public inbox for linux-xfs@vger.kernel.org
 help / color / mirror / Atom feed
* [PATCH] fix overflow in xfs_growfs_data_private
@ 2009-05-23 19:30 Eric Sandeen
  2009-05-25 10:15 ` Christoph Hellwig
  2009-05-26 12:23 ` Felix Blyakher
  0 siblings, 2 replies; 3+ messages in thread
From: Eric Sandeen @ 2009-05-23 19:30 UTC (permalink / raw)
  To: xfs-oss; +Cc: Richard Ems

In the case where growing a filesystem would leave the last AG
too small, the fixup code has an overflow in the calculation
of the new size with one fewer ag, because "nagcount" is a 32
bit number.  If the new filesystem has > 2^32 blocks in it
this causes a problem resulting in an EINVAL return from growfs:

# xfs_io -f -c "truncate 19998630180864" fsfile
# mkfs.xfs -f -bsize=4096 -dagsize=76288719b,size=3905982455b fsfile
# mount -o loop fsfile mnt/
# xfs_growfs mnt/
meta-data=/dev/loop0             isize=256    agcount=52,
agsize=76288719 blks
         =                       sectsz=512   attr=2
data     =                       bsize=4096   blocks=3905982455, imaxpct=5
         =                       sunit=0      swidth=0 blks
naming   =version 2              bsize=4096   ascii-ci=0
log      =internal               bsize=4096   blocks=32768, version=2
         =                       sectsz=512   sunit=0 blks, lazy-count=0
realtime =none                   extsz=4096   blocks=0, rtextents=0
xfs_growfs: XFS_IOC_FSGROWFSDATA xfsctl failed: Invalid argument

Reported-by: richard.ems@cape-horn-eng.com
Signed-off-by: Eric Sandeen <sandeen@sandeen.net>
---

Index: linux-2.6/fs/xfs/xfs_fsops.c
===================================================================
--- linux-2.6.orig/fs/xfs/xfs_fsops.c
+++ linux-2.6/fs/xfs/xfs_fsops.c
@@ -160,7 +160,7 @@ xfs_growfs_data_private(
 	nagcount = new + (nb_mod != 0);
 	if (nb_mod && nb_mod < XFS_MIN_AG_BLOCKS) {
 		nagcount--;
-		nb = nagcount * mp->m_sb.sb_agblocks;
+		nb = (xfs_rfsblock_t)nagcount * mp->m_sb.sb_agblocks;
 		if (nb < mp->m_sb.sb_dblocks)
 			return XFS_ERROR(EINVAL);
 	}


_______________________________________________
xfs mailing list
xfs@oss.sgi.com
http://oss.sgi.com/mailman/listinfo/xfs

^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: [PATCH] fix overflow in xfs_growfs_data_private
  2009-05-23 19:30 [PATCH] fix overflow in xfs_growfs_data_private Eric Sandeen
@ 2009-05-25 10:15 ` Christoph Hellwig
  2009-05-26 12:23 ` Felix Blyakher
  1 sibling, 0 replies; 3+ messages in thread
From: Christoph Hellwig @ 2009-05-25 10:15 UTC (permalink / raw)
  To: Eric Sandeen; +Cc: Richard Ems, xfs-oss

On Sat, May 23, 2009 at 02:30:12PM -0500, Eric Sandeen wrote:
> Index: linux-2.6/fs/xfs/xfs_fsops.c
> ===================================================================
> --- linux-2.6.orig/fs/xfs/xfs_fsops.c
> +++ linux-2.6/fs/xfs/xfs_fsops.c
> @@ -160,7 +160,7 @@ xfs_growfs_data_private(
>  	nagcount = new + (nb_mod != 0);
>  	if (nb_mod && nb_mod < XFS_MIN_AG_BLOCKS) {
>  		nagcount--;
> -		nb = nagcount * mp->m_sb.sb_agblocks;
> +		nb = (xfs_rfsblock_t)nagcount * mp->m_sb.sb_agblocks;
>  		if (nb < mp->m_sb.sb_dblocks)
>  			return XFS_ERROR(EINVAL);

Nice one! Thanks dear C integer promotion rules..

Would be good to get this into 2.6.30


Reviewed-by: Christoph Hellwig <hch@lst.de>

_______________________________________________
xfs mailing list
xfs@oss.sgi.com
http://oss.sgi.com/mailman/listinfo/xfs

^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: [PATCH] fix overflow in xfs_growfs_data_private
  2009-05-23 19:30 [PATCH] fix overflow in xfs_growfs_data_private Eric Sandeen
  2009-05-25 10:15 ` Christoph Hellwig
@ 2009-05-26 12:23 ` Felix Blyakher
  1 sibling, 0 replies; 3+ messages in thread
From: Felix Blyakher @ 2009-05-26 12:23 UTC (permalink / raw)
  To: Eric Sandeen; +Cc: Richard Ems, xfs-oss


On May 23, 2009, at 2:30 PM, Eric Sandeen wrote:

> In the case where growing a filesystem would leave the last AG
> too small, the fixup code has an overflow in the calculation
> of the new size with one fewer ag, because "nagcount" is a 32
> bit number.  If the new filesystem has > 2^32 blocks in it
> this causes a problem resulting in an EINVAL return from growfs:
>
> # xfs_io -f -c "truncate 19998630180864" fsfile
> # mkfs.xfs -f -bsize=4096 -dagsize=76288719b,size=3905982455b fsfile
> # mount -o loop fsfile mnt/
> # xfs_growfs mnt/

Is it really 'mnt/', not '/mnt'?

>
> meta-data=/dev/loop0             isize=256    agcount=52,
> agsize=76288719 blks
>         =                       sectsz=512   attr=2
> data     =                       bsize=4096   blocks=3905982455,  
> imaxpct=5
>         =                       sunit=0      swidth=0 blks
> naming   =version 2              bsize=4096   ascii-ci=0
> log      =internal               bsize=4096   blocks=32768, version=2
>         =                       sectsz=512   sunit=0 blks, lazy- 
> count=0
> realtime =none                   extsz=4096   blocks=0, rtextents=0
> xfs_growfs: XFS_IOC_FSGROWFSDATA xfsctl failed: Invalid argument
>
> Reported-by: richard.ems@cape-horn-eng.com
> Signed-off-by: Eric Sandeen <sandeen@sandeen.net>

Nice find and the neat fix, Eric.

Reviewed-by: Felix Blyakher <felixb@sgi.com>

_______________________________________________
xfs mailing list
xfs@oss.sgi.com
http://oss.sgi.com/mailman/listinfo/xfs

^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2009-05-26 12:23 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2009-05-23 19:30 [PATCH] fix overflow in xfs_growfs_data_private Eric Sandeen
2009-05-25 10:15 ` Christoph Hellwig
2009-05-26 12:23 ` Felix Blyakher

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox