| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20190211173239.GL19029@quack2.suse.cz>
Date: Mon, 11 Feb 2019 18:32:39 +0100
From: Jan Kara <jack@...e.cz>
To: Steve Magnani <steve.magnani@...idescorp.com>
Cc: jack@...e.com, linux-kernel@...r.kernel.org,
"Steven J . Magnani" <steve@...idescorp.com>
Subject: Re: [PATCH] udf: disallow RW mount without valid integrity descriptor
On Mon 11-02-19 08:24:38, Steve Magnani wrote:
> Refuse to mount a volume read-write without a coherent Logical Volume
> Integrity Descriptor, because we can't generate truly unique IDs without
> one.
>
> This fixes a bug where all inodes created on a UDF filesystem following
> mount without a coherent LVID are assigned UID 0.
>
> Signed-off-by: Steven J. Magnani <steve@...idescorp.com>
Thanks. Added to my tree.
Honza
> ---
> --- a/fs/udf/super.c 2018-11-16 06:43:00.622344354 -0600
> +++ b/fs/udf/super.c 2019-02-11 08:08:00.478331631 -0600
> @@ -1474,6 +1474,17 @@ static int udf_load_logicalvol(struct su
> if (lvd->integritySeqExt.extLength)
> udf_load_logicalvolint(sb, leea_to_cpu(lvd->integritySeqExt));
> ret = 0;
> +
> + if (!sbi->s_lvid_bh) {
> + /* We can't generate UIDs without a valid LVID */
> + if (sb_rdonly(sb))
> + UDF_SET_FLAG(sb, UDF_FLAG_RW_INCOMPAT);
> + else {
> + udf_warn(sb, "Damaged or missing LVID, forcing "
> + "readonly mount\n");
> + ret = -EACCES;
> + }
> + }
> out_bh:
> brelse(bh);
> return ret;
>
--
Jan Kara <jack@...e.com>
SUSE Labs, CR
Powered by blists - more mailing lists