ext2/ext3/ext4: add block bitmap validation
authorAneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Wed, 17 Oct 2007 06:27:02 +0000 (23:27 -0700)
committerLinus Torvalds <torvalds@woody.linux-foundation.org>
Wed, 17 Oct 2007 15:42:52 +0000 (08:42 -0700)
When a new block bitmap is read from disk in read_block_bitmap() there are
a few bits that should ALWAYS be set.  In particular, the blocks given by
ext4_blk_bitmap, ext4_inode_bitmap and ext4_inode_table.  Validate the
block bitmap against these blocks.

[akpm@linux-foundation.org: cleanups]
Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Signed-off-by: Andreas Dilger <adilger@clusterfs.com>
Acked-by: Mingming Cao <cmm@us.ibm.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
fs/ext2/balloc.c
fs/ext3/balloc.c
fs/ext4/balloc.c

index 834ad4c16e2d9a61598504d6a414a29bb2b5e82b..ffaa6d8454425e1885e9e36dde2987dc00d6a278 100644 (file)
@@ -69,6 +69,14 @@ struct ext2_group_desc * ext2_get_group_desc(struct super_block * sb,
        return desc + offset;
 }
 
+static inline int
+block_in_use(unsigned long block, struct super_block *sb, unsigned char *map)
+{
+       return ext2_test_bit ((block -
+               le32_to_cpu(EXT2_SB(sb)->s_es->s_first_data_block)) %
+                        EXT2_BLOCKS_PER_GROUP(sb), map);
+}
+
 /*
  * Read the bitmap for a given block_group, reading into the specified 
  * slot in the superblock's bitmap cache.
@@ -78,20 +86,51 @@ struct ext2_group_desc * ext2_get_group_desc(struct super_block * sb,
 static struct buffer_head *
 read_block_bitmap(struct super_block *sb, unsigned int block_group)
 {
+       int i;
        struct ext2_group_desc * desc;
        struct buffer_head * bh = NULL;
-       
+       unsigned int bitmap_blk;
+
        desc = ext2_get_group_desc (sb, block_group, NULL);
        if (!desc)
-               goto error_out;
-       bh = sb_bread(sb, le32_to_cpu(desc->bg_block_bitmap));
+               return NULL;
+       bitmap_blk = le32_to_cpu(desc->bg_block_bitmap);
+       bh = sb_bread(sb, bitmap_blk);
        if (!bh)
-               ext2_error (sb, "read_block_bitmap",
+               ext2_error (sb, __FUNCTION__,
                            "Cannot read block bitmap - "
                            "block_group = %d, block_bitmap = %u",
                            block_group, le32_to_cpu(desc->bg_block_bitmap));
-error_out:
+
+       /* check whether block bitmap block number is set */
+       if (!block_in_use(bitmap_blk, sb, bh->b_data)) {
+               /* bad block bitmap */
+               goto error_out;
+       }
+       /* check whether the inode bitmap block number is set */
+       bitmap_blk = le32_to_cpu(desc->bg_inode_bitmap);
+       if (!block_in_use(bitmap_blk, sb, bh->b_data)) {
+               /* bad block bitmap */
+               goto error_out;
+       }
+       /* check whether the inode table block number is set */
+       bitmap_blk = le32_to_cpu(desc->bg_inode_table);
+       for (i = 0; i < EXT2_SB(sb)->s_itb_per_group; i++, bitmap_blk++) {
+               if (!block_in_use(bitmap_blk, sb, bh->b_data)) {
+                       /* bad block bitmap */
+                       goto error_out;
+               }
+       }
+
        return bh;
+
+error_out:
+       brelse(bh);
+       ext2_error(sb, __FUNCTION__,
+                       "Invalid block bitmap - "
+                       "block_group = %d, block = %u",
+                       block_group, bitmap_blk);
+       return NULL;
 }
 
 /*
@@ -583,13 +622,6 @@ unsigned long ext2_count_free_blocks (struct super_block * sb)
 #endif
 }
 
-static inline int
-block_in_use(unsigned long block, struct super_block *sb, unsigned char *map)
-{
-       return ext2_test_bit ((block -
-               le32_to_cpu(EXT2_SB(sb)->s_es->s_first_data_block)) %
-                        EXT2_BLOCKS_PER_GROUP(sb), map);
-}
 
 static inline int test_root(int a, int b)
 {
index d3758ee9cb5bde3e8c6ee8c1b154efa48e3e9443..7a87d15523be62f1d33c72c4d8a2eba359d45237 100644 (file)
@@ -80,6 +80,14 @@ struct ext3_group_desc * ext3_get_group_desc(struct super_block * sb,
        return desc + offset;
 }
 
+static inline int
+block_in_use(ext3_fsblk_t block, struct super_block *sb, unsigned char *map)
+{
+       return ext3_test_bit ((block -
+               le32_to_cpu(EXT3_SB(sb)->s_es->s_first_data_block)) %
+                        EXT3_BLOCKS_PER_GROUP(sb), map);
+}
+
 /**
  * read_block_bitmap()
  * @sb:                        super block
@@ -93,20 +101,51 @@ struct ext3_group_desc * ext3_get_group_desc(struct super_block * sb,
 static struct buffer_head *
 read_block_bitmap(struct super_block *sb, unsigned int block_group)
 {
+       int i;
        struct ext3_group_desc * desc;
        struct buffer_head * bh = NULL;
+       ext3_fsblk_t bitmap_blk;
 
        desc = ext3_get_group_desc (sb, block_group, NULL);
        if (!desc)
-               goto error_out;
-       bh = sb_bread(sb, le32_to_cpu(desc->bg_block_bitmap));
+               return NULL;
+       bitmap_blk = le32_to_cpu(desc->bg_block_bitmap);
+       bh = sb_bread(sb, bitmap_blk);
        if (!bh)
-               ext3_error (sb, "read_block_bitmap",
+               ext3_error (sb, __FUNCTION__,
                            "Cannot read block bitmap - "
                            "block_group = %d, block_bitmap = %u",
                            block_group, le32_to_cpu(desc->bg_block_bitmap));
-error_out:
+
+       /* check whether block bitmap block number is set */
+       if (!block_in_use(bitmap_blk, sb, bh->b_data)) {
+               /* bad block bitmap */
+               goto error_out;
+       }
+       /* check whether the inode bitmap block number is set */
+       bitmap_blk = le32_to_cpu(desc->bg_inode_bitmap);
+       if (!block_in_use(bitmap_blk, sb, bh->b_data)) {
+               /* bad block bitmap */
+               goto error_out;
+       }
+       /* check whether the inode table block number is set */
+       bitmap_blk = le32_to_cpu(desc->bg_inode_table);
+       for (i = 0; i < EXT3_SB(sb)->s_itb_per_group; i++, bitmap_blk++) {
+               if (!block_in_use(bitmap_blk, sb, bh->b_data)) {
+                       /* bad block bitmap */
+                       goto error_out;
+               }
+       }
+
        return bh;
+
+error_out:
+       brelse(bh);
+       ext3_error(sb, __FUNCTION__,
+                       "Invalid block bitmap - "
+                       "block_group = %d, block = %lu",
+                       block_group, bitmap_blk);
+       return NULL;
 }
 /*
  * The reservation window structure operations
@@ -1733,13 +1772,6 @@ ext3_fsblk_t ext3_count_free_blocks(struct super_block *sb)
 #endif
 }
 
-static inline int
-block_in_use(ext3_fsblk_t block, struct super_block *sb, unsigned char *map)
-{
-       return ext3_test_bit ((block -
-               le32_to_cpu(EXT3_SB(sb)->s_es->s_first_data_block)) %
-                        EXT3_BLOCKS_PER_GROUP(sb), map);
-}
 
 static inline int test_root(int a, int b)
 {
index 8d59eec2e82b55e98cd3e82845378fb34bd5ddba..b74bf436844187c32cce9cc31ecdce1031a1cc1e 100644 (file)
@@ -100,6 +100,15 @@ struct ext4_group_desc * ext4_get_group_desc(struct super_block * sb,
        return desc;
 }
 
+static inline int
+block_in_use(ext4_fsblk_t block, struct super_block *sb, unsigned char *map)
+{
+       ext4_grpblk_t offset;
+
+       ext4_get_group_no_and_offset(sb, block, NULL, &offset);
+       return ext4_test_bit (offset, map);
+}
+
 /**
  * read_block_bitmap()
  * @sb:                        super block
@@ -113,21 +122,53 @@ struct ext4_group_desc * ext4_get_group_desc(struct super_block * sb,
 static struct buffer_head *
 read_block_bitmap(struct super_block *sb, unsigned int block_group)
 {
+       int i;
        struct ext4_group_desc * desc;
        struct buffer_head * bh = NULL;
+       ext4_fsblk_t bitmap_blk;
 
        desc = ext4_get_group_desc (sb, block_group, NULL);
        if (!desc)
-               goto error_out;
-       bh = sb_bread(sb, ext4_block_bitmap(sb, desc));
+               return NULL;
+       bitmap_blk = ext4_block_bitmap(sb, desc);
+       bh = sb_bread(sb, bitmap_blk);
        if (!bh)
-               ext4_error (sb, "read_block_bitmap",
+               ext4_error (sb, __FUNCTION__,
                            "Cannot read block bitmap - "
                            "block_group = %d, block_bitmap = %llu",
-                           block_group,
-                           ext4_block_bitmap(sb, desc));
-error_out:
+                           block_group, bitmap_blk);
+
+       /* check whether block bitmap block number is set */
+       if (!block_in_use(bitmap_blk, sb, bh->b_data)) {
+               /* bad block bitmap */
+               goto error_out;
+       }
+
+       /* check whether the inode bitmap block number is set */
+       bitmap_blk = ext4_inode_bitmap(sb, desc);
+       if (!block_in_use(bitmap_blk, sb, bh->b_data)) {
+               /* bad block bitmap */
+               goto error_out;
+       }
+       /* check whether the inode table block number is set */
+       bitmap_blk = ext4_inode_table(sb, desc);
+       for (i = 0; i < EXT4_SB(sb)->s_itb_per_group; i++, bitmap_blk++) {
+               if (!block_in_use(bitmap_blk, sb, bh->b_data)) {
+                       /* bad block bitmap */
+                       goto error_out;
+               }
+       }
+
        return bh;
+
+error_out:
+       brelse(bh);
+       ext4_error(sb, __FUNCTION__,
+                       "Invalid block bitmap - "
+                       "block_group = %d, block = %llu",
+                       block_group, bitmap_blk);
+       return NULL;
+
 }
 /*
  * The reservation window structure operations
@@ -1747,15 +1788,6 @@ ext4_fsblk_t ext4_count_free_blocks(struct super_block *sb)
 #endif
 }
 
-static inline int
-block_in_use(ext4_fsblk_t block, struct super_block *sb, unsigned char *map)
-{
-       ext4_grpblk_t offset;
-
-       ext4_get_group_no_and_offset(sb, block, NULL, &offset);
-       return ext4_test_bit (offset, map);
-}
-
 static inline int test_root(int a, int b)
 {
        int num = b;