From: Qu Wenruo <wqu@suse.com>
To: linux-btrfs@vger.kernel.org
Subject: [PATCh v2 0/9] btrfs: tree-checker: More enhancement for fuzzed
Date: Wed, 20 Mar 2019 14:37:08 +0800 [thread overview]
Message-ID: <20190320063717.31770-1-wqu@suse.com> (raw)
This patchset can be fetched from github:
It can be fetched from github:
https://github.com/adam900710/linux/tree/tree_checker_enhancement
Which is based on my previous write time tree checker patchset (based on
v5.1-rc1 tag)
Thanks for the report from Yoon Jungyeon <jungyeon@gatech.edu>, we have
more fuzzed image to torture btrfs.
Those images exposed the following problems:
- Chunk check is not comprehensive nor early enough
Chunk item check lacks profile bits check (e.g RAID|DUP profile is
invalid).
And for certain fuzzed image, the other copy can be valid, current
check timming is after tree block read, so no way to retry the other
copy.
Address the check timing in the 1st~4th patch, while for the profile bits,
check it in the 7th patch.
- Lack of device item check
Address it in the 5nd patch.
- First key and level check be exploited by cached extent buffer
Cached bad extent buffer can avoid first key and level check.
This is addressed in the 6rd patch.
- Inode type mismatch can lead to NULL dereference in endio function
If an inode claims itself as symlink but still has regular file
extent, then endio function will cause NULL pointer dereference.
Fix it by do extra inode mode and dir item type cross check, at
get_extent() time and inode lookup time.
Addressed in the last 2 patches.
Changelog:
v2:
- Split patches for btrfs_check_chunk_valid() merge into tree-checker.
- Rebase to v5.1-rc1 based write_time_tree_checker branch.
- Add reviewed-by tags.
Qu Wenruo (9):
btrfs: Move btrfs_check_chunk_valid() to tree-check.[ch] and export it
btrfs: tree-checker: Make chunk item checker more readable
btrfs: tree-checker: Make btrfs_check_chunk_valid() return EUCLEAN
instead of EIO
btrfs: tree-checker: Check chunk item at tree block read time
btrfs: tree-checker: Verify dev item
btrfs: Check the first key and level for cached extent buffer
btrfs: tree-checker: Enhance chunk checker to validate chunk profiler
btrfs: tree-checker: Verify inode item
btrfs: inode: Verify inode mode to avoid NULL pointer dereference
fs/btrfs/ctree.c | 10 +
fs/btrfs/ctree.h | 2 +
fs/btrfs/disk-io.c | 10 +-
fs/btrfs/disk-io.h | 3 +
fs/btrfs/inode.c | 38 +++-
fs/btrfs/tests/inode-tests.c | 1 +
fs/btrfs/tree-checker.c | 349 +++++++++++++++++++++++++++++++++++
fs/btrfs/tree-checker.h | 3 +
fs/btrfs/volumes.c | 115 +-----------
fs/btrfs/volumes.h | 9 +
10 files changed, 422 insertions(+), 118 deletions(-)
--
2.21.0
next reply other threads:[~2019-03-20 6:37 UTC|newest]
Thread overview: 42+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-03-20 6:37 Qu Wenruo [this message]
2019-03-20 6:37 ` [PATCh v2 1/9] btrfs: Move btrfs_check_chunk_valid() to tree-check.[ch] and export it Qu Wenruo
2019-03-20 10:34 ` Johannes Thumshirn
2019-03-25 17:06 ` David Sterba
2019-03-25 23:02 ` Qu Wenruo
2019-03-26 14:34 ` David Sterba
2019-03-20 6:37 ` [PATCh v2 2/9] btrfs: tree-checker: Make chunk item checker more readable Qu Wenruo
2019-03-20 10:41 ` Johannes Thumshirn
2019-03-26 15:08 ` David Sterba
2019-03-20 6:37 ` [PATCh v2 3/9] btrfs: tree-checker: Make btrfs_check_chunk_valid() return EUCLEAN instead of EIO Qu Wenruo
2019-03-20 10:44 ` Johannes Thumshirn
2019-03-20 6:37 ` [PATCh v2 4/9] btrfs: tree-checker: Check chunk item at tree block read time Qu Wenruo
2019-03-20 10:56 ` Johannes Thumshirn
2019-03-20 6:37 ` [PATCh v2 5/9] btrfs: tree-checker: Verify dev item Qu Wenruo
2019-03-20 11:51 ` Johannes Thumshirn
2019-03-20 11:53 ` Qu Wenruo
2019-03-25 17:04 ` David Sterba
2019-04-06 1:07 ` Qu Wenruo
2019-03-20 6:37 ` [PATCh v2 6/9] btrfs: Check the first key and level for cached extent buffer Qu Wenruo
2019-03-20 12:02 ` Johannes Thumshirn
2019-03-20 6:37 ` [PATCh v2 7/9] btrfs: tree-checker: Enhance chunk checker to validate chunk profiler Qu Wenruo
2019-03-20 12:38 ` Johannes Thumshirn
2019-03-20 6:37 ` [PATCh v2 8/9] btrfs: tree-checker: Verify inode item Qu Wenruo
2019-03-20 13:27 ` Johannes Thumshirn
2019-03-25 4:27 ` Qu Wenruo
2019-03-26 16:02 ` David Sterba
2019-03-27 0:13 ` Qu Wenruo
2019-03-26 15:27 ` David Sterba
2019-03-28 13:38 ` David Sterba
2019-03-28 13:42 ` Qu Wenruo
2019-03-28 13:57 ` David Sterba
2019-03-28 14:00 ` Qu Wenruo
2019-03-28 14:07 ` David Sterba
2019-03-28 14:13 ` Qu Wenruo
2019-03-28 14:25 ` David Sterba
2019-03-28 23:49 ` Qu Wenruo
2019-03-20 6:37 ` [PATCh v2 9/9] btrfs: inode: Verify inode mode to avoid NULL pointer dereference Qu Wenruo
2019-03-20 13:33 ` Johannes Thumshirn
2019-03-28 13:53 ` David Sterba
2019-03-28 13:58 ` Qu Wenruo
2019-03-28 14:02 ` David Sterba
2019-03-28 15:48 ` [PATCh v2 0/9] btrfs: tree-checker: More enhancement for fuzzed David Sterba
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190320063717.31770-1-wqu@suse.com \
--to=wqu@suse.com \
--cc=linux-btrfs@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).