xfs: fix log block underflow during recovery cycle verification
authorBrian Foster <bfoster@redhat.com>
Thu, 26 Oct 2017 16:31:16 +0000 (09:31 -0700)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Wed, 20 Dec 2017 09:10:31 +0000 (10:10 +0100)
[ Upstream commit 9f2a4505800607e537e9dd9dea4f55c4b0c30c7a ]

It is possible for mkfs to format very small filesystems with too
small of an internal log with respect to the various minimum size
and block count requirements. If this occurs when the log happens to
be smaller than the scan window used for cycle verification and the
scan wraps the end of the log, the start_blk calculation in
xlog_find_head() underflows and leads to an attempt to scan an
invalid range of log blocks. This results in log recovery failure
and a failed mount.

Since there may be filesystems out in the wild with this kind of
geometry, we cannot simply refuse to mount. Instead, cap the scan
window for cycle verification to the size of the physical log. This
ensures that the cycle verification proceeds as expected when the
scan wraps the end of the log.

Reported-by: Zorro Lang <zlang@redhat.com>
Signed-off-by: Brian Foster <bfoster@redhat.com>
Reviewed-by: Darrick J. Wong <darrick.wong@oracle.com>
Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com>
Signed-off-by: Sasha Levin <alexander.levin@verizon.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
fs/xfs/xfs_log_recover.c

index ee34899396b263eaf88938cca95a8588221f0ede..d6e049fdd977d7f70fa831cfdf89d566a7784515 100644 (file)
@@ -753,7 +753,7 @@ xlog_find_head(
         * in the in-core log.  The following number can be made tighter if
         * we actually look at the block size of the filesystem.
         */
-       num_scan_bblks = XLOG_TOTAL_REC_SHIFT(log);
+       num_scan_bblks = min_t(int, log_bbnum, XLOG_TOTAL_REC_SHIFT(log));
        if (head_blk >= num_scan_bblks) {
                /*
                 * We are guaranteed that the entire check can be performed