diff options
author | Dave Chinner <dchinner@redhat.com> | 2010-06-24 03:15:47 +0200 |
---|---|---|
committer | Dave Chinner <david@fromorbit.com> | 2010-06-24 03:15:47 +0200 |
commit | 1920779e67cbf5ea8afef317777c5bf2b8096188 (patch) | |
tree | f3450e4075162ef5ec360446c301513a5adf316e /fs/xfs/xfs_ialloc.c | |
parent | xfs: validate untrusted inode numbers during lookup (diff) | |
download | linux-1920779e67cbf5ea8afef317777c5bf2b8096188.tar.xz linux-1920779e67cbf5ea8afef317777c5bf2b8096188.zip |
xfs: rename XFS_IGET_BULKSTAT to XFS_IGET_UNTRUSTED
Inode numbers may come from somewhere external to the filesystem
(e.g. file handles, bulkstat information) and so are inherently
untrusted. Rename the flag we use for these lookups to make it
obvious we are doing a lookup of an untrusted inode number and need
to verify it completely before trying to read it from disk.
Signed-off-by: Dave Chinner <dchinner@redhat.com>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Diffstat (limited to 'fs/xfs/xfs_ialloc.c')
-rw-r--r-- | fs/xfs/xfs_ialloc.c | 11 |
1 files changed, 7 insertions, 4 deletions
diff --git a/fs/xfs/xfs_ialloc.c b/fs/xfs/xfs_ialloc.c index 0c946c8e05da..d8fd36685eb9 100644 --- a/fs/xfs/xfs_ialloc.c +++ b/fs/xfs/xfs_ialloc.c @@ -1251,7 +1251,7 @@ xfs_imap_lookup( return error; /* for untrusted inodes check it is allocated first */ - if ((flags & XFS_IGET_BULKSTAT) && + if ((flags & XFS_IGET_UNTRUSTED) && (rec.ir_free & XFS_INOBT_MASK(agino - rec.ir_startino))) return EINVAL; @@ -1292,8 +1292,11 @@ xfs_imap( if (agno >= mp->m_sb.sb_agcount || agbno >= mp->m_sb.sb_agblocks || ino != XFS_AGINO_TO_INO(mp, agno, agino)) { #ifdef DEBUG - /* no diagnostics for bulkstat, ino comes from userspace */ - if (flags & XFS_IGET_BULKSTAT) + /* + * Don't output diagnostic information for untrusted inodes + * as they can be invalid without implying corruption. + */ + if (flags & XFS_IGET_UNTRUSTED) return XFS_ERROR(EINVAL); if (agno >= mp->m_sb.sb_agcount) { xfs_fs_cmn_err(CE_ALERT, mp, @@ -1329,7 +1332,7 @@ xfs_imap( * inodes in stale state on disk. Hence we have to do a btree lookup * in all cases where an untrusted inode number is passed. */ - if (flags & XFS_IGET_BULKSTAT) { + if (flags & XFS_IGET_UNTRUSTED) { error = xfs_imap_lookup(mp, tp, agno, agino, agbno, &chunk_agbno, &offset_agbno, flags); if (error) |