udf: disallow RW mount without valid integrity descriptor
diff mbox series

Message ID 20190211142438.16599-1-steve@digidescorp.com
State New
Headers show
Series
  • udf: disallow RW mount without valid integrity descriptor
Related show

Commit Message

Steve Magnani Feb. 11, 2019, 2:24 p.m. UTC
Refuse to mount a volume read-write without a coherent Logical Volume
Integrity Descriptor, because we can't generate truly unique IDs without 
one.

This fixes a bug where all inodes created on a UDF filesystem following
mount without a coherent LVID are assigned UID 0.

Signed-off-by: Steven J. Magnani <steve@digidescorp.com>
---

Comments

Jan Kara Feb. 11, 2019, 5:32 p.m. UTC | #1
On Mon 11-02-19 08:24:38, Steve Magnani wrote:
> Refuse to mount a volume read-write without a coherent Logical Volume
> Integrity Descriptor, because we can't generate truly unique IDs without 
> one.
> 
> This fixes a bug where all inodes created on a UDF filesystem following
> mount without a coherent LVID are assigned UID 0.
> 
> Signed-off-by: Steven J. Magnani <steve@digidescorp.com>

Thanks. Added to my tree.

								Honza

> ---
> --- a/fs/udf/super.c	2018-11-16 06:43:00.622344354 -0600
> +++ b/fs/udf/super.c	2019-02-11 08:08:00.478331631 -0600
> @@ -1474,6 +1474,17 @@ static int udf_load_logicalvol(struct su
>  	if (lvd->integritySeqExt.extLength)
>  		udf_load_logicalvolint(sb, leea_to_cpu(lvd->integritySeqExt));
>  	ret = 0;
> +
> +	if (!sbi->s_lvid_bh) {
> +		/* We can't generate UIDs without a valid LVID */
> +		if (sb_rdonly(sb))
> +			UDF_SET_FLAG(sb, UDF_FLAG_RW_INCOMPAT);
> +		else {
> +			udf_warn(sb, "Damaged or missing LVID, forcing "
> +				     "readonly mount\n");
> +			ret = -EACCES;
> +		}
> +	}
>  out_bh:
>  	brelse(bh);
>  	return ret;
>

Patch
diff mbox series

--- a/fs/udf/super.c	2018-11-16 06:43:00.622344354 -0600
+++ b/fs/udf/super.c	2019-02-11 08:08:00.478331631 -0600
@@ -1474,6 +1474,17 @@  static int udf_load_logicalvol(struct su
 	if (lvd->integritySeqExt.extLength)
 		udf_load_logicalvolint(sb, leea_to_cpu(lvd->integritySeqExt));
 	ret = 0;
+
+	if (!sbi->s_lvid_bh) {
+		/* We can't generate UIDs without a valid LVID */
+		if (sb_rdonly(sb))
+			UDF_SET_FLAG(sb, UDF_FLAG_RW_INCOMPAT);
+		else {
+			udf_warn(sb, "Damaged or missing LVID, forcing "
+				     "readonly mount\n");
+			ret = -EACCES;
+		}
+	}
 out_bh:
 	brelse(bh);
 	return ret;