From: John Spray <john.spray@redhat.com>
Date: Wed, 6 Apr 2016 12:04:01 +0000 (+0100)
Subject: mds: validate file layouts during replay
X-Git-Tag: v10.1.2~3^2^2~2^2
X-Git-Url: http://git-server-git.apps.pok.os.sepia.ceph.com/?a=commitdiff_plain;h=d544e447dfcd3377ba4cc525abea9ea230c55852;p=ceph.git

mds: validate file layouts during replay

Instead of letting potentially bogus stuff into
the cache, go damaged().

Signed-off-by: John Spray <john.spray@redhat.com>
---

diff --git a/src/mds/journal.cc b/src/mds/journal.cc
index 64d4d2a74b6e..0f27971b1326 100644
--- a/src/mds/journal.cc
+++ b/src/mds/journal.cc
@@ -572,6 +572,25 @@ void EMetaBlob::fullbit::update_inode(MDSRank *mds, CInode *in)
    */
   in->oldest_snap = oldest_snap;
   in->decode_snap_blob(snapbl);
+
+  /*
+   * In case there was anything malformed in the journal that we are
+   * replaying, do sanity checks on the inodes we're replaying and
+   * go damaged instead of letting any trash into a live cache
+   */
+  if (in->is_file()) {
+    // Files must have valid layouts with a pool set
+    if (in->inode.layout.pool_id == -1 || !in->inode.layout.is_valid()) {
+      dout(0) << "EMetaBlob.replay invalid layout on ino " << *in
+              << ": " << in->inode.layout << dendl;
+      std::ostringstream oss;
+      oss << "Invalid layout for inode 0x" << std::hex << in->inode.ino
+          << std::dec << " in journal";
+      mds->clog->error() << oss.str();
+      mds->damaged();
+      assert(0);  // Should be unreachable because damaged() calls respawn()
+    }
+  }
 }
 
 // EMetaBlob::remotebit