linux/fs/btrfs/tree-checker.h

71 lines
1.8 KiB
C
Raw Normal View History

/* SPDX-License-Identifier: GPL-2.0 */
/*
* Copyright (C) Qu Wenruo 2017. All rights reserved.
*/
#ifndef BTRFS_TREE_CHECKER_H
#define BTRFS_TREE_CHECKER_H
#include <uapi/linux/btrfs_tree.h>
struct extent_buffer;
struct btrfs_chunk;
/* All the extra info needed to verify the parentness of a tree block. */
struct btrfs_tree_parent_check {
/*
* The owner check against the tree block.
*
* Can be 0 to skip the owner check.
*/
u64 owner_root;
/*
* Expected transid, can be 0 to skip the check, but such skip
* should only be utlized for backref walk related code.
*/
u64 transid;
/*
* The expected first key.
*
* This check can be skipped if @has_first_key is false, such skip
* can happen for case where we don't have the parent node key,
* e.g. reading the tree root, doing backref walk.
*/
struct btrfs_key first_key;
bool has_first_key;
/* The expected level. Should always be set. */
u8 level;
};
enum btrfs_tree_block_status {
BTRFS_TREE_BLOCK_CLEAN,
BTRFS_TREE_BLOCK_INVALID_NRITEMS,
BTRFS_TREE_BLOCK_INVALID_PARENT_KEY,
BTRFS_TREE_BLOCK_BAD_KEY_ORDER,
BTRFS_TREE_BLOCK_INVALID_LEVEL,
BTRFS_TREE_BLOCK_INVALID_FREE_SPACE,
BTRFS_TREE_BLOCK_INVALID_OFFSETS,
BTRFS_TREE_BLOCK_INVALID_BLOCKPTR,
BTRFS_TREE_BLOCK_INVALID_ITEM,
BTRFS_TREE_BLOCK_INVALID_OWNER,
};
/*
* Exported simply for btrfs-progs which wants to have the
* btrfs_tree_block_status return codes.
*/
enum btrfs_tree_block_status __btrfs_check_leaf(struct extent_buffer *leaf);
enum btrfs_tree_block_status __btrfs_check_node(struct extent_buffer *node);
int btrfs_check_leaf(struct extent_buffer *leaf);
int btrfs_check_node(struct extent_buffer *node);
int btrfs_check_chunk_valid(struct extent_buffer *leaf,
struct btrfs_chunk *chunk, u64 logical);
btrfs: tree-checker: check extent buffer owner against owner rootid Btrfs doesn't check whether the tree block respects the root owner. This means, if a tree block referred by a parent in extent tree, but has owner of 5, btrfs can still continue reading the tree block, as long as it doesn't trigger other sanity checks. Normally this is fine, but combined with the empty tree check in check_leaf(), if we hit an empty extent tree, but the root node has csum tree owner, we can let such extent buffer to sneak in. Shrink the hole by: - Do extra eb owner check at tree read time - Make sure the root owner extent buffer exactly matches the root id. Unfortunately we can't yet completely patch the hole, there are several call sites can't pass all info we need: - For reloc/log trees Their owner is key::offset, not key::objectid. We need the full root key to do that accurate check. For now, we just skip the ownership check for those trees. - For add_data_references() of relocation That call site doesn't have any parent/ownership info, as all the bytenrs are all from btrfs_find_all_leafs(). - For direct backref items walk Direct backref items records the parent bytenr directly, thus unlike indirect backref item, we don't do a full tree search. Thus in that case, we don't have full parent owner to check. For the later two cases, they all pass 0 as @owner_root, thus we can skip those cases if @owner_root is 0. Signed-off-by: Qu Wenruo <wqu@suse.com> Reviewed-by: David Sterba <dsterba@suse.com> Signed-off-by: David Sterba <dsterba@suse.com>
2022-03-16 08:05:58 +08:00
int btrfs_check_eb_owner(const struct extent_buffer *eb, u64 root_owner);
#endif