| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
| |
This patch includes the functionality of btrfs, it's
found as "btrfs check".
Signed-off-by: Ian Kumlien <pomac@demius.net>
Signed-off-by: David Sterba <dsterba@suse.cz>
|
|
|
|
|
|
| |
In preparation for merging btrfsck functionality in to btrfs.
Signed-off-by: Ian Kumlien <pomac@demius.net>
|
|
|
|
|
|
|
|
|
|
| |
My builds are cluttered with:
<command-line>:0:0: warning: "_FORTIFY_SOURCE" redefined [enabled by
default]
Which makes it hard to tell if something breaks or not.
Signed-off-by: Ian Kumlien <pomac@demius.net>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Sometimes, when you least expect it, a static binary is what you need to
rescue your data... Or just get a good enough handle on things to make
it work again ;)
"make static" is a gift to you, dear user with filesystem problems!
Anyway, on a more serious note, changed the cflags and ldflags so that
we create a smaller binary, 1.1MB stripped on my 64 bit system
(2.7MB with debug data)
Signed-off-by: Ian Kumlien <pomac@demius.net>
|
|
|
|
|
|
|
| |
Remove the redundant if check on the condition ret > 0.
Leave BUG_ON check here.
Signed-off-by: Wang Sheng-Hui <shhuiw@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Instead of doing a BUG_ON() if we fail to find the last fs root just return
an error so the callers can deal with it how they like. Also we need to
actually return an error if we can't find the latest root so that the error
handling works. With this btrfsck was able to deal with a file system that
was missing a root item but still had extents that referred back to the
root. Thanks,
Signed-off-by: Josef Bacik <jbacik@fusionio.com>
|
|
|
|
|
|
|
| |
Noticed this while looking for an segfault related to our eb cache in
btrfsck. We free the eb in out: so we don't need this extra free. Thanks,
Signed-off-by: Josef Bacik <jbacik@fusionio.com>
|
|
|
|
|
|
|
|
|
|
| |
A user had a problem where btrfsck would bail out because it was finding
extents for a snapshot that had been deleted but not entirely cleaned up.
We can handle this case fine, we just need to report an error properly.
This patch allowed btrfsck to continue and eventually fix his file system.
Thanks,
Signed-off-by: Josef Bacik <jbacik@fusionio.com>
|
|
|
|
|
|
|
| |
fd53de4d Drop bit-radix.[ch] files
removed the files from the Makefile, but not the files themselves.
Signed-off-by: Eric Sandeen <sandeen@redhat.com>
|
|
|
|
|
|
|
|
|
| |
print more informative error when we fail to open a device
If open() fails, we should let the user know why it failed.
Signed-off-by: Eric Sandeen <sandeen@redhat.com>
Signed-off-by: Gene Czarcinski <gene@czarc.net>
|
|\
| |
| |
| | |
http://git.zabbo.net/cgit/btrfs-progs into merged
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Several goto out; paths will end up doing i.e.
if (pipefd[0])
close(pipefd[0]);
but we get there with uninitialized values in many cases.
Signed-off-by: Eric Sandeen <sandeen@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
3 places where we copy pathnames into ioctl arguments
were not limited to the destination name size, and
could overflow. Use the new strncpy_null() macro
to make this safe.
Signed-off-by: Eric Sandeen <sandeen@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
In the places where we copy a string into the name
member of btrfs_ioctl_vol_args or btrfs_ioctl_vol_args_v2,
we use strncopy (to not overflow the name array) and then
set the last position to the null character.
Howver, in both cases the arrays are defined with:
char name[MAX+1];
hence the last array position is name[MAX].
In most cases, we now insert the null at name[MAX-1]
which deprives us of one useful character.
Even the above isn't consistent through the code, so
make some helper code to make it simple, i.e.
strncpy_null(dest, src) which automatically does the
right thing based on the size of dest.
Thanks to Zach Brown for the macro suggestion.
Signed-off-by: Eric Sandeen <sandeen@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
cmd_subvol_create() calls either BTRFS_IOC_SUBVOL_CREATE
or BTRFS_IOC_SUBVOL_CREATE_V2 depending on whether or
not inherit is set. However, these 2 ioctls have different
args structures with different length name[] members.
In the BTRFS_IOC_SUBVOL_CREATE case, the arg is
btrfs_ioctl_vol_args, with a BTRFS_PATH_NAME_MAX length
name, not a BTRFS_SUBVOL_NAME_MAX length name.
Signed-off-by: Eric Sandeen <sandeen@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
__setup_root() was present in find-root.c as well
as disk-io.c. No need for the cut and paste, just
use the one in disk-io.c
Signed-off-by: Eric Sandeen <sandeen@redhat.com>
Signed-off-by: Zach Brown <zab@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| | |
"mdresotre" sounds like it might be French, but most
likely it's a misspelling of mdrestore. Fix it.
Signed-off-by: Eric Sandeen <sandeen@redhat.com>
Signed-off-by: Zach Brown <zab@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| | |
Mostly just to keep things like coverity happy about potentially
uninitialized structure members, since it doesn't grok the ioctl.
Signed-off-by: Eric Sandeen <sandeen@redhat.com>
Signed-off-by: Zach Brown <zab@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
In the case that btrfs scrub cancel is given a device name,
we close the file handle, and then pass it to check_mounted_where()
which eventually preads from that (now closed) fd. Fix the logic
so that we close & re-open the discovered mountpoint properly.
Signed-off-by: Eric Sandeen <sandeen@redhat.com>
Signed-off-by: Zach Brown <zab@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
If scrub start discovers that scrub is already running,
we need to set prg_fd to -1 before goto out, or we'll
try to close it again in the error path.
Signed-off-by: Eric Sandeen <sandeen@redhat.com>
Signed-off-by: Zach Brown <zab@redhat.com>
|
| |
| |
| |
| | |
Signed-off-by: Zach Brown <zab@redhat.com>
|
| |
| |
| |
| | |
Signed-off-by: Zach Brown <zab@redhat.com>
|
| |
| |
| |
| |
| |
| | |
It wasn't freed if it didn't find metadata.
Signed-off-by: Zach Brown <zab@redhat.com>
|
| |
| |
| |
| |
| |
| | |
A few paths returned errors before freeing their inherit allocation.
Signed-off-by: Zach Brown <zab@redhat.com>
|
| |
| |
| |
| | |
Signed-off-by: Zach Brown <zab@redhat.com>
|
| |
| |
| |
| |
| |
| |
| | |
Argument validation failed to close the fd that was opened. So check
the arguments before opening anything.
Signed-off-by: Zach Brown <zab@redhat.com>
|
| |
| |
| |
| |
| |
| |
| | |
One of the return statements in search_dir() didn't free everything it
was supposed to.
Signed-off-by: Zach Brown <zab@redhat.com>
|
| |
| |
| |
| |
| |
| | |
It wasn't closed in the error path.
Signed-off-by: Zach Brown <zab@redhat.com>
|
| |
| |
| |
| |
| |
| | |
As far as I can tell, nothing took the address of this.
Signed-off-by: Zach Brown <zab@redhat.com>
|
| |
| |
| |
| |
| |
| | |
add_root_to_pending() took a bunch of arguments that it never used.
Signed-off-by: Zach Brown <zab@redhat.com>
|
| |
| |
| |
| |
| |
| | |
< 0 is returned for errors opening the file, this code could leak fd 0.
Signed-off-by: Zach Brown <zab@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| | |
If connection fails the socket is leaked when the status file is used
instead. Close it to trivially cut down on fd use and to bring down the
noise in static code analysis.
Signed-off-by: Zach Brown <zab@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
It looks possible to hit the search_again label without using the
prealloc. A new prealloc is allocated, leaking the current one.
Every use of prealloc sets it to null so let's just allocate a new
prealloc when we don't already have one.
Signed-off-by: Zach Brown <zab@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
btrfs_scan_one_dir() can overflow an arbitrarily small 256 byte buffer
with an arbitrarily slightly larger 1024 byte buffer as it remembers the
path of a dir to later descend.
Make these buffers the same size to stop the overflow and chose PATH_MAX
for that size so that it won't fail on legitimately bonkers paths.
Signed-off-by: Zach Brown <zab@redhat.com>
|
| |
| |
| |
| |
| |
| |
| | |
Path allocation failure already has its own return, remember to free the
path when the error label is taken.
Signed-off-by: Zach Brown <zab@redhat.com>
|
| |
| |
| |
| |
| |
| |
| | |
It looks like the usual kernel idiom of "< ARRAY_SIZE()" was
accidentally negated as ">" instead of ">=".
Signed-off-by: Zach Brown <zab@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
struct btrfs_super is about 3.5k but a few writing paths were writing it
out as the full 4k BTRFS_SUPER_INFO_SIZE, leaking a few hundred bytes
after the super_block onto disk. In practice this meant the memory
after super_copy in struct btrfs_fs_info and whatever came after it in
the heap.
Signed-off-by: Zach Brown <zab@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| | |
old_left_nritems is unsigned so BUG_ON(old_left_nritems < 0) is
impossible. Presumably the BUG_ON() meant to test that it wasn't 0 so
that btrfs_item_offset_nr() doesn't get a nr of -1.
Signed-off-by: Zach Brown <zab@redhat.com>
|
| |
| |
| |
| |
| |
| |
| | |
Check for failure by testing for a negative file descriptor, not a
descriptor of 0. And if it failed we have nothing to close().
Signed-off-by: Zach Brown <zab@redhat.com>
|
| |
| |
| |
| |
| |
| |
| | |
Don't try to close an fd immediately after discovering that opening it
failed.
Signed-off-by: Zach Brown <zab@redhat.com>
|
| |
| |
| |
| |
| |
| |
| | |
-EBUSY is platform dependent and is even less reliable when truncated to
a u8. Just return 1 on error.
Signed-off-by: Zach Brown <zab@redhat.com>
|
| |
| |
| |
| |
| |
| |
| | |
When opening the fd fails just return instead of taking the shared error
path that tries to close() the fd.
Signed-off-by: Zach Brown <zab@redhat.com>
|
| |
| |
| |
| |
| |
| |
| | |
The free inode objectid would be printed as "FREE_INOQUOTA_TREE" because
of a missing break.
Signed-off-by: Zach Brown <zab@redhat.com>
|
| |
| |
| |
| |
| |
| |
| | |
btrfs_free_path() derefs the path before freeing it. It can't be passed
a null pointer when allocation fails.
Signed-off-by: Zach Brown <zab@redhat.com>
|
| |
| |
| |
| |
| |
| |
| | |
'next' can never be non-null in the body of these loops. It's
initialized to NULL and the loop is terminated the moment it is set.
Signed-off-by: Zach Brown <zab@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| | |
copy_one_inline() meant to test the return of pwrite() with ram_size.
Presumably the comparison with len was copied from the test earlier in
the function.
Signed-off-by: Zach Brown <zab@redhat.com>
|
| |
| |
| |
| |
| |
| | |
finish_subvol() initializes and tests info_fd but it is never used.
Signed-off-by: Zach Brown <zab@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
size_sourcedir() uses shockingly bad code to try and estimate the size
of the files and directories in a subtree.
- Its use of snprintf(), strcat(), and sscanf() with arbitrarily small
on-stack buffers manages to overflow the stack a few times when given
long file names.
$ BIG=$(perl -e 'print "a" x 200')
$ mkdir -p /tmp/$BIG/$BIG/$BIG/$BIG/$BIG
$ mkfs.btrfs /tmp/img -r /tmp/$BIG/$BIG/$BIG/$BIG/$BIG
*** stack smashing detected ***: mkfs.btrfs terminated
- It passes raw paths to system() allowing interpreting file names as
shell control characters.
$ mkfs.btrfs /tmp/img -r /tmp/spacey\ dir/
du: cannot access `/tmp/spacey': No such file or directory
du: cannot access `dir/': No such file or directory
- It redirects du output to "temp_file" in the current directory,
allowing overwriting of files through symlinks.
$ echo hi > target
$ ln -s target temp_file
$ mkfs.btrfs /tmp/img -r /tmp/somedir/
$ cat target
3 /tmp/somedir/
This fixes the worst problems while maintaining -r functionality by
tearing out the system() code and using ftw() to walk the source tree
and sum up st.st_size.
Signed-off-by: Zach Brown <zab@redhat.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
check_owner_ref() could deref a null path node if btrfs_search_slot()
fails or simply doesn't find a tree tall enough to get to the parent of
the desired block.
This was flagged by static analysis warning that btrfs_search_slot()'s
return value wasn't being checked.
Signed-off-by: Zach Brown <zab@redhat.com>
Again: caught by static analysis.
|
| |
| |
| |
| |
| |
| |
| |
| | |
Errors cow-ing the root block are silently being dropped. This is
just a step towards error handling because both the caller and calee
assert on errors.
Signed-off-by: Zach Brown <zab@redhat.com>
|