[lvc-project] [PATCH 1/2] ocfs2: add extra consistency checks for chain allocator dinodes
Joseph Qi
joseph.qi at linux.alibaba.com
Wed Oct 29 12:39:06 MSK 2025
On 2025/10/29 13:53, Dmitry Antipov wrote:
> When validating chain allocator dinode in 'ocfs2_validate_inode_block()',
> add an extra checks whether a) the maximum amount of chain records in
> 'struct ocfs2_chain_list' matches the value calculated based on the
> filesystem block size, and b) the next free slot index is within the
> valid range.
>
> Reported-by: syzbot+77026564530dbc29b854 at syzkaller.appspotmail.com
> Closes: https://syzkaller.appspot.com/bug?extid=77026564530dbc29b854
> Reported-by: syzbot+5054473a31f78f735416 at syzkaller.appspotmail.com
> Closes: https://syzkaller.appspot.com/bug?extid=5054473a31f78f735416
> Suggested-by: Joseph Qi <joseph.qi at linux.alibaba.com>
> Signed-off-by: Dmitry Antipov <dmantipov at yandex.ru>
Reviewed-by: Joseph Qi <joseph.qi at linux.alibaba.com>
> ---
> fs/ocfs2/inode.c | 17 +++++++++++++++++
> 1 file changed, 17 insertions(+)
>
> diff --git a/fs/ocfs2/inode.c b/fs/ocfs2/inode.c
> index fcc89856ab95..1b6bdd9d7755 100644
> --- a/fs/ocfs2/inode.c
> +++ b/fs/ocfs2/inode.c
> @@ -1503,6 +1503,23 @@ int ocfs2_validate_inode_block(struct super_block *sb,
> goto bail;
> }
>
> + if (le32_to_cpu(di->i_flags) & OCFS2_CHAIN_FL) {
> + struct ocfs2_chain_list *cl = &di->id2.i_chain;
> +
> + if (le16_to_cpu(cl->cl_count) != ocfs2_chain_recs_per_inode(sb)) {
> + rc = ocfs2_error(sb, "Invalid dinode %llu: chain list count %u\n",
> + (unsigned long long)bh->b_blocknr,
> + le16_to_cpu(cl->cl_count));
> + goto bail;
> + }
> + if (le16_to_cpu(cl->cl_next_free_rec) > le16_to_cpu(cl->cl_count)) {
> + rc = ocfs2_error(sb, "Invalid dinode %llu: chain list index %u\n",
> + (unsigned long long)bh->b_blocknr,
> + le16_to_cpu(cl->cl_next_free_rec));
> + goto bail;
> + }
> + }
> +
> rc = 0;
>
> bail:
More information about the lvc-project
mailing list