On Wed, Jun 28, 2023 at 08:44:12AM +1000, Dave Chinner wrote: > From: Dave Chinner <dchinner@xxxxxxxxxx> > > Need to happen before we allocate and then leak the xefi. Found by > coverity via an xfsprogs libxfs scan. > > Fixes: 7dfee17b13e5 ("xfs: validate block number being freed before adding to xefi") > Signed-off-by: Dave Chinner <dchinner@xxxxxxxxxx> LGTM, Reviewed-by: Darrick J. Wong <djwong@xxxxxxxxxx> --D > --- > fs/xfs/libxfs/xfs_alloc.c | 11 ++++++----- > 1 file changed, 6 insertions(+), 5 deletions(-) > > diff --git a/fs/xfs/libxfs/xfs_alloc.c b/fs/xfs/libxfs/xfs_alloc.c > index 7c86a69354fb..9919fdfe1d7e 100644 > --- a/fs/xfs/libxfs/xfs_alloc.c > +++ b/fs/xfs/libxfs/xfs_alloc.c > @@ -2470,25 +2470,26 @@ static int > xfs_defer_agfl_block( > struct xfs_trans *tp, > xfs_agnumber_t agno, > - xfs_fsblock_t agbno, > + xfs_agblock_t agbno, > struct xfs_owner_info *oinfo) > { > struct xfs_mount *mp = tp->t_mountp; > struct xfs_extent_free_item *xefi; > + xfs_fsblock_t fsbno = XFS_AGB_TO_FSB(mp, agno, agbno); > > ASSERT(xfs_extfree_item_cache != NULL); > ASSERT(oinfo != NULL); > > + if (XFS_IS_CORRUPT(mp, !xfs_verify_fsbno(mp, fsbno))) > + return -EFSCORRUPTED; > + > xefi = kmem_cache_zalloc(xfs_extfree_item_cache, > GFP_KERNEL | __GFP_NOFAIL); > - xefi->xefi_startblock = XFS_AGB_TO_FSB(mp, agno, agbno); > + xefi->xefi_startblock = fsbno; > xefi->xefi_blockcount = 1; > xefi->xefi_owner = oinfo->oi_owner; > xefi->xefi_type = XFS_AG_RESV_AGFL; > > - if (XFS_IS_CORRUPT(mp, !xfs_verify_fsbno(mp, xefi->xefi_startblock))) > - return -EFSCORRUPTED; > - > trace_xfs_agfl_free_defer(mp, agno, 0, agbno, 1); > > xfs_extent_free_get_group(mp, xefi); > -- > 2.40.1 >