From c12ad41468a5f4112b98566dcb1ee9096579106a Mon Sep 17 00:00:00 2001 From: "Darrick J. Wong" Date: Tue, 11 Apr 2023 19:00:29 -0700 Subject: [PATCH 01/12] xfs: xattr scrub should ensure one namespace bit per name Check that each extended attribute exists in only one namespace. Signed-off-by: Darrick J. Wong Reviewed-by: Dave Chinner --- fs/xfs/scrub/attr.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/fs/xfs/scrub/attr.c b/fs/xfs/scrub/attr.c index 5573be3a3dfe..f6def9c864ab 100644 --- a/fs/xfs/scrub/attr.c +++ b/fs/xfs/scrub/attr.c @@ -128,10 +128,16 @@ xchk_xattr_listent( return; } + /* Only one namespace bit allowed. */ + if (hweight32(flags & XFS_ATTR_NSP_ONDISK_MASK) > 1) { + xchk_fblock_set_corrupt(sx->sc, XFS_ATTR_FORK, args.blkno); + goto fail_xref; + } + /* Does this name make sense? */ if (!xfs_attr_namecheck(name, namelen)) { xchk_fblock_set_corrupt(sx->sc, XFS_ATTR_FORK, args.blkno); - return; + goto fail_xref; } /* From ee366fe4f519f0739a2c62cf998f58932e77c6a9 Mon Sep 17 00:00:00 2001 From: "Darrick J. Wong" Date: Tue, 11 Apr 2023 19:00:29 -0700 Subject: [PATCH 02/12] xfs: don't shadow @leaf in xchk_xattr_block Don't shadow the leaf variable here, because it's misleading to have one place in the codebase where two variables with different types have the same name. Signed-off-by: Darrick J. Wong Reviewed-by: Dave Chinner --- fs/xfs/scrub/attr.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/fs/xfs/scrub/attr.c b/fs/xfs/scrub/attr.c index f6def9c864ab..6bb0256d0689 100644 --- a/fs/xfs/scrub/attr.c +++ b/fs/xfs/scrub/attr.c @@ -342,10 +342,10 @@ xchk_xattr_block( /* Check all the padding. */ if (xfs_has_crc(ds->sc->mp)) { - struct xfs_attr3_leafblock *leaf = bp->b_addr; + struct xfs_attr3_leafblock *leaf3 = bp->b_addr; - if (leaf->hdr.pad1 != 0 || leaf->hdr.pad2 != 0 || - leaf->hdr.info.hdr.pad != 0) + if (leaf3->hdr.pad1 != 0 || leaf3->hdr.pad2 != 0 || + leaf3->hdr.info.hdr.pad != 0) xchk_da_set_corrupt(ds, level); } else { if (leaf->hdr.pad1 != 0 || leaf->hdr.info.pad != 0) From 4cb76025208925f697de66ac4d2d821cafabd367 Mon Sep 17 00:00:00 2001 From: "Darrick J. Wong" Date: Tue, 11 Apr 2023 19:00:30 -0700 Subject: [PATCH 03/12] xfs: remove unnecessary dstmap in xattr scrubber Replace bitmap_and with bitmap_intersects in the xattr leaf block scrubber, since we only care if there's overlap between the used space bitmap and the free space bitmap. This means we don't need dstmap any more, and can thus reduce the memory requirements. Signed-off-by: Darrick J. Wong Reviewed-by: Dave Chinner --- fs/xfs/scrub/attr.c | 7 +++---- fs/xfs/scrub/attr.h | 12 +----------- 2 files changed, 4 insertions(+), 15 deletions(-) diff --git a/fs/xfs/scrub/attr.c b/fs/xfs/scrub/attr.c index 6bb0256d0689..45fa8a5967de 100644 --- a/fs/xfs/scrub/attr.c +++ b/fs/xfs/scrub/attr.c @@ -36,10 +36,10 @@ xchk_setup_xattr_buf( /* * We need enough space to read an xattr value from the file or enough - * space to hold three copies of the xattr free space bitmap. We don't + * space to hold two copies of the xattr free space bitmap. We don't * need the buffer space for both purposes at the same time. */ - sz = 3 * sizeof(long) * BITS_TO_LONGS(sc->mp->m_attr_geo->blksize); + sz = 2 * sizeof(long) * BITS_TO_LONGS(sc->mp->m_attr_geo->blksize); sz = max_t(size_t, sz, value_size); /* @@ -223,7 +223,6 @@ xchk_xattr_check_freemap( struct xfs_attr3_icleaf_hdr *leafhdr) { unsigned long *freemap = xchk_xattr_freemap(sc); - unsigned long *dstmap = xchk_xattr_dstmap(sc); unsigned int mapsize = sc->mp->m_attr_geo->blksize; int i; @@ -237,7 +236,7 @@ xchk_xattr_check_freemap( } /* Look for bits that are set in freemap and are marked in use. */ - return bitmap_and(dstmap, freemap, map, mapsize) == 0; + return !bitmap_intersects(freemap, map, mapsize); } /* diff --git a/fs/xfs/scrub/attr.h b/fs/xfs/scrub/attr.h index bc6321552251..daf354a581bb 100644 --- a/fs/xfs/scrub/attr.h +++ b/fs/xfs/scrub/attr.h @@ -21,8 +21,7 @@ struct xchk_xattr_buf { * Each bitmap contains enough bits to track every byte in an attr * block (rounded up to the size of an unsigned long). The attr block * used space bitmap starts at the beginning of the buffer; the free - * space bitmap follows immediately after; and we have a third buffer - * for storing intermediate bitmap results. + * space bitmap follows immediately after. */ uint8_t buf[]; }; @@ -56,13 +55,4 @@ xchk_xattr_freemap( BITS_TO_LONGS(sc->mp->m_attr_geo->blksize); } -/* A bitmap used to hold temporary results. */ -static inline unsigned long * -xchk_xattr_dstmap( - struct xfs_scrub *sc) -{ - return xchk_xattr_freemap(sc) + - BITS_TO_LONGS(sc->mp->m_attr_geo->blksize); -} - #endif /* __XFS_SCRUB_ATTR_H__ */ From 91781ff549379a867d8fbe588a4c95f6598b1fa9 Mon Sep 17 00:00:00 2001 From: "Darrick J. Wong" Date: Tue, 11 Apr 2023 19:00:30 -0700 Subject: [PATCH 04/12] xfs: split freemap from xchk_xattr_buf.buf Move the free space bitmap from somewhere in xchk_xattr_buf.buf[] to an explicit pointer. This is the start of removing the complex overloaded memory buffer that is the source of weird memory misuse bugs. Signed-off-by: Darrick J. Wong Reviewed-by: Dave Chinner --- fs/xfs/scrub/attr.c | 40 ++++++++++++++++++++++++++++++++-------- fs/xfs/scrub/attr.h | 15 ++++----------- fs/xfs/scrub/scrub.c | 3 +++ fs/xfs/scrub/scrub.h | 10 ++++++++++ 4 files changed, 49 insertions(+), 19 deletions(-) diff --git a/fs/xfs/scrub/attr.c b/fs/xfs/scrub/attr.c index 45fa8a5967de..bc529b53a84f 100644 --- a/fs/xfs/scrub/attr.c +++ b/fs/xfs/scrub/attr.c @@ -20,6 +20,17 @@ #include "scrub/dabtree.h" #include "scrub/attr.h" +/* Free the buffers linked from the xattr buffer. */ +static void +xchk_xattr_buf_cleanup( + void *priv) +{ + struct xchk_xattr_buf *ab = priv; + + kvfree(ab->freemap); + ab->freemap = NULL; +} + /* * Allocate enough memory to hold an attr value and attr block bitmaps, * reallocating the buffer if necessary. Buffer contents are not preserved @@ -32,15 +43,18 @@ xchk_setup_xattr_buf( gfp_t flags) { size_t sz; + size_t bmp_sz; struct xchk_xattr_buf *ab = sc->buf; + unsigned long *old_freemap = NULL; + + bmp_sz = sizeof(long) * BITS_TO_LONGS(sc->mp->m_attr_geo->blksize); /* * We need enough space to read an xattr value from the file or enough - * space to hold two copies of the xattr free space bitmap. We don't + * space to hold one copy of the xattr free space bitmap. We don't * need the buffer space for both purposes at the same time. */ - sz = 2 * sizeof(long) * BITS_TO_LONGS(sc->mp->m_attr_geo->blksize); - sz = max_t(size_t, sz, value_size); + sz = max_t(size_t, bmp_sz, value_size); /* * If there's already a buffer, figure out if we need to reallocate it @@ -49,6 +63,7 @@ xchk_setup_xattr_buf( if (ab) { if (sz <= ab->sz) return 0; + old_freemap = ab->freemap; kvfree(ab); sc->buf = NULL; } @@ -60,9 +75,18 @@ xchk_setup_xattr_buf( ab = kvmalloc(sizeof(*ab) + sz, flags); if (!ab) return -ENOMEM; - ab->sz = sz; sc->buf = ab; + sc->buf_cleanup = xchk_xattr_buf_cleanup; + + if (old_freemap) { + ab->freemap = old_freemap; + } else { + ab->freemap = kvmalloc(bmp_sz, flags); + if (!ab->freemap) + return -ENOMEM; + } + return 0; } @@ -222,21 +246,21 @@ xchk_xattr_check_freemap( unsigned long *map, struct xfs_attr3_icleaf_hdr *leafhdr) { - unsigned long *freemap = xchk_xattr_freemap(sc); + struct xchk_xattr_buf *ab = sc->buf; unsigned int mapsize = sc->mp->m_attr_geo->blksize; int i; /* Construct bitmap of freemap contents. */ - bitmap_zero(freemap, mapsize); + bitmap_zero(ab->freemap, mapsize); for (i = 0; i < XFS_ATTR_LEAF_MAPSIZE; i++) { - if (!xchk_xattr_set_map(sc, freemap, + if (!xchk_xattr_set_map(sc, ab->freemap, leafhdr->freemap[i].base, leafhdr->freemap[i].size)) return false; } /* Look for bits that are set in freemap and are marked in use. */ - return !bitmap_intersects(freemap, map, mapsize); + return !bitmap_intersects(ab->freemap, map, mapsize); } /* diff --git a/fs/xfs/scrub/attr.h b/fs/xfs/scrub/attr.h index daf354a581bb..341855b3201b 100644 --- a/fs/xfs/scrub/attr.h +++ b/fs/xfs/scrub/attr.h @@ -10,6 +10,9 @@ * Temporary storage for online scrub and repair of extended attributes. */ struct xchk_xattr_buf { + /* Bitmap of free space in xattr leaf blocks. */ + unsigned long *freemap; + /* Size of @buf, in bytes. */ size_t sz; @@ -20,8 +23,7 @@ struct xchk_xattr_buf { * * Each bitmap contains enough bits to track every byte in an attr * block (rounded up to the size of an unsigned long). The attr block - * used space bitmap starts at the beginning of the buffer; the free - * space bitmap follows immediately after. + * used space bitmap starts at the beginning of the buffer. */ uint8_t buf[]; }; @@ -46,13 +48,4 @@ xchk_xattr_usedmap( return (unsigned long *)ab->buf; } -/* A bitmap of free space computed by walking attr leaf block free info. */ -static inline unsigned long * -xchk_xattr_freemap( - struct xfs_scrub *sc) -{ - return xchk_xattr_usedmap(sc) + - BITS_TO_LONGS(sc->mp->m_attr_geo->blksize); -} - #endif /* __XFS_SCRUB_ATTR_H__ */ diff --git a/fs/xfs/scrub/scrub.c b/fs/xfs/scrub/scrub.c index 03ec455318f4..02819bedc5b1 100644 --- a/fs/xfs/scrub/scrub.c +++ b/fs/xfs/scrub/scrub.c @@ -189,7 +189,10 @@ xchk_teardown( if (sc->flags & XCHK_REAPING_DISABLED) xchk_start_reaping(sc); if (sc->buf) { + if (sc->buf_cleanup) + sc->buf_cleanup(sc->buf); kvfree(sc->buf); + sc->buf_cleanup = NULL; sc->buf = NULL; } diff --git a/fs/xfs/scrub/scrub.h b/fs/xfs/scrub/scrub.h index c519927355fe..e71903474cd7 100644 --- a/fs/xfs/scrub/scrub.h +++ b/fs/xfs/scrub/scrub.h @@ -77,7 +77,17 @@ struct xfs_scrub { */ struct xfs_inode *ip; + /* Kernel memory buffer used by scrubbers; freed at teardown. */ void *buf; + + /* + * Clean up resources owned by whatever is in the buffer. Cleanup can + * be deferred with this hook as a means for scrub functions to pass + * data to repair functions. This function must not free the buffer + * itself. + */ + void (*buf_cleanup)(void *buf); + uint ilock_flags; /* See the XCHK/XREP state flags below. */ From 80069284b5eb63e48bc7cb9d4bd179711ae6e77a Mon Sep 17 00:00:00 2001 From: "Darrick J. Wong" Date: Tue, 11 Apr 2023 19:00:31 -0700 Subject: [PATCH 05/12] xfs: split usedmap from xchk_xattr_buf.buf Move the used space bitmap from somewhere in xchk_xattr_buf.buf[] to an explicit pointer. Signed-off-by: Darrick J. Wong Reviewed-by: Dave Chinner --- fs/xfs/scrub/attr.c | 39 +++++++++++++++++++++------------------ fs/xfs/scrub/attr.h | 22 +++++----------------- 2 files changed, 26 insertions(+), 35 deletions(-) diff --git a/fs/xfs/scrub/attr.c b/fs/xfs/scrub/attr.c index bc529b53a84f..65ec503c8a38 100644 --- a/fs/xfs/scrub/attr.c +++ b/fs/xfs/scrub/attr.c @@ -29,6 +29,8 @@ xchk_xattr_buf_cleanup( kvfree(ab->freemap); ab->freemap = NULL; + kvfree(ab->usedmap); + ab->usedmap = NULL; } /* @@ -42,20 +44,14 @@ xchk_setup_xattr_buf( size_t value_size, gfp_t flags) { - size_t sz; + size_t sz = value_size; size_t bmp_sz; struct xchk_xattr_buf *ab = sc->buf; + unsigned long *old_usedmap = NULL; unsigned long *old_freemap = NULL; bmp_sz = sizeof(long) * BITS_TO_LONGS(sc->mp->m_attr_geo->blksize); - /* - * We need enough space to read an xattr value from the file or enough - * space to hold one copy of the xattr free space bitmap. We don't - * need the buffer space for both purposes at the same time. - */ - sz = max_t(size_t, bmp_sz, value_size); - /* * If there's already a buffer, figure out if we need to reallocate it * to accommodate a larger size. @@ -64,6 +60,7 @@ xchk_setup_xattr_buf( if (sz <= ab->sz) return 0; old_freemap = ab->freemap; + old_usedmap = ab->usedmap; kvfree(ab); sc->buf = NULL; } @@ -79,6 +76,14 @@ xchk_setup_xattr_buf( sc->buf = ab; sc->buf_cleanup = xchk_xattr_buf_cleanup; + if (old_usedmap) { + ab->usedmap = old_usedmap; + } else { + ab->usedmap = kvmalloc(bmp_sz, flags); + if (!ab->usedmap) + return -ENOMEM; + } + if (old_freemap) { ab->freemap = old_freemap; } else { @@ -243,7 +248,6 @@ xchk_xattr_set_map( STATIC bool xchk_xattr_check_freemap( struct xfs_scrub *sc, - unsigned long *map, struct xfs_attr3_icleaf_hdr *leafhdr) { struct xchk_xattr_buf *ab = sc->buf; @@ -260,7 +264,7 @@ xchk_xattr_check_freemap( } /* Look for bits that are set in freemap and are marked in use. */ - return !bitmap_intersects(ab->freemap, map, mapsize); + return !bitmap_intersects(ab->freemap, ab->usedmap, mapsize); } /* @@ -280,7 +284,7 @@ xchk_xattr_entry( __u32 *last_hashval) { struct xfs_mount *mp = ds->state->mp; - unsigned long *usedmap = xchk_xattr_usedmap(ds->sc); + struct xchk_xattr_buf *ab = ds->sc->buf; char *name_end; struct xfs_attr_leaf_name_local *lentry; struct xfs_attr_leaf_name_remote *rentry; @@ -320,7 +324,7 @@ xchk_xattr_entry( if (name_end > buf_end) xchk_da_set_corrupt(ds, level); - if (!xchk_xattr_set_map(ds->sc, usedmap, nameidx, namesize)) + if (!xchk_xattr_set_map(ds->sc, ab->usedmap, nameidx, namesize)) xchk_da_set_corrupt(ds, level); if (!(ds->sc->sm->sm_flags & XFS_SCRUB_OFLAG_CORRUPT)) *usedbytes += namesize; @@ -340,7 +344,7 @@ xchk_xattr_block( struct xfs_attr_leafblock *leaf = bp->b_addr; struct xfs_attr_leaf_entry *ent; struct xfs_attr_leaf_entry *entries; - unsigned long *usedmap; + struct xchk_xattr_buf *ab = ds->sc->buf; char *buf_end; size_t off; __u32 last_hashval = 0; @@ -358,10 +362,9 @@ xchk_xattr_block( return -EDEADLOCK; if (error) return error; - usedmap = xchk_xattr_usedmap(ds->sc); *last_checked = blk->blkno; - bitmap_zero(usedmap, mp->m_attr_geo->blksize); + bitmap_zero(ab->usedmap, mp->m_attr_geo->blksize); /* Check all the padding. */ if (xfs_has_crc(ds->sc->mp)) { @@ -385,7 +388,7 @@ xchk_xattr_block( xchk_da_set_corrupt(ds, level); if (leafhdr.firstused < hdrsize) xchk_da_set_corrupt(ds, level); - if (!xchk_xattr_set_map(ds->sc, usedmap, 0, hdrsize)) + if (!xchk_xattr_set_map(ds->sc, ab->usedmap, 0, hdrsize)) xchk_da_set_corrupt(ds, level); if (ds->sc->sm->sm_flags & XFS_SCRUB_OFLAG_CORRUPT) @@ -399,7 +402,7 @@ xchk_xattr_block( for (i = 0, ent = entries; i < leafhdr.count; ent++, i++) { /* Mark the leaf entry itself. */ off = (char *)ent - (char *)leaf; - if (!xchk_xattr_set_map(ds->sc, usedmap, off, + if (!xchk_xattr_set_map(ds->sc, ab->usedmap, off, sizeof(xfs_attr_leaf_entry_t))) { xchk_da_set_corrupt(ds, level); goto out; @@ -413,7 +416,7 @@ xchk_xattr_block( goto out; } - if (!xchk_xattr_check_freemap(ds->sc, usedmap, &leafhdr)) + if (!xchk_xattr_check_freemap(ds->sc, &leafhdr)) xchk_da_set_corrupt(ds, level); if (leafhdr.usedbytes != usedbytes) diff --git a/fs/xfs/scrub/attr.h b/fs/xfs/scrub/attr.h index 341855b3201b..525f45815526 100644 --- a/fs/xfs/scrub/attr.h +++ b/fs/xfs/scrub/attr.h @@ -10,6 +10,9 @@ * Temporary storage for online scrub and repair of extended attributes. */ struct xchk_xattr_buf { + /* Bitmap of used space in xattr leaf blocks. */ + unsigned long *usedmap; + /* Bitmap of free space in xattr leaf blocks. */ unsigned long *freemap; @@ -17,13 +20,8 @@ struct xchk_xattr_buf { size_t sz; /* - * Memory buffer -- either used for extracting attr values while - * walking the attributes; or for computing attr block bitmaps when - * checking the attribute tree. - * - * Each bitmap contains enough bits to track every byte in an attr - * block (rounded up to the size of an unsigned long). The attr block - * used space bitmap starts at the beginning of the buffer. + * Memory buffer -- used for extracting attr values while walking the + * attributes. */ uint8_t buf[]; }; @@ -38,14 +36,4 @@ xchk_xattr_valuebuf( return ab->buf; } -/* A bitmap of space usage computed by walking an attr leaf block. */ -static inline unsigned long * -xchk_xattr_usedmap( - struct xfs_scrub *sc) -{ - struct xchk_xattr_buf *ab = sc->buf; - - return (unsigned long *)ab->buf; -} - #endif /* __XFS_SCRUB_ATTR_H__ */ From b996c9a80664b970b73961c83bede243b999341e Mon Sep 17 00:00:00 2001 From: "Darrick J. Wong" Date: Tue, 11 Apr 2023 19:00:31 -0700 Subject: [PATCH 06/12] xfs: split valuebuf from xchk_xattr_buf.buf Move the xattr value buffer from somewhere in xchk_xattr_buf.buf[] to an explicit pointer. Signed-off-by: Darrick J. Wong Reviewed-by: Dave Chinner --- fs/xfs/scrub/attr.c | 89 ++++++++++++++++++++++----------------------- fs/xfs/scrub/attr.h | 21 ++--------- 2 files changed, 46 insertions(+), 64 deletions(-) diff --git a/fs/xfs/scrub/attr.c b/fs/xfs/scrub/attr.c index 65ec503c8a38..7f723f206146 100644 --- a/fs/xfs/scrub/attr.c +++ b/fs/xfs/scrub/attr.c @@ -31,6 +31,9 @@ xchk_xattr_buf_cleanup( ab->freemap = NULL; kvfree(ab->usedmap); ab->usedmap = NULL; + kvfree(ab->value); + ab->value = NULL; + ab->value_sz = 0; } /* @@ -44,54 +47,45 @@ xchk_setup_xattr_buf( size_t value_size, gfp_t flags) { - size_t sz = value_size; size_t bmp_sz; struct xchk_xattr_buf *ab = sc->buf; - unsigned long *old_usedmap = NULL; - unsigned long *old_freemap = NULL; + void *new_val; bmp_sz = sizeof(long) * BITS_TO_LONGS(sc->mp->m_attr_geo->blksize); - /* - * If there's already a buffer, figure out if we need to reallocate it - * to accommodate a larger size. - */ - if (ab) { - if (sz <= ab->sz) - return 0; - old_freemap = ab->freemap; - old_usedmap = ab->usedmap; - kvfree(ab); - sc->buf = NULL; - } + if (ab) + goto resize_value; - /* - * Don't zero the buffer upon allocation to avoid runtime overhead. - * All users must be careful never to read uninitialized contents. - */ - ab = kvmalloc(sizeof(*ab) + sz, flags); + ab = kvzalloc(sizeof(struct xchk_xattr_buf), flags); if (!ab) return -ENOMEM; - ab->sz = sz; sc->buf = ab; sc->buf_cleanup = xchk_xattr_buf_cleanup; - if (old_usedmap) { - ab->usedmap = old_usedmap; - } else { - ab->usedmap = kvmalloc(bmp_sz, flags); - if (!ab->usedmap) - return -ENOMEM; + ab->usedmap = kvmalloc(bmp_sz, flags); + if (!ab->usedmap) + return -ENOMEM; + + ab->freemap = kvmalloc(bmp_sz, flags); + if (!ab->freemap) + return -ENOMEM; + +resize_value: + if (ab->value_sz >= value_size) + return 0; + + if (ab->value) { + kvfree(ab->value); + ab->value = NULL; + ab->value_sz = 0; } - if (old_freemap) { - ab->freemap = old_freemap; - } else { - ab->freemap = kvmalloc(bmp_sz, flags); - if (!ab->freemap) - return -ENOMEM; - } + new_val = kvmalloc(value_size, flags); + if (!new_val) + return -ENOMEM; + ab->value = new_val; + ab->value_sz = value_size; return 0; } @@ -140,11 +134,24 @@ xchk_xattr_listent( int namelen, int valuelen) { + struct xfs_da_args args = { + .op_flags = XFS_DA_OP_NOTIME, + .attr_filter = flags & XFS_ATTR_NSP_ONDISK_MASK, + .geo = context->dp->i_mount->m_attr_geo, + .whichfork = XFS_ATTR_FORK, + .dp = context->dp, + .name = name, + .namelen = namelen, + .hashval = xfs_da_hashname(name, namelen), + .trans = context->tp, + .valuelen = valuelen, + }; + struct xchk_xattr_buf *ab; struct xchk_xattr *sx; - struct xfs_da_args args = { NULL }; int error = 0; sx = container_of(context, struct xchk_xattr, context); + ab = sx->sc->buf; if (xchk_should_terminate(sx->sc, &error)) { context->seen_enough = error; @@ -182,17 +189,7 @@ xchk_xattr_listent( return; } - args.op_flags = XFS_DA_OP_NOTIME; - args.attr_filter = flags & XFS_ATTR_NSP_ONDISK_MASK; - args.geo = context->dp->i_mount->m_attr_geo; - args.whichfork = XFS_ATTR_FORK; - args.dp = context->dp; - args.name = name; - args.namelen = namelen; - args.hashval = xfs_da_hashname(args.name, args.namelen); - args.trans = context->tp; - args.value = xchk_xattr_valuebuf(sx->sc); - args.valuelen = valuelen; + args.value = ab->value; error = xfs_attr_get_ilocked(&args); /* ENODATA means the hash lookup failed and the attr is bad */ diff --git a/fs/xfs/scrub/attr.h b/fs/xfs/scrub/attr.h index 525f45815526..3c764722da61 100644 --- a/fs/xfs/scrub/attr.h +++ b/fs/xfs/scrub/attr.h @@ -16,24 +16,9 @@ struct xchk_xattr_buf { /* Bitmap of free space in xattr leaf blocks. */ unsigned long *freemap; - /* Size of @buf, in bytes. */ - size_t sz; - - /* - * Memory buffer -- used for extracting attr values while walking the - * attributes. - */ - uint8_t buf[]; + /* Memory buffer used to extract xattr values. */ + void *value; + size_t value_sz; }; -/* A place to store attribute values. */ -static inline uint8_t * -xchk_xattr_valuebuf( - struct xfs_scrub *sc) -{ - struct xchk_xattr_buf *ab = sc->buf; - - return ab->buf; -} - #endif /* __XFS_SCRUB_ATTR_H__ */ From f58977edc0b50bf6aee5a63bff34581b22b2ce63 Mon Sep 17 00:00:00 2001 From: "Darrick J. Wong" Date: Tue, 11 Apr 2023 19:00:32 -0700 Subject: [PATCH 07/12] xfs: remove flags argument from xchk_setup_xattr_buf All callers pass XCHK_GFP_FLAGS as the flags argument to xchk_setup_xattr_buf, so get rid of the argument. Signed-off-by: Darrick J. Wong Reviewed-by: Dave Chinner --- fs/xfs/scrub/attr.c | 18 ++++++++---------- 1 file changed, 8 insertions(+), 10 deletions(-) diff --git a/fs/xfs/scrub/attr.c b/fs/xfs/scrub/attr.c index 7f723f206146..420166336f56 100644 --- a/fs/xfs/scrub/attr.c +++ b/fs/xfs/scrub/attr.c @@ -44,8 +44,7 @@ xchk_xattr_buf_cleanup( static int xchk_setup_xattr_buf( struct xfs_scrub *sc, - size_t value_size, - gfp_t flags) + size_t value_size) { size_t bmp_sz; struct xchk_xattr_buf *ab = sc->buf; @@ -56,17 +55,17 @@ xchk_setup_xattr_buf( if (ab) goto resize_value; - ab = kvzalloc(sizeof(struct xchk_xattr_buf), flags); + ab = kvzalloc(sizeof(struct xchk_xattr_buf), XCHK_GFP_FLAGS); if (!ab) return -ENOMEM; sc->buf = ab; sc->buf_cleanup = xchk_xattr_buf_cleanup; - ab->usedmap = kvmalloc(bmp_sz, flags); + ab->usedmap = kvmalloc(bmp_sz, XCHK_GFP_FLAGS); if (!ab->usedmap) return -ENOMEM; - ab->freemap = kvmalloc(bmp_sz, flags); + ab->freemap = kvmalloc(bmp_sz, XCHK_GFP_FLAGS); if (!ab->freemap) return -ENOMEM; @@ -80,7 +79,7 @@ xchk_setup_xattr_buf( ab->value_sz = 0; } - new_val = kvmalloc(value_size, flags); + new_val = kvmalloc(value_size, XCHK_GFP_FLAGS); if (!new_val) return -ENOMEM; @@ -102,8 +101,7 @@ xchk_setup_xattr( * without the inode lock held, which means we can sleep. */ if (sc->flags & XCHK_TRY_HARDER) { - error = xchk_setup_xattr_buf(sc, XATTR_SIZE_MAX, - XCHK_GFP_FLAGS); + error = xchk_setup_xattr_buf(sc, XATTR_SIZE_MAX); if (error) return error; } @@ -181,7 +179,7 @@ xchk_xattr_listent( * doesn't work, we overload the seen_enough variable to convey * the error message back to the main scrub function. */ - error = xchk_setup_xattr_buf(sx->sc, valuelen, XCHK_GFP_FLAGS); + error = xchk_setup_xattr_buf(sx->sc, valuelen); if (error == -ENOMEM) error = -EDEADLOCK; if (error) { @@ -354,7 +352,7 @@ xchk_xattr_block( return 0; /* Allocate memory for block usage checking. */ - error = xchk_setup_xattr_buf(ds->sc, 0, XCHK_GFP_FLAGS); + error = xchk_setup_xattr_buf(ds->sc, 0); if (error == -ENOMEM) return -EDEADLOCK; if (error) From 5b02a3e8391c703638c5a97513c353aa0c3fd5b0 Mon Sep 17 00:00:00 2001 From: "Darrick J. Wong" Date: Tue, 11 Apr 2023 19:00:32 -0700 Subject: [PATCH 08/12] xfs: move xattr scrub buffer allocation to top level function Move the xchk_setup_xattr_buf call from xchk_xattr_block to xchk_xattr, since we only need to set up the leaf block bitmaps once. Signed-off-by: Darrick J. Wong Reviewed-by: Dave Chinner --- fs/xfs/scrub/attr.c | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) diff --git a/fs/xfs/scrub/attr.c b/fs/xfs/scrub/attr.c index 420166336f56..b37de9459dc0 100644 --- a/fs/xfs/scrub/attr.c +++ b/fs/xfs/scrub/attr.c @@ -346,18 +346,10 @@ xchk_xattr_block( unsigned int usedbytes = 0; unsigned int hdrsize; int i; - int error; if (*last_checked == blk->blkno) return 0; - /* Allocate memory for block usage checking. */ - error = xchk_setup_xattr_buf(ds->sc, 0); - if (error == -ENOMEM) - return -EDEADLOCK; - if (error) - return error; - *last_checked = blk->blkno; bitmap_zero(ab->usedmap, mp->m_attr_geo->blksize); @@ -507,6 +499,13 @@ xchk_xattr( if (!xfs_inode_hasattr(sc->ip)) return -ENOENT; + /* Allocate memory for xattr checking. */ + error = xchk_setup_xattr_buf(sc, 0); + if (error == -ENOMEM) + return -EDEADLOCK; + if (error) + return error; + memset(&sx, 0, sizeof(sx)); /* Check attribute tree structure */ error = xchk_da_btree(sc, XFS_ATTR_FORK, xchk_xattr_rec, From ae0506eba78fd1d6236b46ca5aa089c8fc6050cf Mon Sep 17 00:00:00 2001 From: "Darrick J. Wong" Date: Tue, 11 Apr 2023 19:00:33 -0700 Subject: [PATCH 09/12] xfs: check used space of shortform xattr structures Make sure that the records used inside a shortform xattr structure do not overlap. Signed-off-by: Darrick J. Wong Reviewed-by: Dave Chinner --- fs/xfs/scrub/attr.c | 79 ++++++++++++++++++++++++++++++++++++++++++--- fs/xfs/scrub/attr.h | 2 +- 2 files changed, 76 insertions(+), 5 deletions(-) diff --git a/fs/xfs/scrub/attr.c b/fs/xfs/scrub/attr.c index b37de9459dc0..a49048f2a3db 100644 --- a/fs/xfs/scrub/attr.c +++ b/fs/xfs/scrub/attr.c @@ -15,6 +15,7 @@ #include "xfs_da_btree.h" #include "xfs_attr.h" #include "xfs_attr_leaf.h" +#include "xfs_attr_sf.h" #include "scrub/scrub.h" #include "scrub/common.h" #include "scrub/dabtree.h" @@ -487,6 +488,73 @@ xchk_xattr_rec( return error; } +/* Check space usage of shortform attrs. */ +STATIC int +xchk_xattr_check_sf( + struct xfs_scrub *sc) +{ + struct xchk_xattr_buf *ab = sc->buf; + struct xfs_attr_shortform *sf; + struct xfs_attr_sf_entry *sfe; + struct xfs_attr_sf_entry *next; + struct xfs_ifork *ifp; + unsigned char *end; + int i; + int error = 0; + + ifp = xfs_ifork_ptr(sc->ip, XFS_ATTR_FORK); + + bitmap_zero(ab->usedmap, ifp->if_bytes); + sf = (struct xfs_attr_shortform *)sc->ip->i_af.if_u1.if_data; + end = (unsigned char *)ifp->if_u1.if_data + ifp->if_bytes; + xchk_xattr_set_map(sc, ab->usedmap, 0, sizeof(sf->hdr)); + + sfe = &sf->list[0]; + if ((unsigned char *)sfe > end) { + xchk_fblock_set_corrupt(sc, XFS_ATTR_FORK, 0); + return 0; + } + + for (i = 0; i < sf->hdr.count; i++) { + unsigned char *name = sfe->nameval; + unsigned char *value = &sfe->nameval[sfe->namelen]; + + if (xchk_should_terminate(sc, &error)) + return error; + + next = xfs_attr_sf_nextentry(sfe); + if ((unsigned char *)next > end) { + xchk_fblock_set_corrupt(sc, XFS_ATTR_FORK, 0); + break; + } + + if (!xchk_xattr_set_map(sc, ab->usedmap, + (char *)sfe - (char *)sf, + sizeof(struct xfs_attr_sf_entry))) { + xchk_fblock_set_corrupt(sc, XFS_ATTR_FORK, 0); + break; + } + + if (!xchk_xattr_set_map(sc, ab->usedmap, + (char *)name - (char *)sf, + sfe->namelen)) { + xchk_fblock_set_corrupt(sc, XFS_ATTR_FORK, 0); + break; + } + + if (!xchk_xattr_set_map(sc, ab->usedmap, + (char *)value - (char *)sf, + sfe->valuelen)) { + xchk_fblock_set_corrupt(sc, XFS_ATTR_FORK, 0); + break; + } + + sfe = next; + } + + return 0; +} + /* Scrub the extended attribute metadata. */ int xchk_xattr( @@ -506,10 +574,12 @@ xchk_xattr( if (error) return error; - memset(&sx, 0, sizeof(sx)); - /* Check attribute tree structure */ - error = xchk_da_btree(sc, XFS_ATTR_FORK, xchk_xattr_rec, - &last_checked); + /* Check the physical structure of the xattr. */ + if (sc->ip->i_af.if_format == XFS_DINODE_FMT_LOCAL) + error = xchk_xattr_check_sf(sc); + else + error = xchk_da_btree(sc, XFS_ATTR_FORK, xchk_xattr_rec, + &last_checked); if (error) goto out; @@ -517,6 +587,7 @@ xchk_xattr( goto out; /* Check that every attr key can also be looked up by hash. */ + memset(&sx, 0, sizeof(sx)); sx.context.dp = sc->ip; sx.context.resynch = 1; sx.context.put_listent = xchk_xattr_listent; diff --git a/fs/xfs/scrub/attr.h b/fs/xfs/scrub/attr.h index 3c764722da61..48fd9402c432 100644 --- a/fs/xfs/scrub/attr.h +++ b/fs/xfs/scrub/attr.h @@ -10,7 +10,7 @@ * Temporary storage for online scrub and repair of extended attributes. */ struct xchk_xattr_buf { - /* Bitmap of used space in xattr leaf blocks. */ + /* Bitmap of used space in xattr leaf blocks and shortform forks. */ unsigned long *usedmap; /* Bitmap of free space in xattr leaf blocks. */ From 6cee51e6d02bac7ee72969aa23e32c9bdcd7bb6e Mon Sep 17 00:00:00 2001 From: "Darrick J. Wong" Date: Tue, 11 Apr 2023 19:00:34 -0700 Subject: [PATCH 10/12] xfs: clean up xattr scrub initialization Clean up local variable initialization and error returns in xchk_xattr. Signed-off-by: Darrick J. Wong Reviewed-by: Dave Chinner --- fs/xfs/scrub/attr.c | 34 +++++++++++++++++----------------- 1 file changed, 17 insertions(+), 17 deletions(-) diff --git a/fs/xfs/scrub/attr.c b/fs/xfs/scrub/attr.c index a49048f2a3db..d2e1856beeb6 100644 --- a/fs/xfs/scrub/attr.c +++ b/fs/xfs/scrub/attr.c @@ -560,7 +560,16 @@ int xchk_xattr( struct xfs_scrub *sc) { - struct xchk_xattr sx; + struct xchk_xattr sx = { + .sc = sc, + .context = { + .dp = sc->ip, + .tp = sc->tp, + .resynch = 1, + .put_listent = xchk_xattr_listent, + .allow_incomplete = true, + }, + }; xfs_dablk_t last_checked = -1U; int error = 0; @@ -581,22 +590,13 @@ xchk_xattr( error = xchk_da_btree(sc, XFS_ATTR_FORK, xchk_xattr_rec, &last_checked); if (error) - goto out; + return error; if (sc->sm->sm_flags & XFS_SCRUB_OFLAG_CORRUPT) - goto out; - - /* Check that every attr key can also be looked up by hash. */ - memset(&sx, 0, sizeof(sx)); - sx.context.dp = sc->ip; - sx.context.resynch = 1; - sx.context.put_listent = xchk_xattr_listent; - sx.context.tp = sc->tp; - sx.context.allow_incomplete = true; - sx.sc = sc; + return 0; /* - * Look up every xattr in this file by name. + * Look up every xattr in this file by name and hash. * * Use the backend implementation of xfs_attr_list to call * xchk_xattr_listent on every attribute key in this inode. @@ -613,11 +613,11 @@ xchk_xattr( */ error = xfs_attr_list_ilocked(&sx.context); if (!xchk_fblock_process_error(sc, XFS_ATTR_FORK, 0, &error)) - goto out; + return error; /* Did our listent function try to return any errors? */ if (sx.context.seen_enough < 0) - error = sx.context.seen_enough; -out: - return error; + return sx.context.seen_enough; + + return 0; } From 674f0d0dc6b5b2228c4e9d597a62d5aa6b54a9c5 Mon Sep 17 00:00:00 2001 From: "Darrick J. Wong" Date: Tue, 11 Apr 2023 19:00:34 -0700 Subject: [PATCH 11/12] xfs: only allocate free space bitmap for xattr scrub if needed The free space bitmap is only required if we're going to check the bestfree space at the end of an xattr leaf block. Therefore, we can reduce the memory requirements of this scrubber if we can determine that the xattr is in short format. Signed-off-by: Darrick J. Wong Reviewed-by: Dave Chinner --- fs/xfs/scrub/attr.c | 31 ++++++++++++++++++++++++++++--- 1 file changed, 28 insertions(+), 3 deletions(-) diff --git a/fs/xfs/scrub/attr.c b/fs/xfs/scrub/attr.c index d2e1856beeb6..2445fe2860ff 100644 --- a/fs/xfs/scrub/attr.c +++ b/fs/xfs/scrub/attr.c @@ -37,6 +37,29 @@ xchk_xattr_buf_cleanup( ab->value_sz = 0; } +/* + * Allocate the free space bitmap if we're trying harder; there are leaf blocks + * in the attr fork; or we can't tell if there are leaf blocks. + */ +static inline bool +xchk_xattr_want_freemap( + struct xfs_scrub *sc) +{ + struct xfs_ifork *ifp; + + if (sc->flags & XCHK_TRY_HARDER) + return true; + + if (!sc->ip) + return true; + + ifp = xfs_ifork_ptr(sc->ip, XFS_ATTR_FORK); + if (!ifp) + return false; + + return xfs_ifork_has_extents(ifp); +} + /* * Allocate enough memory to hold an attr value and attr block bitmaps, * reallocating the buffer if necessary. Buffer contents are not preserved @@ -66,9 +89,11 @@ xchk_setup_xattr_buf( if (!ab->usedmap) return -ENOMEM; - ab->freemap = kvmalloc(bmp_sz, XCHK_GFP_FLAGS); - if (!ab->freemap) - return -ENOMEM; + if (xchk_xattr_want_freemap(sc)) { + ab->freemap = kvmalloc(bmp_sz, XCHK_GFP_FLAGS); + if (!ab->freemap) + return -ENOMEM; + } resize_value: if (ab->value_sz >= value_size) From 44af6c7e59b12d740809cf25a60c9f90f03e6d20 Mon Sep 17 00:00:00 2001 From: "Darrick J. Wong" Date: Tue, 11 Apr 2023 19:00:35 -0700 Subject: [PATCH 12/12] xfs: don't load local xattr values during scrub Local extended attributes store their values within the same leaf block. There's no header for the values themselves, nor are they separately checksummed. Hence we can save a bit of time in the attr scrubber by not wasting time retrieving the values. Regrettably, shortform attributes do not set XFS_ATTR_LOCAL so this offers us no advantage there, but at least there are very few attrs in that case. Signed-off-by: Darrick J. Wong Reviewed-by: Dave Chinner --- fs/xfs/scrub/attr.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/fs/xfs/scrub/attr.c b/fs/xfs/scrub/attr.c index 2445fe2860ff..6c16d9530cca 100644 --- a/fs/xfs/scrub/attr.c +++ b/fs/xfs/scrub/attr.c @@ -200,6 +200,14 @@ xchk_xattr_listent( goto fail_xref; } + /* + * Local xattr values are stored in the attr leaf block, so we don't + * need to retrieve the value from a remote block to detect corruption + * problems. + */ + if (flags & XFS_ATTR_LOCAL) + goto fail_xref; + /* * Try to allocate enough memory to extrat the attr value. If that * doesn't work, we overload the seen_enough variable to convey