8f81113021
[BUG] When a special image (diverted from fsck/012) has its unused slots (slot number >= nritems) with garbage, lowmem mode btrfs check can crash: (gdb) run check --mode=lowmem ~/downloads/good.img.restored Starting program: /home/adam/btrfs/btrfs-progs/btrfs check --mode=lowmem ~/downloads/good.img.restored ... ERROR: root 5 INODE[5044031582654955520] nlink(257228800) not equal to inode_refs(0) ERROR: root 5 INODE[5044031582654955520] nbytes 474624 not equal to extent_size 0 Program received signal SIGSEGV, Segmentation fault. 0x0000555555639b11 in btrfs_inode_size (eb=0x5555558a7540, s=0x642e6cd1) at ./kernel-shared/ctree.h:1703 1703 BTRFS_SETGET_FUNCS(inode_size, struct btrfs_inode_item, size, 64); (gdb) bt #0 0x0000555555639b11 in btrfs_inode_size (eb=0x5555558a7540, s=0x642e6cd1) at ./kernel-shared/ctree.h:1703 #1 0x0000555555641544 in check_inode_item (root=0x5555556c2290, path=0x7fffffffd960) at check/mode-lowmem.c:2628 [CAUSE] At check_inode_item() we have path->slot[0] at 29, while the tree block only has 26 items. This happens because two reasons: - btrfs_next_item() never reverts its slots Even if we failed to read next leaf. - check_inode_item() doesn't inform the caller that a fatal error happened In check_inode_item(), if btrfs_next_item() failed, it goes to out label, which doesn't really set @err properly. This means, when check_inode_item() fails at btrfs_next_item(), it will increase path->slots[0], while it's already beyond current tree block nritems. When the slot increases furthermore, and if the unused item slots have some garbage, we will get invalid btrfs_item_ptr() result, and causing above segfault. [FIX] Fix the problems by two ways: - Make btrfs_next_item() to revert its path->slots[0] on failure - Properly detect fatal error from check_inode_item() By this, we will no longer crash on the crafted image. Reported-by: Wang Yugui <wangyugui@e16-tech.com> Issue: #412 Signed-off-by: Qu Wenruo <wqu@suse.com> Signed-off-by: David Sterba <dsterba@suse.com> |
||
---|---|---|
check | ||
ci | ||
cmds | ||
common | ||
convert | ||
crypto | ||
Documentation | ||
image | ||
kernel-lib | ||
kernel-shared | ||
libbtrfs | ||
libbtrfsutil | ||
m4 | ||
mkfs | ||
tests | ||
.editorconfig | ||
.gitignore | ||
64-btrfs-dm.rules | ||
autogen.sh | ||
btrfs-completion | ||
btrfs-corrupt-block.c | ||
btrfs-crc.c | ||
btrfs-debugfs | ||
btrfs-find-root.c | ||
btrfs-fragments.c | ||
btrfs-map-logical.c | ||
btrfs-sb-mod.c | ||
btrfs-select-super.c | ||
btrfs.c | ||
btrfstune.c | ||
CHANGES | ||
configure.ac | ||
COPYING | ||
fsck.btrfs | ||
INSTALL | ||
ioctl.h | ||
kerncompat.h | ||
libbtrfs.sym | ||
Makefile | ||
Makefile.extrawarn | ||
Makefile.inc.in | ||
quick-test.c | ||
random-test.c | ||
README.md | ||
show-blocks | ||
VERSION | ||
version.h.in |
Btrfs-progs
Userspace utilities to manage btrfs filesystems. License: GPLv2.
Btrfs is a copy on write (COW) filesystem for Linux aimed at implementing advanced features while focusing on fault tolerance, repair and easy administration.
This repository hosts following utilities:
- btrfs — the main administration tool (manual page)
- mkfs.btrfs — utility to create the filesystem (manual page)
- all-in-one binary in the busybox style with mkfs.btrfs, btrfs-image and other tools built-in (standalone tools)
- libbtrfsutil (LGPL v2.1) — C and python 3 bindings, see libbtrfsutil/README.md for more
See INSTALL for build instructions and tests/README.md for testing information.
Release cycle
The major version releases are time-based and follow the cycle of the linux kernel releases. The cycle usually takes 2 months. A minor version releases may happen in the meantime if there are bug fixes or minor useful improvements queued.
The release tags are signed with a GPG key ID F2B4 1200 C54E FB30 380C 1756 C565 D5F9 D76D 583B
,
release tarballs are hosted at kernel.org.
See file CHANGES or changelogs on wiki.
Reporting bugs
There are several ways, each has its own specifics and audience that can give feedback or work on a fix. The following list is sorted in the order of preference:
- github issue tracker
- to the mailing list linux-btrfs@vger.kernel.org -- (not required to subscribe), beware that the mail might get overlooked in other traffic
- IRC (irc.freenode.net #btrfs) -- good for discussions eg. if a bug is already known, but reports could miss developers' attention
- bugzilla.kernel.org -- (requires registration), set the product to Filesystems and component Btrfs, please put 'btrfs-progs' into the subject so it's clear that it's not a kernel bug report
Development
The patch submissions, development or general discussions take place at linux-btrfs@vger.kernel.org mailinglist, subsciption is not required to post.
The GitHub pull requests will not be accepted directly, the preferred way is to send patches to the mailinglist instead. You can link to a branch in any git repository if the mails do not make it to the mailinglist or just for convenience (makes it easier to test).
The development model of btrfs-progs shares a lot with the kernel model. The github way is different in some ways. We, the upstream community, expect that the patches meet some criteria (often lacking in github contributions):
- one logical change per patch: eg. not mixing bugfixes, cleanups, features etc., sometimes it's not clear and will be usually pointed out during reviews
- proper subject line: eg. prefix with btrfs-progs: subpart, ... ,
descriptive yet not too long, see
git log --oneline
for some inspiration - proper changelog: the changelogs are often missing or lacking explanation why the change was made, or how is something broken, what are user-visible effects of the bug or the fix, how does an improvement help or the intended usecase
- the Signed-off-by line: this documents who authored the change, you can read
more about the
The Developer's Certificate of Origin (chapter 11)
- if you are not used to the signed-off style, your contributions won't be rejected just because of it's missing, the Author: tag will be added as a substitute in order to allow contributions without much bothering with formalities
Source code coding style and preferences follow the
kernel coding style.
You can find the editor settings in .editorconfig
and use the
EditorConfig plugin to let your editor use that,
or update your editor settings manually.
Testing
The testing documentation can be found in tests/ and continuous integration/container images in ci/.
Documentation updates
Documentation fixes or updates do not need much explanation so sticking to the code rules in the previous section is not necessary. GitHub pull requests are OK, patches could be sent to me directly and not required to be also in the mailinglist. Pointing out typos via IRC also works, although might get accidentally lost in the noise.
Third-party sources
Build dependencies are listed in INSTALL. Implementation of checksum/hash functions is provided by copies of the respective sources to avoid adding dependencies that would make deployments in rescure or limited environments harder. The implementations are portable and not optimized for speed nor accelerated. Optionally it's possible to use libgcrypt, libsodium or libkcapi implementations.
- CRC32C: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/
- XXHASH: https://github.com/Cyan4973/xxHash
- SHA256: https://tools.ietf.org/html/rfc4634
- BLAKE2: https://github.com/BLAKE2/BLAKE2