| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 08 Oct 2011 00:36:26 -0700
From: "Darrick J. Wong" <djwong@...ibm.com>
To: Andreas Dilger <adilger.kernel@...ger.ca>,
Theodore Tso <tytso@....edu>,
"Darrick J. Wong" <djwong@...ibm.com>
Cc: Sunil Mushran <sunil.mushran@...cle.com>,
Amir Goldstein <amir73il@...il.com>,
Andi Kleen <andi@...stfloor.org>,
Mingming Cao <cmm@...ibm.com>,
Joel Becker <jlbec@...lplan.org>, linux-ext4@...r.kernel.org,
Coly Li <colyli@...il.com>
Subject: [PATCH 30/47] libext2fs: Calculate and verify superblock checksums
Calculate and verify the superblock checksums. Each copy of the superblock
records the number of the group it's in and the FS UUID, so we can simply
checksum the whole block.
Signed-off-by: Darrick J. Wong <djwong@...ibm.com>
---
lib/ext2fs/closefs.c | 18 +++++++++++-------
lib/ext2fs/csum.c | 34 ++++++++++++++++++++++++++++++++++
lib/ext2fs/ext2_err.et.in | 3 +++
lib/ext2fs/ext2fs.h | 4 ++++
lib/ext2fs/openfs.c | 6 ++++++
5 files changed, 58 insertions(+), 7 deletions(-)
diff --git a/lib/ext2fs/closefs.c b/lib/ext2fs/closefs.c
index 1867be3..008ee91 100644
--- a/lib/ext2fs/closefs.c
+++ b/lib/ext2fs/closefs.c
@@ -246,14 +246,18 @@ static errcode_t write_backup_super(ext2_filsys fs, dgrp_t group,
blk_t group_block,
struct ext2_super_block *super_shadow)
{
+ errcode_t retval;
dgrp_t sgrp = group;
if (sgrp > ((1 << 16) - 1))
sgrp = (1 << 16) - 1;
+
+ super_shadow->s_block_group_nr = sgrp;
+ retval = ext2fs_superblock_csum_set(fs, super_shadow);
+ if (retval)
+ return retval;
#ifdef WORDS_BIGENDIAN
- super_shadow->s_block_group_nr = ext2fs_swab16(sgrp);
-#else
- fs->super->s_block_group_nr = sgrp;
+ ext2fs_swap_super(super_shadow);
#endif
return io_channel_write_blk64(fs->io, group_block, -SUPERBLOCK_SIZE,
@@ -314,6 +318,7 @@ errcode_t ext2fs_flush2(ext2_filsys fs, int flags)
&group_shadow);
if (retval)
goto errout;
+ memcpy(super_shadow, fs->super, sizeof(struct ext2_super_block));
memcpy(group_shadow, fs->group_desc, (size_t) fs->blocksize *
fs->desc_blocks);
@@ -334,10 +339,6 @@ errcode_t ext2fs_flush2(ext2_filsys fs, int flags)
*/
fs->super->s_state &= ~EXT2_VALID_FS;
fs->super->s_feature_incompat &= ~EXT3_FEATURE_INCOMPAT_RECOVER;
-#ifdef WORDS_BIGENDIAN
- *super_shadow = *fs->super;
- ext2fs_swap_super(super_shadow);
-#endif
/*
* If this is an external journal device, don't write out the
@@ -407,6 +408,9 @@ write_primary_superblock_only:
fs->super->s_block_group_nr = 0;
fs->super->s_state = fs_state;
fs->super->s_feature_incompat = feature_incompat;
+ retval = ext2fs_superblock_csum_set(fs, fs->super);
+ if (retval)
+ return retval;
#ifdef WORDS_BIGENDIAN
*super_shadow = *fs->super;
ext2fs_swap_super(super_shadow);
diff --git a/lib/ext2fs/csum.c b/lib/ext2fs/csum.c
index aec5c87..d89fa37 100644
--- a/lib/ext2fs/csum.c
+++ b/lib/ext2fs/csum.c
@@ -30,6 +30,40 @@
#define STATIC static
#endif
+static __u32 ext2fs_superblock_csum(ext2_filsys fs, struct ext2_super_block *sb)
+{
+ int offset = offsetof(struct ext2_super_block, s_checksum);
+
+#ifdef WORDS_BIGENDIAN
+ struct ext2_super_block swabsb;
+ memcpy(&swabsb, sb, sizeof(struct ext2_super_block));
+ ext2fs_swap_super(&swabsb);
+ sb = &swabsb;
+#endif
+
+ return ext2fs_crc32c_le(~0, (unsigned char *)sb, offset);
+}
+
+int ext2fs_superblock_csum_verify(ext2_filsys fs, struct ext2_super_block *sb)
+{
+ if (EXT2_HAS_RO_COMPAT_FEATURE(fs->super,
+ EXT4_FEATURE_RO_COMPAT_METADATA_CSUM) &&
+ (sb->s_checksum != ext2fs_superblock_csum(fs, sb)))
+ return 0;
+ return 1;
+}
+
+errcode_t ext2fs_superblock_csum_set(ext2_filsys fs,
+ struct ext2_super_block *sb)
+{
+ if (!EXT2_HAS_RO_COMPAT_FEATURE(fs->super,
+ EXT4_FEATURE_RO_COMPAT_METADATA_CSUM))
+ return 0;
+
+ sb->s_checksum = ext2fs_superblock_csum(fs, sb);
+ return 0;
+}
+
static errcode_t ext2fs_ext_attr_block_csum(ext2_filsys fs, ext2_ino_t inum,
blk64_t block,
struct ext2_ext_attr_header *hdr,
diff --git a/lib/ext2fs/ext2_err.et.in b/lib/ext2fs/ext2_err.et.in
index e210f8d..e4d2caa 100644
--- a/lib/ext2fs/ext2_err.et.in
+++ b/lib/ext2fs/ext2_err.et.in
@@ -455,4 +455,7 @@ ec EXT2_ET_INODE_CSUM_NONZERO,
ec EXT2_ET_EXT_ATTR_BLOCK_CORRUPT,
"Extended attribute block fails checksum"
+ec EXT2_ET_SB_CSUM_INVALID,
+ "Superblock fails checksum"
+
end
diff --git a/lib/ext2fs/ext2fs.h b/lib/ext2fs/ext2fs.h
index 9f0e8fa..b921f83 100644
--- a/lib/ext2fs/ext2fs.h
+++ b/lib/ext2fs/ext2fs.h
@@ -929,6 +929,10 @@ extern __u32 ext2fs_crc32c_be(__u32 crc, unsigned char const *p, size_t len);
extern __u32 ext2fs_crc32c_le(__u32 crc, unsigned char const *p, size_t len);
/* csum.c */
+extern errcode_t ext2fs_superblock_csum_set(ext2_filsys fs,
+ struct ext2_super_block *sb);
+extern int ext2fs_superblock_csum_verify(ext2_filsys fs,
+ struct ext2_super_block *sb);
extern errcode_t ext2fs_ext_attr_block_csum_set(ext2_filsys fs,
ext2_ino_t inum, blk64_t block,
struct ext2_ext_attr_header *hdr);
diff --git a/lib/ext2fs/openfs.c b/lib/ext2fs/openfs.c
index 0cefe3f..334240c 100644
--- a/lib/ext2fs/openfs.c
+++ b/lib/ext2fs/openfs.c
@@ -203,6 +203,12 @@ errcode_t ext2fs_open2(const char *name, const char *io_options,
}
#endif
+ if (!(fs->flags & EXT2_FLAG_IGNORE_CSUM_ERRORS) &&
+ !ext2fs_superblock_csum_verify(fs, fs->super)) {
+ retval = EXT2_ET_SB_CSUM_INVALID;
+ goto cleanup;
+ }
+
if (fs->super->s_magic != EXT2_SUPER_MAGIC) {
retval = EXT2_ET_BAD_MAGIC;
goto cleanup;
--
To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists