xfs: push corruption -> ESTALE conversion to xfs_nfs_get_inode()

In xfs_imap_to_bp(), we convert a -EFSCORRUPTED error to -EINVAL if
we are doing an untrusted lookup. This is done because we need
failed filehandle lookups to report -ESTALE to the caller, and it
does this by converting -EINVAL and -ENOENT errors to -ESTALE.

The squashing of EFSCORRUPTED in imap_to_bp makes it impossible for
for xfs_iget(UNTRUSTED) callers to determine the difference between
"inode does not exist" and "corruption detected during lookup". We
realy need that distinction in places calling xfS_iget(UNTRUSTED),
so move the filehandle error case handling all the way out to
xfs_nfs_get_inode() where it is needed.

Signed-off-by: Dave Chinner <dchinner@redhat.com>
Reviewed-by: Carlos Maiolino <cmaiolino@redhat.com>
Reviewed-by: Darrick J. Wong <darrick.wong@oracle.com>
Signed-off-by: Darrick J. Wong <darrick.wong@oracle.com>
This commit is contained in:
Dave Chinner 2018-06-05 10:09:34 -07:00 committed by Darrick J. Wong
parent 541b5acc85
commit 29cad0b3ed
2 changed files with 12 additions and 8 deletions

View File

@ -201,11 +201,6 @@ xfs_imap_to_bp(
ASSERT(buf_flags & XBF_TRYLOCK);
return error;
}
if (error == -EFSCORRUPTED &&
(iget_flags & XFS_IGET_UNTRUSTED))
return -EINVAL;
xfs_warn(mp, "%s: xfs_trans_read_buf() returned error %d.",
__func__, error);
return error;

View File

@ -140,15 +140,24 @@ xfs_nfs_get_inode(
*/
error = xfs_iget(mp, NULL, ino, XFS_IGET_UNTRUSTED, 0, &ip);
if (error) {
/*
* EINVAL means the inode cluster doesn't exist anymore.
* This implies the filehandle is stale, so we should
* translate it here.
* EFSCORRUPTED means the metadata pointing to the inode cluster
* or the inode cluster itself is corrupt. This implies the
* filehandle is stale, so we should translate it here.
* We don't use ESTALE directly down the chain to not
* confuse applications using bulkstat that expect EINVAL.
*/
if (error == -EINVAL || error == -ENOENT)
switch (error) {
case -EINVAL:
case -ENOENT:
case -EFSCORRUPTED:
error = -ESTALE;
break;
default:
break;
}
return ERR_PTR(error);
}