From nobody Thu Dec 30 06:15:18 2021 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 20F911920703; Thu, 30 Dec 2021 06:15:19 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4JPdKy52Ncz3mQ0; Thu, 30 Dec 2021 06:15:18 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 8DB9513CB3; Thu, 30 Dec 2021 06:15:18 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 1BU6FIBk064955; Thu, 30 Dec 2021 06:15:18 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 1BU6FIe6064954; Thu, 30 Dec 2021 06:15:18 GMT (envelope-from git) Date: Thu, 30 Dec 2021 06:15:18 GMT Message-Id: <202112300615.1BU6FIe6064954@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Fedor Uporov Subject: git: bb9f1ba4b55c - main - Add more accurate directory entries check List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-all@freebsd.org X-BeenThere: dev-commits-src-all@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: fsu X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: bb9f1ba4b55c1f566d59cc7c7d1d28dd37715984 Auto-Submitted: auto-generated ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1640844918; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=VnhEHY5ulHT/6+iy9zY+NaX2j2OS5kLhw9zAn8VEkSM=; b=kGrJS04FlyKW306zCZ5m9OyHfXbI6DgG3xUGfCSIlDplsZpn3YiCycfzSZ2lbPIdMXfzk/ 0H3tvwvq6ViO/0WNTOZzBpc8UW/y7VU9n9j0HzH/B5jcQ3wC0g83WkrQBRq4qX5PaB5fwa 9cRrHJADhNG+1ChDNOEmWijqvWZA7vjjp6hLwu7d5tp0iKse0KJhMk9gArWzj37z24ISOp FIW5DiPxTmW+Iexxi0MHgFGaXJB6ZLTMWF9iLTHFuxsEZiFBmLoTy1JrSKp/Bj4nggKGeN 6Tsbl7ibgMXPb9VGtJ+93G8KvSo+0fvkoK+27CoBhEiv8ATNQADZvElSQDX8aw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1640844918; a=rsa-sha256; cv=none; b=VvnYG1sDKe8ygxRwXiA/P/YwIyReD3AXsfIIT8OkxIhn2a+hlUQe9bZHRjmn/j2FySz+Fy nTwdzB7CT2VsMfhfUceEi5TjXy5vL0mZ6Fz0+bgzrkJWk5rUigsVm3CpOz5vaGMz4Rx1q0 6IvM4YVKMcDkgym/F1YjwldD/+Ih0kRgegCSXqNHBNSiypXgaiJniWiIjO2I1WA7DhMvn7 2CJidRlBoNSMZ+adv6MpPM4Z/ly60gfM+B902ZKS4hKambBPVgXzJmTqJVeWLOdNM0srw3 L7WMYPZ/aSZbY8bXkb6UfRWpa1haJtp9wkB5D5XdOpqQEudCzWAydxZXW3aFJw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N The branch main has been updated by fsu: URL: https://cgit.FreeBSD.org/src/commit/?id=bb9f1ba4b55c1f566d59cc7c7d1d28dd37715984 commit bb9f1ba4b55c1f566d59cc7c7d1d28dd37715984 Author: Fedor Uporov AuthorDate: 2021-10-29 12:45:50 +0000 Commit: Fedor Uporov CommitDate: 2021-12-30 06:14:44 +0000 Add more accurate directory entries check Rename ext2_dirbadentry() to ext2_check_direntry(). Add directory entry inode value check, and call ext2_check_direntry() in all cases. The dirchk sysctl is removed. PR: 259024,259041 Reported by: Robert Morris Reviewed by: pfg MFC after: 2 weeks Differential Revision: https://reviews.freebsd.org/D33374 --- sys/fs/ext2fs/ext2_lookup.c | 39 ++++++++++----------------------------- 1 file changed, 10 insertions(+), 29 deletions(-) diff --git a/sys/fs/ext2fs/ext2_lookup.c b/sys/fs/ext2fs/ext2_lookup.c index 3294ad3401ff..a8e28e24f9e2 100644 --- a/sys/fs/ext2fs/ext2_lookup.c +++ b/sys/fs/ext2fs/ext2_lookup.c @@ -79,15 +79,8 @@ SDT_PROBE_DEFINE4(ext2fs, , trace, ext2_dirbad_error, SDT_PROBE_DEFINE5(ext2fs, , trace, ext2_dirbadentry_error, "char*", "int", "uint32_t", "uint16_t", "uint8_t"); -#ifdef INVARIANTS -static int dirchk = 1; -#else -static int dirchk = 0; -#endif - static SYSCTL_NODE(_vfs, OID_AUTO, e2fs, CTLFLAG_RD | CTLFLAG_MPSAFE, 0, "EXT2FS filesystem"); -SYSCTL_INT(_vfs_e2fs, OID_AUTO, dircheck, CTLFLAG_RW, &dirchk, 0, ""); /* DIRBLKSIZE in ffs is DEV_BSIZE (in most cases 512) @@ -129,8 +122,8 @@ static u_char dt_to_ext2_ft[] = { #define DTTOFT(dt) \ ((dt) < nitems(dt_to_ext2_ft) ? dt_to_ext2_ft[(dt)] : EXT2_FT_UNKNOWN) -static int ext2_dirbadentry(struct vnode *dp, struct ext2fs_direct_2 *de, - int entryoffsetinblock); +static int ext2_check_direntry(struct vnode *dp, + struct ext2fs_direct_2 *de, int entryoffsetinblock); static int ext2_is_dot_entry(struct componentname *cnp); static int ext2_lookup_ino(struct vnode *vdp, struct vnode **vpp, struct componentname *cnp, ino_t *dd_ino); @@ -734,20 +727,14 @@ ext2_search_dirblock(struct inode *ip, void *data, int *foundp, ep = (struct ext2fs_direct_2 *)((char *)data + offset); top = (struct ext2fs_direct_2 *)((char *)data + bsize); while (ep < top) { - /* - * Full validation checks are slow, so we only check - * enough to insure forward progress through the - * directory. Complete checks can be run by setting - * "vfs.e2fs.dirchk" to be true. - */ - if (le16toh(ep->e2d_reclen) == 0 || - (dirchk && ext2_dirbadentry(vdp, ep, offset))) { + if (ext2_check_direntry(vdp, ep, offset)) { int i; ext2_dirbad(ip, *offp, "mangled entry"); i = bsize - (offset & (bsize - 1)); *offp += i; offset += i; + ep = (struct ext2fs_direct_2 *)((char *)data + offset); continue; } @@ -836,15 +823,11 @@ ext2_dirbad(struct inode *ip, doff_t offset, char *how) * name is not longer than MAXNAMLEN * name must be as long as advertised, and null terminated */ -/* - * changed so that it confirms to ext2_check_dir_entry - */ static int -ext2_dirbadentry(struct vnode *dp, struct ext2fs_direct_2 *de, +ext2_check_direntry(struct vnode *dp, struct ext2fs_direct_2 *de, int entryoffsetinblock) { - int DIRBLKSIZ = VTOI(dp)->i_e2fs->e2fs_bsize; - + struct m_ext2fs *fs = VTOI(dp)->i_e2fs; char *error_msg = NULL; if (le16toh(de->e2d_reclen) < EXT2_DIR_REC_LEN(1)) @@ -853,12 +836,10 @@ ext2_dirbadentry(struct vnode *dp, struct ext2fs_direct_2 *de, error_msg = "rec_len % 4 != 0"; else if (le16toh(de->e2d_reclen) < EXT2_DIR_REC_LEN(de->e2d_namlen)) error_msg = "reclen is too small for name_len"; - else if (entryoffsetinblock + le16toh(de->e2d_reclen)> DIRBLKSIZ) + else if (entryoffsetinblock + le16toh(de->e2d_reclen)> fs->e2fs_bsize) error_msg = "directory entry across blocks"; - /* else LATER - if (de->inode > dir->i_sb->u.ext2_sb.s_es->s_inodes_count) - error_msg = "inode out of bounds"; - */ + else if (le32toh(de->e2d_ino) > fs->e2fs->e2fs_icount) + error_msg = "directory entry inode out of bounds"; if (error_msg != NULL) { SDT_PROBE5(ext2fs, , trace, ext2_dirbadentry_error, @@ -866,7 +847,7 @@ ext2_dirbadentry(struct vnode *dp, struct ext2fs_direct_2 *de, le32toh(de->e2d_ino), le16toh(de->e2d_reclen), de->e2d_namlen); } - return (error_msg == NULL ? 0 : 1); + return (error_msg == NULL ? 0 : EINVAL); } /*