From a5d7cf346646cb3d58221d896ed65224a306bf8f Mon Sep 17 00:00:00 2001 From: Kent Overstreet Date: Wed, 27 Nov 2024 21:58:43 -0500 Subject: [PATCH 134/233] bcachefs: Guard against journal seq overflow Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 8bit Wraparound is impractical to handle since in various places we use 0 as a sentinal value - but 64 bits (or 56, because the btree write buffer steals a few bits) is enough for all practical purposes. Reported-by: syzbot+73ed43fbe826227bd4e0@syzkaller.appspotmail.com Signed-off-by: Kent Overstreet Signed-off-by: Alexander Miroshnichenko --- fs/bcachefs/journal.c | 9 +++++++++ fs/bcachefs/journal_types.h | 3 +++ 2 files changed, 12 insertions(+) diff --git a/fs/bcachefs/journal.c b/fs/bcachefs/journal.c index 95cccda3b22c..dc66521964b7 100644 --- a/fs/bcachefs/journal.c +++ b/fs/bcachefs/journal.c @@ -382,6 +382,10 @@ static int journal_entry_open(struct journal *j) if (nr_unwritten_journal_entries(j) == ARRAY_SIZE(j->buf)) return JOURNAL_ERR_max_in_flight; + if (bch2_fs_fatal_err_on(journal_cur_seq(j) >= JOURNAL_SEQ_MAX, + c, "cannot start: journal seq overflow")) + return JOURNAL_ERR_insufficient_devices; /* -EROFS */ + BUG_ON(!j->cur_entry_sectors); buf->expires = @@ -1270,6 +1274,11 @@ int bch2_fs_journal_start(struct journal *j, u64 cur_seq) bool had_entries = false; u64 last_seq = cur_seq, nr, seq; + if (cur_seq >= JOURNAL_SEQ_MAX) { + bch_err(c, "cannot start: journal seq overflow"); + return -EINVAL; + } + genradix_for_each_reverse(&c->journal_entries, iter, _i) { i = *_i; diff --git a/fs/bcachefs/journal_types.h b/fs/bcachefs/journal_types.h index 425d1abb257e..e9bd716fbb71 100644 --- a/fs/bcachefs/journal_types.h +++ b/fs/bcachefs/journal_types.h @@ -9,6 +9,9 @@ #include "super_types.h" #include "fifo.h" +/* btree write buffer steals 8 bits for its own purposes: */ +#define JOURNAL_SEQ_MAX ((1ULL << 56) - 1) + #define JOURNAL_BUF_BITS 2 #define JOURNAL_BUF_NR (1U << JOURNAL_BUF_BITS) #define JOURNAL_BUF_MASK (JOURNAL_BUF_NR - 1) -- 2.45.2