Re: [PATCH] ceph: increase the offset when fail to decode dentry names

[Xiubo Li <xiubli@xxxxxxxxxx>]

Forgot to mention, this patch is fixing a crash bug in 'wip-fscrypt' branch.

- Xiubo


On 2/28/22 3:14 PM, xiubli@xxxxxxxxxx wrote:
> From: Xiubo Li <xiubli@xxxxxxxxxx>
>
> ------------[ cut here ]------------
> kernel BUG at fs/ceph/dir.c:537!
> invalid opcode: 0000 [#1] PREEMPT SMP KASAN NOPTI
> CPU: 16 PID: 21641 Comm: ls Tainted: G            E     5.17.0-rc2+ #92
> Hardware name: Red Hat RHEV Hypervisor, BIOS 1.11.0-2.el7 04/01/2014
>
> The corresponding code in ceph_readdir() is:
>
> 	BUG_ON(rde->offset < ctx->pos);
>
> Signed-off-by: Xiubo Li <xiubli@xxxxxxxxxx>
> ---
>   fs/ceph/dir.c   | 13 +++++++------
>   fs/ceph/inode.c |  3 ++-
>   2 files changed, 9 insertions(+), 7 deletions(-)
>
> diff --git a/fs/ceph/dir.c b/fs/ceph/dir.c
> index a449f4a07c07..f28eb568e0e2 100644
> --- a/fs/ceph/dir.c
> +++ b/fs/ceph/dir.c
> @@ -534,6 +534,13 @@ static int ceph_readdir(struct file *file, struct dir_context *ctx)
>   					    .ctext_len	= rde->altname_len };
>   		u32 olen = oname.len;
>   
> +		err = ceph_fname_to_usr(&fname, &tname, &oname, NULL);
> +		if (err) {
> +			pr_warn("Unable to decode %.*s. Skipping it.\n", rde->name_len, rde->name);
> +			ctx->pos++;
> +			continue;
> +		}
> +
>   		BUG_ON(rde->offset < ctx->pos);
>   		BUG_ON(!rde->inode.in);
>   
> @@ -542,12 +549,6 @@ static int ceph_readdir(struct file *file, struct dir_context *ctx)
>   		     i, rinfo->dir_nr, ctx->pos,
>   		     rde->name_len, rde->name, &rde->inode.in);
>   
> -		err = ceph_fname_to_usr(&fname, &tname, &oname, NULL);
> -		if (err) {
> -			dout("Unable to decode %.*s. Skipping it.\n", rde->name_len, rde->name);
> -			continue;
> -		}
> -
>   		if (!dir_emit(ctx, oname.name, oname.len,
>   			      ceph_present_ino(inode->i_sb, le64_to_cpu(rde->inode.in->ino)),
>   			      le32_to_cpu(rde->inode.in->mode) >> 12)) {
> diff --git a/fs/ceph/inode.c b/fs/ceph/inode.c
> index 8b0832271fdf..b1552e6a6f0e 100644
> --- a/fs/ceph/inode.c
> +++ b/fs/ceph/inode.c
> @@ -1898,7 +1898,8 @@ int ceph_readdir_prepopulate(struct ceph_mds_request *req,
>   
>   		err = ceph_fname_to_usr(&fname, &tname, &oname, &is_nokey);
>   		if (err) {
> -			dout("Unable to decode %.*s. Skipping it.", rde->name_len, rde->name);
> +			fpos_offset++;
> +			pr_warn("Unable to decode %.*s. Skipping it.", rde->name_len, rde->name);
>   			continue;
>   		}
>