| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 11 Feb 2019 08:24:38 -0600
From: Steve Magnani <steve.magnani@...idescorp.com>
To: jack@...e.com
Cc: linux-kernel@...r.kernel.org,
"Steven J . Magnani" <steve@...idescorp.com>
Subject: [PATCH] udf: disallow RW mount without valid integrity descriptor
Refuse to mount a volume read-write without a coherent Logical Volume
Integrity Descriptor, because we can't generate truly unique IDs without
one.
This fixes a bug where all inodes created on a UDF filesystem following
mount without a coherent LVID are assigned UID 0.
Signed-off-by: Steven J. Magnani <steve@...idescorp.com>
---
--- a/fs/udf/super.c 2018-11-16 06:43:00.622344354 -0600
+++ b/fs/udf/super.c 2019-02-11 08:08:00.478331631 -0600
@@ -1474,6 +1474,17 @@ static int udf_load_logicalvol(struct su
if (lvd->integritySeqExt.extLength)
udf_load_logicalvolint(sb, leea_to_cpu(lvd->integritySeqExt));
ret = 0;
+
+ if (!sbi->s_lvid_bh) {
+ /* We can't generate UIDs without a valid LVID */
+ if (sb_rdonly(sb))
+ UDF_SET_FLAG(sb, UDF_FLAG_RW_INCOMPAT);
+ else {
+ udf_warn(sb, "Damaged or missing LVID, forcing "
+ "readonly mount\n");
+ ret = -EACCES;
+ }
+ }
out_bh:
brelse(bh);
return ret;
Powered by blists - more mailing lists