Backport fix for converting 64-bit ext4 filesystems (#1851674)

2020-07-24 09:04:17 -04:00 · 2020-07-24 09:04:17 -04:00 · e4a3d39e87
parent cec386dcf9
commit e4a3d39e87
3 changed files with 165 additions and 1 deletions
--- a/0001-btrfs-progs-convert-prevent-32bit-overflow-for-cctx-.patch
+++ b/0001-btrfs-progs-convert-prevent-32bit-overflow-for-cctx-.patch
@ -0,0 +1,108 @@
+From fe8715e1337a1bad5c49e165ab77c033c334efbc Mon Sep 17 00:00:00 2001
+From: Qu Wenruo <wqu@suse.com>
+Date: Mon, 20 Jul 2020 20:51:08 +0800
+Subject: [PATCH 1/2] btrfs-progs: convert: prevent 32bit overflow for
+ cctx->total_bytes
+
+[BUG]
+When convert is called on a 64GiB ext4 fs, it fails like this:
+
+  $ btrfs-convert  /dev/loop0p1
+  create btrfs filesystem:
+          blocksize: 4096
+          nodesize:  16384
+          features:  extref, skinny-metadata (default)
+          checksum:  crc32c
+  creating ext2 image file
+  ERROR: missing data block for bytenr 1048576
+  ERROR: failed to create ext2_saved/image: -2
+  WARNING: an error occurred during conversion, filesystem is partially created but not finalized and not mountable
+
+Btrfs-convert also corrupts the source fs:
+
+  $ LANG=C e2fsck /dev/loop0p1 -f
+  e2fsck 1.45.6 (20-Mar-2020)
+  Resize inode not valid.  Recreate<y>? yes
+  Pass 1: Checking inodes, blocks, and sizes
+  Deleted inode 3681 has zero dtime.  Fix<y>? yes
+  Inodes that were part of a corrupted orphan linked list found.  Fix<y>? yes
+  Inode 3744 was part of the orphaned inode list.  FIXED.
+  Deleted inode 3745 has zero dtime.  Fix<y>? yes
+  Inode 3747 has INLINE_DATA_FL flag on filesystem without inline data support.
+  Clear<y>? yes
+  ...
+
+[CAUSE]
+After some debugging, the first strange behavior is, the value of
+cctx->total_bytes is 0 in ext2_open_fs().
+
+It turns out that, the value assign for cctx->total_bytes could lead to
+bit overflow for the unsigned int value.
+
+And that 0 cctx->total_bytes leads to various problems for later free
+space calculation.
+For example, in calculate_available_space(), we use cctx->total_bytes to
+ensure we won't create a data chunk beyond device end:
+
+		cue_len = min(cctx->total_bytes - cur_off, cur_len);
+
+If that cur_offset is also 0, we will create a cache_extent with 0 size,
+which could cause a lot of problems for cache tree search.
+
+[FIX]
+Do manual casting for the multiply operation, so we could got a real u64
+result.  The fix will be applied to all supported fses (ext* and
+reiserfs).
+
+Reported-by: Christian Zangl <coralllama@gmail.com>
+Reviewed-by: Nikolay Borisov <nborisov@suse.com>
+Signed-off-by: Qu Wenruo <wqu@suse.com>
+Signed-off-by: David Sterba <dsterba@suse.com>
+(cherry picked from commit 670a19828ad40004d05ad70cdd45d58008d3fb51)
+---
+ convert/main.c            | 1 +
+ convert/source-ext2.c     | 2 +-
+ convert/source-reiserfs.c | 2 +-
+ 3 files changed, 3 insertions(+), 2 deletions(-)
+
+diff --git a/convert/main.c b/convert/main.c
+index 7709e9a6..df6a2ae3 100644
+--- a/convert/main.c
+++ b/convert/main.c
+@@ -1136,6 +1136,7 @@ static int do_convert(const char *devname, u32 convert_flags, u32 nodesize,
+ 	if (ret)
+ 		goto fail;
+ 
+	ASSERT(cctx.total_bytes);
+ 	blocksize = cctx.blocksize;
+ 	total_bytes = (u64)blocksize * (u64)cctx.block_count;
+ 	if (blocksize < 4096) {
+diff --git a/convert/source-ext2.c b/convert/source-ext2.c
+index f11ef651..d73684ef 100644
+--- a/convert/source-ext2.c
+++ b/convert/source-ext2.c
+@@ -87,7 +87,7 @@ static int ext2_open_fs(struct btrfs_convert_context *cctx, const char *name)
+ 	cctx->fs_data = ext2_fs;
+ 	cctx->blocksize = ext2_fs->blocksize;
+ 	cctx->block_count = ext2_fs->super->s_blocks_count;
+-	cctx->total_bytes = ext2_fs->blocksize * ext2_fs->super->s_blocks_count;
+	cctx->total_bytes = (u64)ext2_fs->super->s_blocks_count * ext2_fs->blocksize;
+ 	cctx->volume_name = strndup((char *)ext2_fs->super->s_volume_name, 16);
+ 	cctx->first_data_block = ext2_fs->super->s_first_data_block;
+ 	cctx->inodes_count = ext2_fs->super->s_inodes_count;
+diff --git a/convert/source-reiserfs.c b/convert/source-reiserfs.c
+index 9fd6b9ab..3b4cb5ad 100644
+--- a/convert/source-reiserfs.c
+++ b/convert/source-reiserfs.c
+@@ -82,7 +82,7 @@ static int reiserfs_open_fs(struct btrfs_convert_context *cxt, const char *name)
+ 	cxt->fs_data = fs;
+ 	cxt->blocksize = fs->fs_blocksize;
+ 	cxt->block_count = get_sb_block_count(fs->fs_ondisk_sb);
+-	cxt->total_bytes = cxt->blocksize * cxt->block_count;
+	cxt->total_bytes = (u64)cxt->block_count * cxt->blocksize;
+ 	cxt->volume_name = strndup(fs->fs_ondisk_sb->s_label, 16);
+ 	cxt->first_data_block = 0;
+ 	cxt->inodes_count = reiserfs_count_objectids(fs);
+-- 
+2.26.2
+
--- a/0002-btrfs-progs-tests-add-convert-test-case-for-multiply.patch
+++ b/0002-btrfs-progs-tests-add-convert-test-case-for-multiply.patch
@ -0,0 +1,49 @@
+From 11c4a7b38a6aeef51b075d70e5aca36c42398842 Mon Sep 17 00:00:00 2001
+From: Qu Wenruo <wqu@suse.com>
+Date: Mon, 20 Jul 2020 20:51:09 +0800
+Subject: [PATCH 2/2] btrfs-progs: tests: add convert test case for multiply
+ overflow
+
+The new test case will test whether btrfs-convert can handle 64G ext*
+fs.
+
+This exercise the cctx->total_bytes calculation where multiplying 4K
+(unsigned int) and 16777216 (u32) could lead to bit overflow for
+unsigned int and got 0, and screw up later free space calculation.
+
+Signed-off-by: Qu Wenruo <wqu@suse.com>
+Signed-off-by: David Sterba <dsterba@suse.com>
+(cherry picked from commit 61f41474469b0b0fba9ec1978dfa91d9cbc6c914)
+---
+ .../018-fs-size-overflow/test.sh              | 19 +++++++++++++++++++
+ 1 file changed, 19 insertions(+)
+ create mode 100755 tests/convert-tests/018-fs-size-overflow/test.sh
+
+diff --git a/tests/convert-tests/018-fs-size-overflow/test.sh b/tests/convert-tests/018-fs-size-overflow/test.sh
+new file mode 100755
+index 00000000..d819f695
+--- /dev/null
+++ b/tests/convert-tests/018-fs-size-overflow/test.sh
+@@ -0,0 +1,19 @@
+#!/bin/bash
+# Check if btrfs-convert can handle an ext4 fs whose size is 64G.
+# That fs size could trigger a multiply overflow and screw up free space
+# calculation
+
+source "$TEST_TOP/common"
+source "$TEST_TOP/common.convert"
+
+setup_root_helper
+prepare_test_dev 64g
+check_prereq btrfs-convert
+check_global_prereq mke2fs
+
+convert_test_prep_fs ext4 mke2fs -t ext4 -b 4096
+run_check_umount_test_dev
+
+# Unpatched btrfs-convert would fail half way due to corrupted free space
+# cache tree
+convert_test_do_convert
+-- 
+2.26.2
+
--- a/btrfs-progs.spec
+++ b/btrfs-progs.spec
@ -3,7 +3,7 @@

 Name:           btrfs-progs
 Version:        5.7
-Release:        3%{?dist}
+Release:        4%{?dist}
 Summary:        Userspace programs for btrfs

 License:        GPLv2
@ -11,8 +11,12 @@ URL:            https://btrfs.wiki.kernel.org/index.php/Main_Page
 Source0:        https://www.kernel.org/pub/linux/kernel/people/kdave/%{name}/%{name}-v%{version_no_tilde}.tar.xz

 # Backports from upstream
+## Do not use raid0 by default for mkfs multi-disk (#1855174)
 Patch0001:      0001-btrfs-progs-mkfs-clean-up-default-profile-settings.patch
 Patch0002:      0002-btrfs-progs-mkfs-switch-to-single-as-default-profile.patch
+## Fix convert for 64-bit ext4 filesystems (#1851674)
+Patch0003:      0001-btrfs-progs-convert-prevent-32bit-overflow-for-cctx-.patch
+Patch0004:      0002-btrfs-progs-tests-add-convert-test-case-for-multiply.patch

 BuildRequires:  gcc, autoconf, automake
 BuildRequires:  e2fsprogs-devel, libuuid-devel, zlib-devel, libzstd-devel
@ -146,6 +150,9 @@ popd
 %endif

 %changelog
+* Fri Jul 24 2020 Neal Gompa <ngompa13@gmail.com> - 5.7-4
+- Backport fix for converting 64-bit ext4 filesystems (#1851674)
+
 * Tue Jul 21 2020 Neal Gompa <ngompa13@gmail.com> - 5.7-3
 - Backport fix to not use raid0 by default for mkfs multi-disk (#1855174)