From owner-svn-src-head@FreeBSD.ORG Wed May 11 19:59:44 2011 Return-Path: Delivered-To: svn-src-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 5BF41106564A; Wed, 11 May 2011 19:59:44 +0000 (UTC) (envelope-from ae@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 324A78FC13; Wed, 11 May 2011 19:59:44 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id p4BJxipi004098; Wed, 11 May 2011 19:59:44 GMT (envelope-from ae@svn.freebsd.org) Received: (from ae@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id p4BJxiN0004096; Wed, 11 May 2011 19:59:44 GMT (envelope-from ae@svn.freebsd.org) Message-Id: <201105111959.p4BJxiN0004096@svn.freebsd.org> From: "Andrey V. Elsukov" Date: Wed, 11 May 2011 19:59:44 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r221788 - head/sys/geom/part X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 May 2011 19:59:44 -0000 Author: ae Date: Wed May 11 19:59:43 2011 New Revision: 221788 URL: http://svn.freebsd.org/changeset/base/221788 Log: Add basic metadata integrity check. In case when partition table was probed and read successfull, but it contains invalid values (e.g. overlapped partitions, offset or size is out of bounds), then table will be rejected. MFC after: 1 month Modified: head/sys/geom/part/g_part.c Modified: head/sys/geom/part/g_part.c ============================================================================== --- head/sys/geom/part/g_part.c Wed May 11 19:06:09 2011 (r221787) +++ head/sys/geom/part/g_part.c Wed May 11 19:59:43 2011 (r221788) @@ -231,6 +231,48 @@ g_part_geometry(struct g_part_table *tab } } +static int +g_part_check_integrity(struct g_part_table *table, struct g_consumer *cp) +{ + struct g_part_entry *e1, *e2; + struct g_provider *pp; + + pp = cp->provider; + if (table->gpt_first > table->gpt_last || + table->gpt_last > pp->mediasize / pp->sectorsize - 1) + goto fail; + + LIST_FOREACH(e1, &table->gpt_entry, gpe_entry) { + if (e1->gpe_deleted || e1->gpe_internal) + continue; + if (e1->gpe_start < table->gpt_first || + e1->gpe_start > table->gpt_last || + e1->gpe_end < e1->gpe_start || + e1->gpe_end > table->gpt_last) + goto fail; + e2 = e1; + while ((e2 = LIST_NEXT(e2, gpe_entry)) != NULL) { + if (e2->gpe_deleted || e2->gpe_internal) + continue; + if (e1->gpe_start >= e2->gpe_start && + e1->gpe_start <= e2->gpe_end) + goto fail; + if (e1->gpe_end >= e2->gpe_start && + e1->gpe_end <= e2->gpe_end) + goto fail; + if (e1->gpe_start < e2->gpe_start && + e1->gpe_end > e2->gpe_end) + goto fail; + } + } + return (0); +fail: + if (bootverbose) + printf("GEOM_PART: integrity check failed (%s, %s)\n", + pp->name, table->gpt_scheme->name); + return (EINVAL); +} + struct g_part_entry * g_part_new_entry(struct g_part_table *table, int index, quad_t start, quad_t end) @@ -1310,9 +1352,11 @@ g_part_ctl_undo(struct gctl_req *req, st error = G_PART_READ(table, cp); if (error) goto fail; + error = g_part_check_integrity(table, cp); + if (error) + goto fail; g_topology_lock(); - LIST_FOREACH(entry, &table->gpt_entry, gpe_entry) { if (!entry->gpe_internal) g_part_new_provider(gp, table, entry); @@ -1773,6 +1817,9 @@ g_part_taste(struct g_class *mp, struct error = G_PART_READ(table, cp); if (error) goto fail; + error = g_part_check_integrity(table, cp); + if (error) + goto fail; g_topology_lock(); LIST_FOREACH(entry, &table->gpt_entry, gpe_entry) {