On Wed, Mar 17, 2021 at 07:36:47PM +0100, David Sterba wrote: > On Tue, Mar 16, 2021 at 01:27:46PM +0000, Sidong Yang wrote: > > When user assign qgroup with qgroup id that is too big to exceeds > > range and invade level value, and it works without any error. but > > this action would be make undefined error. this code make sure that > > qgroup id doesn't exceed range(0 ~ 2^48-1). > > Should the level be also validate? The function parse_qgroupid does not > do full validation, so eg 0//0 would be parsed as a path and not as a > typo, level larger than 64K will be silently clamped.
I agree. 0//0 would be parsed as path but it failed in btrfs_util_is_subvolume() and goes to err. I understand that upper 16 bits of qgroupid is for level. so, The valid llevel range is [0~2^16-1]. But I can't get it that level larger than 64K will be clampled. one more question about that, I see that the ioctl calls just store the qgroupid without any opeartion with level. is the level meaningless in kernel?
