segment0_blkaddr, cp_blkaddr);
+		return true;
+	}
+
+	if (cp_blkaddr + (segment_count_ckpt << log_blocks_per_seg) !=
+							sit_blkaddr) {
+		f2fs_msg(sb, KERN_INFO,
+			"Wrong CP boundary, start(%u) end(%u) blocks(%u)",
+			cp_blkaddr, sit_blkaddr,
+			segment_count_ckpt << log_blocks_per_seg);
+		return true;
+	}
+
+	if (sit_blkaddr + (segment_count_sit << log_blocks_per_seg) !=
+							nat_blkaddr) {
+		f2fs_msg(sb, KERN_INFO,
+			"Wrong SIT boundary, start(%u) end(%u) blocks(%u)",
+			sit_blkaddr, nat_blkaddr,
+			segment_count_sit << log_blocks_per_seg);
+		return true;
+	}
+
+	if (nat_blkaddr + (segment_count_nat << log_blocks_per_seg) !=
+							ssa_blkaddr) {
+		f2fs_msg(sb, KERN_INFO,
+			"Wrong NAT boundary, start(%u) end(%u) blocks(%u)",
+			nat_blkaddr, ssa_blkaddr,
+			segment_count_nat << log_blocks_per_seg);
+		return true;
+	}
+
+	if (ssa_blkaddr + (segment_count_ssa << log_blocks_per_seg) !=
+							main_blkaddr) {
+		f2fs_msg(sb, KERN_INFO,
+			"Wrong SSA boundary, start(%u) end(%u) blocks(%u)",
+			ssa_blkaddr, main_blkaddr,
+			segment_count_ssa << log_blocks_per_seg);
+		return true;
+	}
+
+	if (main_blkaddr + (segment_count_main << log_blocks_per_seg) !=
+		segment0_blkaddr + (segment_count << log_blocks_per_seg)) {
+		f2fs_msg(sb, KERN_INFO,
+			"Wrong MAIN_AREA boundary, start(%u) end(%u) blocks(%u)",
+			main_blkaddr,
+			segment0_blkaddr + (segment_count << log_blocks_per_seg),
+			segment_count_main << log_blocks_per_seg);
+		return true;
+	}
+
+	return false;
+}
+
 static int sanity_check_raw_super(struct super_block *sb,
 			struct f2fs_super_block *raw_super)
 {
@@ -882,6 +955,14 @@ static int sanity_check_raw_super(struct
 		return 1;
 	}
 
+	/* check log blocks per segment */
+	if (le32_to_cpu(raw_super->log_blocks_per_seg) != 9) {
+		f2fs_msg(sb, KERN_INFO,
+			"Invalid log blocks per segment (%u)\n",
+			le32_to_cpu(raw_super->log_blocks_per_seg));
+		return 1;
+	}
+
 	/* Currently, support 512/1024/2048/4096 bytes sector size */
 	if (le32_to_cpu(raw_super->log_sectorsize) >
 				F2FS_MAX_LOG_SECTOR_SIZE ||
@@ -963,6 +1044,23 @@ static int sanity_check_ckpt(struct f2fs
 		f2fs_msg(sbi->sb, KERN_ERR, "A bug case: need to run fsck");
 		return 1;
 	}
+
+	/* check reserved ino info */
+	if (le32_to_cpu(raw_super->node_ino) != 1 ||
+		le32_to_cpu(raw_super->meta_ino) != 2 ||
+		le32_to_cpu(raw_super->root_ino) != 3) {
+		f2fs_msg(sb, KERN_INFO,
+			"Invalid Fs Meta Ino: node(%u) meta(%u) root(%u)",
+			le32_to_cpu(raw_super->node_ino),
+			le32_to_cpu(raw_super->meta_ino),
+			le32_to_cpu(raw_super->root_ino));
+		return 1;
+	}
+
+	/* check CP/SIT/NAT/SSA/MAIN_AREA area boundary */
+	if (sanity_check_area_boundary(sb, raw_super))
+		return 1;
+
 	return 0;
 }

next prev parent reply	other threads:[~2017-08-31 15:45 UTC|newest]

Thread overview: 28+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-08-31 15:43 [PATCH 3.18 00/24] 3.18.69-stable review Greg Kroah-Hartman
2017-08-31 15:43 ` [PATCH 3.18 01/24] scsi: isci: avoid array subscript warning Greg Kroah-Hartman
2017-08-31 15:43 ` [PATCH 3.18 02/24] ALSA: au88x0: Fix zero clear of stream->resources Greg Kroah-Hartman
2017-08-31 15:43 ` [PATCH 3.18 03/24] gcov: add support for GCC 5.1 Greg Kroah-Hartman
2017-08-31 15:43 ` [PATCH 3.18 04/24] gcov: add support for gcc version >= 6 Greg Kroah-Hartman
2017-08-31 15:43 ` [PATCH 3.18 05/24] gcov: support GCC 7.1 Greg Kroah-Hartman
2017-08-31 15:43 ` [PATCH 3.18 06/24] p54: memset(0) whole array Greg Kroah-Hartman
2017-08-31 15:43 ` [PATCH 3.18 07/24] arm64: mm: abort uaccess retries upon fatal signal Greg Kroah-Hartman
2017-08-31 15:43 ` [PATCH 3.18 08/24] lib: bitmap: add alignment offset for bitmap_find_next_zero_area() Greg Kroah-Hartman
2017-08-31 15:43 ` [PATCH 3.18 09/24] mm: cma: align to physical address, not CMA region position Greg Kroah-Hartman
2017-08-31 15:43 ` [PATCH 3.18 10/24] mm/cma: make kmemleak ignore CMA regions Greg Kroah-Hartman
2017-08-31 15:43 ` [PATCH 3.18 11/24] mm: cma: split cma-reserved in dmesg log Greg Kroah-Hartman
2017-08-31 15:43 ` [PATCH 3.18 12/24] mm: cma: fix totalcma_pages to include DT defined CMA regions Greg Kroah-Hartman
2017-08-31 15:43 ` [PATCH 3.18 13/24] mm: cma: fix CMA aligned offset calculation Greg Kroah-Hartman
2017-08-31 15:43 ` [PATCH 3.18 14/24] mm: cma: constify and use correct signness in mm/cma.c Greg Kroah-Hartman
2017-08-31 15:43 ` [PATCH 3.18 15/24] mm: cma: fix incorrect type conversion for size during dma allocation Greg Kroah-Hartman
2017-08-31 15:43 ` [PATCH 3.18 17/24] arm64: flush FP/SIMD state correctly after execve() Greg Kroah-Hartman
2017-08-31 15:43 ` [PATCH 3.18 18/24] arm64: fpsimd: Prevent registers leaking across exec Greg Kroah-Hartman
2017-08-31 15:43 ` [PATCH 3.18 19/24] x86-64: Handle PC-relative relocations on per-CPU data Greg Kroah-Hartman
2017-08-31 15:43 ` [PATCH 3.18 21/24] clk: si5351: Constify clock names and struct regmap_config Greg Kroah-Hartman
2017-08-31 15:43 ` [PATCH 3.18 22/24] scsi: sg: protect accesses to reserved page array Greg Kroah-Hartman
2017-08-31 15:43 ` [PATCH 3.18 23/24] scsi: sg: reset res_in_use after unlinking reserved array Greg Kroah-Hartman
2017-08-31 15:44 ` Greg Kroah-Hartman [this message]
2017-08-31 16:33   ` [PATCH 3.18 24/24] f2fs: do more integrity verification for superblock Greg Kroah-Hartman
2017-08-31 19:06 ` [PATCH 3.18 00/24] 3.18.69-stable review Shuah Khan
2017-08-31 19:37 ` Guenter Roeck
2017-09-01  2:30 ` Guenter Roeck
2017-09-01  5:02   ` Greg Kroah-Hartman

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20170831154106.382195920@linuxfoundation.org \
    --to=gregkh@linuxfoundation.org \
    --cc=chao2.yu@samsung.com \
    --cc=jaegeuk@kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=stable@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.