bcachefs: Fix bch_member.btree_bitmap_shift validation

Needs to match the assert later when we resize...

Reported-by: syzbot+e8eff054face85d7ea41@syzkaller.appspotmail.com
Signed-off-by: Kent Overstreet <kent.overstreet@linux.dev>

diff --git a/fs/bcachefs/sb-members.c b/fs/bcachefs/sb-members.c
index fb08dd680dacf82bca414f424024e4a00bf432de..116131f95815f32f26a1a2c639c294e31f368f93 100644 (file)
--- a/fs/bcachefs/sb-members.c
+++ b/fs/bcachefs/sb-members.c
@@ -163,7 +163,7 @@ static int validate_member(struct printbuf *err,
                return -BCH_ERR_invalid_sb_members;
        }
 
-       if (m.btree_bitmap_shift >= 64) {
+       if (m.btree_bitmap_shift >= BCH_MI_BTREE_BITMAP_SHIFT_MAX) {
                prt_printf(err, "device %u: invalid btree_bitmap_shift %u", i, m.btree_bitmap_shift);
                return -BCH_ERR_invalid_sb_members;
        }
@@ -450,7 +450,7 @@ static void __bch2_dev_btree_bitmap_mark(struct bch_sb_field_members_v2 *mi, uns
                m->btree_bitmap_shift += resize;
        }
 
-       BUG_ON(m->btree_bitmap_shift > 57);
+       BUG_ON(m->btree_bitmap_shift >= BCH_MI_BTREE_BITMAP_SHIFT_MAX);
        BUG_ON(end > 64ULL << m->btree_bitmap_shift);
 
        for (unsigned bit = start >> m->btree_bitmap_shift;

diff --git a/fs/bcachefs/sb-members_format.h b/fs/bcachefs/sb-members_format.h
index d727d2dfda08f2af0a3ed4602a4953f8fc9f7de4..2adf1221a440f2cad111e5b4b45b98972eb8637d 100644 (file)
--- a/fs/bcachefs/sb-members_format.h
+++ b/fs/bcachefs/sb-members_format.h
@@ -65,6 +65,12 @@ struct bch_member {
        __le32                  last_journal_bucket_offset;
 };
 
+/*
+ * btree_allocated_bitmap can represent sector addresses of a u64: it itself has
+ * 64 elements, so 64 - ilog2(64)
+ */
+#define BCH_MI_BTREE_BITMAP_SHIFT_MAX  58
+
 /*
  * This limit comes from the bucket_gens array - it's a single allocation, and
  * kernel allocation are limited to INT_MAX