diff options
author | Dave Chinner <dchinner@redhat.com> | 2010-06-23 21:15:47 -0400 |
---|---|---|
committer | Dave Chinner <david@fromorbit.com> | 2010-06-23 21:15:47 -0400 |
commit | 1920779e67cbf5ea8afef317777c5bf2b8096188 (patch) | |
tree | f3450e4075162ef5ec360446c301513a5adf316e /fs/xfs | |
parent | 7124fe0a5b619d65b739477b3b55a20bf805b06d (diff) |
xfs: rename XFS_IGET_BULKSTAT to XFS_IGET_UNTRUSTED
Inode numbers may come from somewhere external to the filesystem
(e.g. file handles, bulkstat information) and so are inherently
untrusted. Rename the flag we use for these lookups to make it
obvious we are doing a lookup of an untrusted inode number and need
to verify it completely before trying to read it from disk.
Signed-off-by: Dave Chinner <dchinner@redhat.com>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Diffstat (limited to 'fs/xfs')
-rw-r--r-- | fs/xfs/linux-2.6/xfs_export.c | 9 | ||||
-rw-r--r-- | fs/xfs/xfs_ialloc.c | 11 | ||||
-rw-r--r-- | fs/xfs/xfs_inode.c | 2 | ||||
-rw-r--r-- | fs/xfs/xfs_inode.h | 2 | ||||
-rw-r--r-- | fs/xfs/xfs_itable.c | 2 |
5 files changed, 14 insertions, 12 deletions
diff --git a/fs/xfs/linux-2.6/xfs_export.c b/fs/xfs/linux-2.6/xfs_export.c index 846b75aeb2a..92c84a19cc9 100644 --- a/fs/xfs/linux-2.6/xfs_export.c +++ b/fs/xfs/linux-2.6/xfs_export.c | |||
@@ -128,12 +128,11 @@ xfs_nfs_get_inode( | |||
128 | return ERR_PTR(-ESTALE); | 128 | return ERR_PTR(-ESTALE); |
129 | 129 | ||
130 | /* | 130 | /* |
131 | * The XFS_IGET_BULKSTAT means that an invalid inode number is just | 131 | * The XFS_IGET_UNTRUSTED means that an invalid inode number is just |
132 | * fine and not an indication of a corrupted filesystem. Because | 132 | * fine and not an indication of a corrupted filesystem as clients can |
133 | * clients can send any kind of invalid file handle, e.g. after | 133 | * send invalid file handles and we have to handle it gracefully.. |
134 | * a restore on the server we have to deal with this case gracefully. | ||
135 | */ | 134 | */ |
136 | error = xfs_iget(mp, NULL, ino, XFS_IGET_BULKSTAT, | 135 | error = xfs_iget(mp, NULL, ino, XFS_IGET_UNTRUSTED, |
137 | XFS_ILOCK_SHARED, &ip, 0); | 136 | XFS_ILOCK_SHARED, &ip, 0); |
138 | if (error) { | 137 | if (error) { |
139 | /* | 138 | /* |
diff --git a/fs/xfs/xfs_ialloc.c b/fs/xfs/xfs_ialloc.c index 0c946c8e05d..d8fd36685eb 100644 --- a/fs/xfs/xfs_ialloc.c +++ b/fs/xfs/xfs_ialloc.c | |||
@@ -1251,7 +1251,7 @@ xfs_imap_lookup( | |||
1251 | return error; | 1251 | return error; |
1252 | 1252 | ||
1253 | /* for untrusted inodes check it is allocated first */ | 1253 | /* for untrusted inodes check it is allocated first */ |
1254 | if ((flags & XFS_IGET_BULKSTAT) && | 1254 | if ((flags & XFS_IGET_UNTRUSTED) && |
1255 | (rec.ir_free & XFS_INOBT_MASK(agino - rec.ir_startino))) | 1255 | (rec.ir_free & XFS_INOBT_MASK(agino - rec.ir_startino))) |
1256 | return EINVAL; | 1256 | return EINVAL; |
1257 | 1257 | ||
@@ -1292,8 +1292,11 @@ xfs_imap( | |||
1292 | if (agno >= mp->m_sb.sb_agcount || agbno >= mp->m_sb.sb_agblocks || | 1292 | if (agno >= mp->m_sb.sb_agcount || agbno >= mp->m_sb.sb_agblocks || |
1293 | ino != XFS_AGINO_TO_INO(mp, agno, agino)) { | 1293 | ino != XFS_AGINO_TO_INO(mp, agno, agino)) { |
1294 | #ifdef DEBUG | 1294 | #ifdef DEBUG |
1295 | /* no diagnostics for bulkstat, ino comes from userspace */ | 1295 | /* |
1296 | if (flags & XFS_IGET_BULKSTAT) | 1296 | * Don't output diagnostic information for untrusted inodes |
1297 | * as they can be invalid without implying corruption. | ||
1298 | */ | ||
1299 | if (flags & XFS_IGET_UNTRUSTED) | ||
1297 | return XFS_ERROR(EINVAL); | 1300 | return XFS_ERROR(EINVAL); |
1298 | if (agno >= mp->m_sb.sb_agcount) { | 1301 | if (agno >= mp->m_sb.sb_agcount) { |
1299 | xfs_fs_cmn_err(CE_ALERT, mp, | 1302 | xfs_fs_cmn_err(CE_ALERT, mp, |
@@ -1329,7 +1332,7 @@ xfs_imap( | |||
1329 | * inodes in stale state on disk. Hence we have to do a btree lookup | 1332 | * inodes in stale state on disk. Hence we have to do a btree lookup |
1330 | * in all cases where an untrusted inode number is passed. | 1333 | * in all cases where an untrusted inode number is passed. |
1331 | */ | 1334 | */ |
1332 | if (flags & XFS_IGET_BULKSTAT) { | 1335 | if (flags & XFS_IGET_UNTRUSTED) { |
1333 | error = xfs_imap_lookup(mp, tp, agno, agino, agbno, | 1336 | error = xfs_imap_lookup(mp, tp, agno, agino, agbno, |
1334 | &chunk_agbno, &offset_agbno, flags); | 1337 | &chunk_agbno, &offset_agbno, flags); |
1335 | if (error) | 1338 | if (error) |
diff --git a/fs/xfs/xfs_inode.c b/fs/xfs/xfs_inode.c index d53c39de7d0..12c277a5e98 100644 --- a/fs/xfs/xfs_inode.c +++ b/fs/xfs/xfs_inode.c | |||
@@ -177,7 +177,7 @@ xfs_imap_to_bp( | |||
177 | if (unlikely(XFS_TEST_ERROR(!di_ok, mp, | 177 | if (unlikely(XFS_TEST_ERROR(!di_ok, mp, |
178 | XFS_ERRTAG_ITOBP_INOTOBP, | 178 | XFS_ERRTAG_ITOBP_INOTOBP, |
179 | XFS_RANDOM_ITOBP_INOTOBP))) { | 179 | XFS_RANDOM_ITOBP_INOTOBP))) { |
180 | if (iget_flags & XFS_IGET_BULKSTAT) { | 180 | if (iget_flags & XFS_IGET_UNTRUSTED) { |
181 | xfs_trans_brelse(tp, bp); | 181 | xfs_trans_brelse(tp, bp); |
182 | return XFS_ERROR(EINVAL); | 182 | return XFS_ERROR(EINVAL); |
183 | } | 183 | } |
diff --git a/fs/xfs/xfs_inode.h b/fs/xfs/xfs_inode.h index 9965e40a461..6b31b38244a 100644 --- a/fs/xfs/xfs_inode.h +++ b/fs/xfs/xfs_inode.h | |||
@@ -500,7 +500,7 @@ do { \ | |||
500 | * Flags for xfs_iget() | 500 | * Flags for xfs_iget() |
501 | */ | 501 | */ |
502 | #define XFS_IGET_CREATE 0x1 | 502 | #define XFS_IGET_CREATE 0x1 |
503 | #define XFS_IGET_BULKSTAT 0x2 | 503 | #define XFS_IGET_UNTRUSTED 0x2 |
504 | 504 | ||
505 | int xfs_inotobp(struct xfs_mount *, struct xfs_trans *, | 505 | int xfs_inotobp(struct xfs_mount *, struct xfs_trans *, |
506 | xfs_ino_t, struct xfs_dinode **, | 506 | xfs_ino_t, struct xfs_dinode **, |
diff --git a/fs/xfs/xfs_itable.c b/fs/xfs/xfs_itable.c index 83d7827793e..2acd12fd3f2 100644 --- a/fs/xfs/xfs_itable.c +++ b/fs/xfs/xfs_itable.c | |||
@@ -80,7 +80,7 @@ xfs_bulkstat_one_int( | |||
80 | return XFS_ERROR(ENOMEM); | 80 | return XFS_ERROR(ENOMEM); |
81 | 81 | ||
82 | error = xfs_iget(mp, NULL, ino, | 82 | error = xfs_iget(mp, NULL, ino, |
83 | XFS_IGET_BULKSTAT, XFS_ILOCK_SHARED, &ip, bno); | 83 | XFS_IGET_UNTRUSTED, XFS_ILOCK_SHARED, &ip, bno); |
84 | if (error) { | 84 | if (error) { |
85 | *stat = BULKSTAT_RV_NOTHING; | 85 | *stat = BULKSTAT_RV_NOTHING; |
86 | goto out_free; | 86 | goto out_free; |