Commit d7f1f458 authored by Anand Jain's avatar Anand Jain Committed by Connor Kuehl

btrfs: merge btrfs_find_device and find_device

CVE-2019-18885

Both btrfs_find_device() and find_device() does the same thing except
that the latter does not take the seed device onto account in the device
scanning context. We can merge them.
Signed-off-by: default avatarAnand Jain <anand.jain@oracle.com>
Reviewed-by: default avatarDavid Sterba <dsterba@suse.com>
Signed-off-by: default avatarDavid Sterba <dsterba@suse.com>
(backported from commit 09ba3bc9)
[ Connor Kuehl: these functions still pass the root pointer as an
  argument instead of a `struct btrfs_fs_info *` so pass in the
  fs_devices object by accessing it through the root pointer. ]
Signed-off-by: default avatarConnor Kuehl <connor.kuehl@canonical.com>
Acked-by: default avatarMarcelo Henrique Cerri <marcelo.cerri@canonical.com>
Acked-by: default avatarStefan Bader <stefan.bader@canonical.com>
Signed-off-by: default avatarKleber Sacilotto de Souza <kleber.souza@canonical.com>
parent b2cf186e
...@@ -136,10 +136,10 @@ int btrfs_init_dev_replace(struct btrfs_fs_info *fs_info) ...@@ -136,10 +136,10 @@ int btrfs_init_dev_replace(struct btrfs_fs_info *fs_info)
case BTRFS_IOCTL_DEV_REPLACE_STATE_STARTED: case BTRFS_IOCTL_DEV_REPLACE_STATE_STARTED:
case BTRFS_IOCTL_DEV_REPLACE_STATE_SUSPENDED: case BTRFS_IOCTL_DEV_REPLACE_STATE_SUSPENDED:
dev_replace->srcdev = btrfs_find_device(fs_info->fs_devices, dev_replace->srcdev = btrfs_find_device(fs_info->fs_devices,
src_devid, NULL, NULL); src_devid, NULL, NULL, true);
dev_replace->tgtdev = btrfs_find_device(fs_info->fs_devices, dev_replace->tgtdev = btrfs_find_device(fs_info->fs_devices,
BTRFS_DEV_REPLACE_DEVID, BTRFS_DEV_REPLACE_DEVID,
NULL, NULL); NULL, NULL, true);
/* /*
* allow 'btrfs dev replace_cancel' if src/tgt device is * allow 'btrfs dev replace_cancel' if src/tgt device is
* missing * missing
...@@ -647,8 +647,8 @@ static int btrfs_dev_replace_find_srcdev(struct btrfs_root *root, u64 srcdevid, ...@@ -647,8 +647,8 @@ static int btrfs_dev_replace_find_srcdev(struct btrfs_root *root, u64 srcdevid,
if (srcdevid) { if (srcdevid) {
ret = 0; ret = 0;
*device = btrfs_find_device(root->fs_info, srcdevid, NULL, *device = btrfs_find_device(root->fs_info->fs_devices, srcdevid,
NULL); NULL, NULL, false);
if (!*device) if (!*device)
ret = -ENOENT; ret = -ENOENT;
} else { } else {
......
...@@ -1530,7 +1530,7 @@ static noinline int btrfs_ioctl_resize(struct file *file, ...@@ -1530,7 +1530,7 @@ static noinline int btrfs_ioctl_resize(struct file *file,
btrfs_info(root->fs_info, "resizing devid %llu", devid); btrfs_info(root->fs_info, "resizing devid %llu", devid);
} }
device = btrfs_find_device(root->fs_info->fs_devices, devid, NULL, NULL); device = btrfs_find_device(root->fs_info->fs_devices, devid, NULL, NULL, true);
if (!device) { if (!device) {
btrfs_info(root->fs_info, "resizer unable to find device %llu", btrfs_info(root->fs_info, "resizer unable to find device %llu",
devid); devid);
...@@ -2772,7 +2772,8 @@ static long btrfs_ioctl_dev_info(struct btrfs_root *root, void __user *arg) ...@@ -2772,7 +2772,8 @@ static long btrfs_ioctl_dev_info(struct btrfs_root *root, void __user *arg)
s_uuid = di_args->uuid; s_uuid = di_args->uuid;
mutex_lock(&fs_devices->device_list_mutex); mutex_lock(&fs_devices->device_list_mutex);
dev = btrfs_find_device(fs_devices, di_args->devid, s_uuid, NULL); dev = btrfs_find_device(fs_devices, di_args->devid, s_uuid,
NULL, true);
if (!dev) { if (!dev) {
ret = -ENODEV; ret = -ENODEV;
......
...@@ -3836,7 +3836,7 @@ int btrfs_scrub_dev(struct btrfs_fs_info *fs_info, u64 devid, u64 start, ...@@ -3836,7 +3836,7 @@ int btrfs_scrub_dev(struct btrfs_fs_info *fs_info, u64 devid, u64 start,
mutex_lock(&fs_info->fs_devices->device_list_mutex); mutex_lock(&fs_info->fs_devices->device_list_mutex);
dev = btrfs_find_device(fs_info->fs_devices, devid, NULL, NULL); dev = btrfs_find_device(fs_info->fs_devices, devid, NULL, NULL, true);
if (!dev || (dev->missing && !is_dev_replace)) { if (!dev || (dev->missing && !is_dev_replace)) {
mutex_unlock(&fs_info->fs_devices->device_list_mutex); mutex_unlock(&fs_info->fs_devices->device_list_mutex);
return -ENODEV; return -ENODEV;
...@@ -4005,7 +4005,7 @@ int btrfs_scrub_progress(struct btrfs_root *root, u64 devid, ...@@ -4005,7 +4005,7 @@ int btrfs_scrub_progress(struct btrfs_root *root, u64 devid,
struct scrub_ctx *sctx = NULL; struct scrub_ctx *sctx = NULL;
mutex_lock(&root->fs_info->fs_devices->device_list_mutex); mutex_lock(&root->fs_info->fs_devices->device_list_mutex);
dev = btrfs_find_device(root->fs_info->fs_devices, devid, NULL, NULL); dev = btrfs_find_device(root->fs_info->fs_devices, devid, NULL, NULL, true);
if (dev) if (dev)
sctx = dev->scrub_device; sctx = dev->scrub_device;
if (sctx) if (sctx)
......
...@@ -608,8 +608,8 @@ static noinline int device_list_add(const char *path, ...@@ -608,8 +608,8 @@ static noinline int device_list_add(const char *path,
device = NULL; device = NULL;
} else { } else {
device = __find_device(&fs_devices->devices, devid, device = btrfs_find_device(fs_devices, devid,
disk_super->dev_item.uuid); disk_super->dev_item.uuid, NULL, false);
} }
if (!device) { if (!device) {
...@@ -1779,7 +1779,7 @@ int btrfs_rm_device(struct btrfs_root *root, char *device_path) ...@@ -1779,7 +1779,7 @@ int btrfs_rm_device(struct btrfs_root *root, char *device_path)
devid = btrfs_stack_device_id(&disk_super->dev_item); devid = btrfs_stack_device_id(&disk_super->dev_item);
dev_uuid = disk_super->dev_item.uuid; dev_uuid = disk_super->dev_item.uuid;
device = btrfs_find_device(root->fs_info->fs_devices, devid, dev_uuid, device = btrfs_find_device(root->fs_info->fs_devices, devid, dev_uuid,
disk_super->fsid); disk_super->fsid, true);
if (!device) { if (!device) {
ret = -ENOENT; ret = -ENOENT;
goto error_brelse; goto error_brelse;
...@@ -2063,7 +2063,7 @@ static int btrfs_find_device_by_path(struct btrfs_root *root, char *device_path, ...@@ -2063,7 +2063,7 @@ static int btrfs_find_device_by_path(struct btrfs_root *root, char *device_path,
devid = btrfs_stack_device_id(&disk_super->dev_item); devid = btrfs_stack_device_id(&disk_super->dev_item);
dev_uuid = disk_super->dev_item.uuid; dev_uuid = disk_super->dev_item.uuid;
*device = btrfs_find_device(root->fs_info->fs_devices, devid, dev_uuid, *device = btrfs_find_device(root->fs_info->fs_devices, devid, dev_uuid,
disk_super->fsid); disk_super->fsid, true);
brelse(bh); brelse(bh);
if (!*device) if (!*device)
ret = -ENOENT; ret = -ENOENT;
...@@ -2219,9 +2219,9 @@ static int btrfs_finish_sprout(struct btrfs_trans_handle *trans, ...@@ -2219,9 +2219,9 @@ static int btrfs_finish_sprout(struct btrfs_trans_handle *trans,
read_extent_buffer(leaf, dev_uuid, btrfs_device_uuid(dev_item), read_extent_buffer(leaf, dev_uuid, btrfs_device_uuid(dev_item),
BTRFS_UUID_SIZE); BTRFS_UUID_SIZE);
read_extent_buffer(leaf, fs_uuid, btrfs_device_fsid(dev_item), read_extent_buffer(leaf, fs_uuid, btrfs_device_fsid(dev_item),
BTRFS_UUID_SIZE); BTRFS_FSID_SIZE);
device = btrfs_find_device(root->fs_info->fs_devices, devid, dev_uuid, device = btrfs_find_device(root->fs_info->fs_devices, devid, dev_uuid,
fs_uuid); fs_uuid, true);
BUG_ON(!device); /* Logic error */ BUG_ON(!device); /* Logic error */
if (device->fs_devices->seeding) { if (device->fs_devices->seeding) {
...@@ -6117,19 +6117,36 @@ int btrfs_map_bio(struct btrfs_root *root, int rw, struct bio *bio, ...@@ -6117,19 +6117,36 @@ int btrfs_map_bio(struct btrfs_root *root, int rw, struct bio *bio,
return 0; return 0;
} }
/*
* Find a device specified by @devid or @uuid in the list of @fs_devices, or
* return NULL.
*
* If devid and uuid are both specified, the match must be exact, otherwise
* only devid is used.
*
* If @seed is true, traverse through the seed devices.
*/
struct btrfs_device *btrfs_find_device(struct btrfs_fs_devices *fs_devices, struct btrfs_device *btrfs_find_device(struct btrfs_fs_devices *fs_devices,
u64 devid, u8 *uuid, u8 *fsid) u64 devid, u8 *uuid, u8 *fsid,
bool seed)
{ {
struct btrfs_device *device; struct btrfs_device *device;
while (fs_devices) { while (fs_devices) {
if (!fsid || if (!fsid ||
!memcmp(fs_devices->fsid, fsid, BTRFS_UUID_SIZE)) { !memcmp(fs_devices->fsid, fsid, BTRFS_FSID_SIZE)) {
device = __find_device(&fs_devices->devices, devid, uuid); list_for_each_entry(device, &fs_devices->devices,
if (device) dev_list) {
return device; if (device->devid == devid &&
(!uuid || memcmp(device->uuid, uuid,
BTRFS_UUID_SIZE) == 0))
return device;
}
} }
fs_devices = fs_devices->seed; if (seed)
fs_devices = fs_devices->seed;
else
return NULL;
} }
return NULL; return NULL;
} }
...@@ -6369,7 +6386,7 @@ static int read_one_chunk(struct btrfs_root *root, struct btrfs_key *key, ...@@ -6369,7 +6386,7 @@ static int read_one_chunk(struct btrfs_root *root, struct btrfs_key *key,
btrfs_stripe_dev_uuid_nr(chunk, i), btrfs_stripe_dev_uuid_nr(chunk, i),
BTRFS_UUID_SIZE); BTRFS_UUID_SIZE);
map->stripes[i].dev = btrfs_find_device(root->fs_info->fs_devices, map->stripes[i].dev = btrfs_find_device(root->fs_info->fs_devices,
devid, uuid, NULL); devid, uuid, NULL, true);
if (!map->stripes[i].dev && !btrfs_test_opt(root, DEGRADED)) { if (!map->stripes[i].dev && !btrfs_test_opt(root, DEGRADED)) {
free_extent_map(em); free_extent_map(em);
return -EIO; return -EIO;
...@@ -6498,7 +6515,7 @@ static int read_one_dev(struct btrfs_root *root, ...@@ -6498,7 +6515,7 @@ static int read_one_dev(struct btrfs_root *root,
return PTR_ERR(fs_devices); return PTR_ERR(fs_devices);
} }
device = btrfs_find_device(fs_devices, devid, dev_uuid, fs_uuid); device = btrfs_find_device(fs_devices, devid, dev_uuid, fs_uuid, true);
if (!device) { if (!device) {
if (!btrfs_test_opt(root, DEGRADED)) if (!btrfs_test_opt(root, DEGRADED))
return -EIO; return -EIO;
...@@ -6961,7 +6978,7 @@ int btrfs_get_dev_stats(struct btrfs_root *root, ...@@ -6961,7 +6978,7 @@ int btrfs_get_dev_stats(struct btrfs_root *root,
int i; int i;
mutex_lock(&fs_devices->device_list_mutex); mutex_lock(&fs_devices->device_list_mutex);
dev = btrfs_find_device(fs_devices, stats->devid, NULL, NULL); dev = btrfs_find_device(fs_devices, stats->devid, NULL, NULL, true);
mutex_unlock(&fs_devices->device_list_mutex); mutex_unlock(&fs_devices->device_list_mutex);
if (!dev) { if (!dev) {
......
...@@ -463,7 +463,7 @@ int btrfs_num_copies(struct btrfs_fs_info *fs_info, u64 logical, u64 len); ...@@ -463,7 +463,7 @@ int btrfs_num_copies(struct btrfs_fs_info *fs_info, u64 logical, u64 len);
int btrfs_grow_device(struct btrfs_trans_handle *trans, int btrfs_grow_device(struct btrfs_trans_handle *trans,
struct btrfs_device *device, u64 new_size); struct btrfs_device *device, u64 new_size);
struct btrfs_device *btrfs_find_device(struct btrfs_fs_devices *fs_devices, struct btrfs_device *btrfs_find_device(struct btrfs_fs_devices *fs_devices,
u64 devid, u8 *uuid, u8 *fsid); u64 devid, u8 *uuid, u8 *fsid, bool seed);
int btrfs_shrink_device(struct btrfs_device *device, u64 new_size); int btrfs_shrink_device(struct btrfs_device *device, u64 new_size);
int btrfs_init_new_device(struct btrfs_root *root, char *path); int btrfs_init_new_device(struct btrfs_root *root, char *path);
int btrfs_init_dev_replace_tgtdev(struct btrfs_root *root, char *device_path, int btrfs_init_dev_replace_tgtdev(struct btrfs_root *root, char *device_path,
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment