releases/5.12.11/btrfs-promote-debugging-asserts-to-full-fledged-checks-in-validate_super.patch - pub/scm/linux/kernel/git/stable/stable-queue - Git at Google

 From aefd7f7065567a4666f42c0fc8cdb379d2e036bf Mon Sep 17 00:00:00 2001
 From: Nikolay Borisov <nborisov@suse.com>
 Date: Mon, 31 May 2021 12:26:01 +0300
 Subject: btrfs: promote debugging asserts to full-fledged checks in validate_super

 From: Nikolay Borisov <nborisov@suse.com>

 commit aefd7f7065567a4666f42c0fc8cdb379d2e036bf upstream.

 Syzbot managed to trigger this assert while performing its fuzzing.
 Turns out it's better to have those asserts turned into full-fledged
 checks so that in case buggy btrfs images are mounted the users gets
 an error and mounting is stopped. Alternatively with CONFIG_BTRFS_ASSERT
 disabled such image would have been erroneously allowed to be mounted.

 Reported-by: syzbot+a6bf271c02e4fe66b4e4@syzkaller.appspotmail.com
 CC: stable@vger.kernel.org # 5.4+
 Reviewed-by: Johannes Thumshirn <johannes.thumshirn@wdc.com>
 Reviewed-by: Qu Wenruo <wqu@suse.com>
 Signed-off-by: Nikolay Borisov <nborisov@suse.com>
 Reviewed-by: David Sterba <dsterba@suse.com>
 [ add uuids to the messages ]
 Signed-off-by: David Sterba <dsterba@suse.com>
 Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 ---
  fs/btrfs/disk-io.c |   26 ++++++++++++++++++--------
  1 file changed, 18 insertions(+), 8 deletions(-)

 --- a/fs/btrfs/disk-io.c
 +++ b/fs/btrfs/disk-io.c
 @@ -2558,6 +2558,24 @@ static int validate_super(struct btrfs_f
  		ret = -EINVAL;
  	}

 +	if (memcmp(fs_info->fs_devices->fsid, fs_info->super_copy->fsid,
 +		   BTRFS_FSID_SIZE)) {
 +		btrfs_err(fs_info,
 +		"superblock fsid doesn't match fsid of fs_devices: %pU != %pU",
 +			fs_info->super_copy->fsid, fs_info->fs_devices->fsid);
 +		ret = -EINVAL;
 +	}
 +
 +	if (btrfs_fs_incompat(fs_info, METADATA_UUID) &&
 +	    memcmp(fs_info->fs_devices->metadata_uuid,
 +		   fs_info->super_copy->metadata_uuid, BTRFS_FSID_SIZE)) {
 +		btrfs_err(fs_info,
 +"superblock metadata_uuid doesn't match metadata uuid of fs_devices: %pU != %pU",
 +			fs_info->super_copy->metadata_uuid,
 +			fs_info->fs_devices->metadata_uuid);
 +		ret = -EINVAL;
 +	}
 +
  	if (memcmp(fs_info->fs_devices->metadata_uuid, sb->dev_item.fsid,
  		   BTRFS_FSID_SIZE) != 0) {
  		btrfs_err(fs_info,
 @@ -3185,14 +3203,6 @@ int __cold open_ctree(struct super_block

  	disk_super = fs_info->super_copy;

 -	ASSERT(!memcmp(fs_info->fs_devices->fsid, fs_info->super_copy->fsid,
 -		       BTRFS_FSID_SIZE));
 -
 -	if (btrfs_fs_incompat(fs_info, METADATA_UUID)) {
 -		ASSERT(!memcmp(fs_info->fs_devices->metadata_uuid,
 -				fs_info->super_copy->metadata_uuid,
 -				BTRFS_FSID_SIZE));
 -	}

  	features = btrfs_super_flags(disk_super);
  	if (features & BTRFS_SUPER_FLAG_CHANGING_FSID_V2) {
	From aefd7f7065567a4666f42c0fc8cdb379d2e036bf Mon Sep 17 00:00:00 2001
	From: Nikolay Borisov <nborisov@suse.com>
	Date: Mon, 31 May 2021 12:26:01 +0300
	Subject: btrfs: promote debugging asserts to full-fledged checks in validate_super

	From: Nikolay Borisov <nborisov@suse.com>

	commit aefd7f7065567a4666f42c0fc8cdb379d2e036bf upstream.

	Syzbot managed to trigger this assert while performing its fuzzing.
	Turns out it's better to have those asserts turned into full-fledged
	checks so that in case buggy btrfs images are mounted the users gets
	an error and mounting is stopped. Alternatively with CONFIG_BTRFS_ASSERT
	disabled such image would have been erroneously allowed to be mounted.

	Reported-by: syzbot+a6bf271c02e4fe66b4e4@syzkaller.appspotmail.com
	CC: stable@vger.kernel.org # 5.4+
	Reviewed-by: Johannes Thumshirn <johannes.thumshirn@wdc.com>
	Reviewed-by: Qu Wenruo <wqu@suse.com>
	Signed-off-by: Nikolay Borisov <nborisov@suse.com>
	Reviewed-by: David Sterba <dsterba@suse.com>
	[ add uuids to the messages ]
	Signed-off-by: David Sterba <dsterba@suse.com>
	Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	---
	fs/btrfs/disk-io.c \| 26 ++++++++++++++++++--------
	1 file changed, 18 insertions(+), 8 deletions(-)

	--- a/fs/btrfs/disk-io.c
	+++ b/fs/btrfs/disk-io.c
	@@ -2558,6 +2558,24 @@ static int validate_super(struct btrfs_f
	ret = -EINVAL;
	}

	+ if (memcmp(fs_info->fs_devices->fsid, fs_info->super_copy->fsid,
	+ BTRFS_FSID_SIZE)) {
	+ btrfs_err(fs_info,
	+ "superblock fsid doesn't match fsid of fs_devices: %pU != %pU",
	+ fs_info->super_copy->fsid, fs_info->fs_devices->fsid);
	+ ret = -EINVAL;
	+ }
	+
	+ if (btrfs_fs_incompat(fs_info, METADATA_UUID) &&
	+ memcmp(fs_info->fs_devices->metadata_uuid,
	+ fs_info->super_copy->metadata_uuid, BTRFS_FSID_SIZE)) {
	+ btrfs_err(fs_info,
	+"superblock metadata_uuid doesn't match metadata uuid of fs_devices: %pU != %pU",
	+ fs_info->super_copy->metadata_uuid,
	+ fs_info->fs_devices->metadata_uuid);
	+ ret = -EINVAL;
	+ }
	+
	if (memcmp(fs_info->fs_devices->metadata_uuid, sb->dev_item.fsid,
	BTRFS_FSID_SIZE) != 0) {
	btrfs_err(fs_info,
	@@ -3185,14 +3203,6 @@ int __cold open_ctree(struct super_block

	disk_super = fs_info->super_copy;

	- ASSERT(!memcmp(fs_info->fs_devices->fsid, fs_info->super_copy->fsid,
	- BTRFS_FSID_SIZE));
	-
	- if (btrfs_fs_incompat(fs_info, METADATA_UUID)) {
	- ASSERT(!memcmp(fs_info->fs_devices->metadata_uuid,
	- fs_info->super_copy->metadata_uuid,
	- BTRFS_FSID_SIZE));
	- }

	features = btrfs_super_flags(disk_super);
	if (features & BTRFS_SUPER_FLAG_CHANGING_FSID_V2) {