xfs: rename XFS_IGET_BULKSTAT to XFS_IGET_UNTRUSTED

Inode numbers may come from somewhere external to the filesystem
(e.g. file handles, bulkstat information) and so are inherently
untrusted. Rename the flag we use for these lookups to make it
obvious we are doing a lookup of an untrusted inode number and need
to verify it completely before trying to read it from disk.

Signed-off-by: Dave Chinner <dchinner@redhat.com>
Reviewed-by: Christoph Hellwig <hch@lst.de>

diff --git a/fs/xfs/linux-2.6/xfs_export.c b/fs/xfs/linux-2.6/xfs_export.c
index 846b75aeb2abe2b260a8efda2a15a73a2b8c18ab..92c84a19cc9e1ea26bc2a1e37b4de4cc8737369c 100644 (file)
--- a/fs/xfs/linux-2.6/xfs_export.c
+++ b/fs/xfs/linux-2.6/xfs_export.c
@@ -128,12 +128,11 @@ xfs_nfs_get_inode(
                return ERR_PTR(-ESTALE);
 
        /*
-        * The XFS_IGET_BULKSTAT means that an invalid inode number is just
-        * fine and not an indication of a corrupted filesystem.  Because
-        * clients can send any kind of invalid file handle, e.g. after
-        * a restore on the server we have to deal with this case gracefully.
+        * The XFS_IGET_UNTRUSTED means that an invalid inode number is just
+        * fine and not an indication of a corrupted filesystem as clients can
+        * send invalid file handles and we have to handle it gracefully..
         */
-       error = xfs_iget(mp, NULL, ino, XFS_IGET_BULKSTAT,
+       error = xfs_iget(mp, NULL, ino, XFS_IGET_UNTRUSTED,
                         XFS_ILOCK_SHARED, &ip, 0);
        if (error) {
                /*

diff --git a/fs/xfs/xfs_ialloc.c b/fs/xfs/xfs_ialloc.c
index 0c946c8e05da40656b72aa94ce55120e21cf949e..d8fd36685eb9d12b4b51925e82535cb5e4e240fd 100644 (file)
--- a/fs/xfs/xfs_ialloc.c
+++ b/fs/xfs/xfs_ialloc.c
@@ -1251,7 +1251,7 @@ xfs_imap_lookup(
                return error;
 
        /* for untrusted inodes check it is allocated first */
-       if ((flags & XFS_IGET_BULKSTAT) &&
+       if ((flags & XFS_IGET_UNTRUSTED) &&
            (rec.ir_free & XFS_INOBT_MASK(agino - rec.ir_startino)))
                return EINVAL;
 
@@ -1292,8 +1292,11 @@ xfs_imap(
        if (agno >= mp->m_sb.sb_agcount || agbno >= mp->m_sb.sb_agblocks ||
            ino != XFS_AGINO_TO_INO(mp, agno, agino)) {
 #ifdef DEBUG
-               /* no diagnostics for bulkstat, ino comes from userspace */
-               if (flags & XFS_IGET_BULKSTAT)
+               /*
+                * Don't output diagnostic information for untrusted inodes
+                * as they can be invalid without implying corruption.
+                */
+               if (flags & XFS_IGET_UNTRUSTED)
                        return XFS_ERROR(EINVAL);
                if (agno >= mp->m_sb.sb_agcount) {
                        xfs_fs_cmn_err(CE_ALERT, mp,
@@ -1329,7 +1332,7 @@ xfs_imap(
         * inodes in stale state on disk. Hence we have to do a btree lookup
         * in all cases where an untrusted inode number is passed.
         */
-       if (flags & XFS_IGET_BULKSTAT) {
+       if (flags & XFS_IGET_UNTRUSTED) {
                error = xfs_imap_lookup(mp, tp, agno, agino, agbno,
                                        &chunk_agbno, &offset_agbno, flags);
                if (error)

diff --git a/fs/xfs/xfs_inode.c b/fs/xfs/xfs_inode.c
index d53c39de7d05930413bfb66b82a33fe6e76c813e..12c277a5e98acecbccdbc94452c7facdda945a42 100644 (file)
--- a/fs/xfs/xfs_inode.c
+++ b/fs/xfs/xfs_inode.c
@@ -177,7 +177,7 @@ xfs_imap_to_bp(
                if (unlikely(XFS_TEST_ERROR(!di_ok, mp,
                                                XFS_ERRTAG_ITOBP_INOTOBP,
                                                XFS_RANDOM_ITOBP_INOTOBP))) {
-                       if (iget_flags & XFS_IGET_BULKSTAT) {
+                       if (iget_flags & XFS_IGET_UNTRUSTED) {
                                xfs_trans_brelse(tp, bp);
                                return XFS_ERROR(EINVAL);
                        }

diff --git a/fs/xfs/xfs_inode.h b/fs/xfs/xfs_inode.h
index 9965e40a4615d8c09001ffe800c7e750ab8bece7..6b31b38244abc52c8edadcf864b16cf7413cdd99 100644 (file)
--- a/fs/xfs/xfs_inode.h
+++ b/fs/xfs/xfs_inode.h
@@ -500,7 +500,7 @@ do { \
  * Flags for xfs_iget()
  */
 #define XFS_IGET_CREATE                0x1
-#define XFS_IGET_BULKSTAT      0x2
+#define XFS_IGET_UNTRUSTED     0x2
 
 int            xfs_inotobp(struct xfs_mount *, struct xfs_trans *,
                            xfs_ino_t, struct xfs_dinode **,

diff --git a/fs/xfs/xfs_itable.c b/fs/xfs/xfs_itable.c
index 83d7827793e499b1b9207f092bbd60ae4987a042..2acd12fd3f25557818b21cfb2c425bba656a412a 100644 (file)
--- a/fs/xfs/xfs_itable.c
+++ b/fs/xfs/xfs_itable.c
@@ -80,7 +80,7 @@ xfs_bulkstat_one_int(
                return XFS_ERROR(ENOMEM);
 
        error = xfs_iget(mp, NULL, ino,
-                        XFS_IGET_BULKSTAT, XFS_ILOCK_SHARED, &ip, bno);
+                        XFS_IGET_UNTRUSTED, XFS_ILOCK_SHARED, &ip, bno);
        if (error) {
                *stat = BULKSTAT_RV_NOTHING;
                goto out_free;