xfs: validate sb_logsunit is a multiple of the fs blocksize

commit 9c92ee208b1faa0ef2cc899b85fd0607b6fac7fe upstream.

Make sure the log stripe unit is sane before proceeding with mounting.
AFAICT this means that logsunit has to be 0, 1, or a multiple of the fs
block size.  Found this by setting the LSB of logsunit in xfs/350 and
watching the system crash as soon as we try to write to the log.

Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com>
Reviewed-by: Brian Foster <bfoster@redhat.com>
Signed-off-by: Suraj Jitindar Singh <surajjs@amazon.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

diff --git a/fs/xfs/xfs_log.c b/fs/xfs/xfs_log.c
index 4e768e606998abe5e4f2587cdf5e834930c280b2..360e32220f93d631e6a317c329d1362f0307e1a4 100644 (file)
--- a/fs/xfs/xfs_log.c
+++ b/fs/xfs/xfs_log.c
@@ -608,6 +608,7 @@ xfs_log_mount(
        xfs_daddr_t     blk_offset,
        int             num_bblks)
 {
+       bool            fatal = xfs_sb_version_hascrc(&mp->m_sb);
        int             error = 0;
        int             min_logfsbs;
 
@@ -659,9 +660,20 @@ xfs_log_mount(
                         XFS_FSB_TO_B(mp, mp->m_sb.sb_logblocks),
                         XFS_MAX_LOG_BYTES);
                error = -EINVAL;
+       } else if (mp->m_sb.sb_logsunit > 1 &&
+                  mp->m_sb.sb_logsunit % mp->m_sb.sb_blocksize) {
+               xfs_warn(mp,
+               "log stripe unit %u bytes must be a multiple of block size",
+                        mp->m_sb.sb_logsunit);
+               error = -EINVAL;
+               fatal = true;
        }
        if (error) {
-               if (xfs_sb_version_hascrc(&mp->m_sb)) {
+               /*
+                * Log check errors are always fatal on v5; or whenever bad
+                * metadata leads to a crash.
+                */
+               if (fatal) {
                        xfs_crit(mp, "AAIEEE! Log failed size checks. Abort!");
                        ASSERT(0);
                        goto out_free_log;