summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 744539f)
raw | patch | inline | side by side (parent: 744539f)
| author | Theodore Ts'o <tytso@mit.edu> | |
| Mon, 6 Oct 2014 02:56:00 +0000 (22:56 -0400) | ||
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | |
| Fri, 14 Nov 2014 16:47:57 +0000 (08:47 -0800) |
commit f4bb2981024fc91b23b4d09a8817c415396dbabb upstream.
If there is a corrupted file system which has directory entries that
point at reserved, metadata inodes, prohibit them from being used by
treating them the same way we treat Boot Loader inodes --- that is,
mark them to be bad inodes. This prohibits them from being opened,
deleted, or modified via chmod, chown, utimes, etc.
In particular, this prevents a corrupted file system which has a
directory entry which points at the journal inode from being deleted
and its blocks released, after which point Much Hilarity Ensues.
Reported-by: Sami Liedes <sami.liedes@iki.fi>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
If there is a corrupted file system which has directory entries that
point at reserved, metadata inodes, prohibit them from being used by
treating them the same way we treat Boot Loader inodes --- that is,
mark them to be bad inodes. This prohibits them from being opened,
deleted, or modified via chmod, chown, utimes, etc.
In particular, this prevents a corrupted file system which has a
directory entry which points at the journal inode from being deleted
and its blocks released, after which point Much Hilarity Ensues.
Reported-by: Sami Liedes <sami.liedes@iki.fi>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
| fs/ext4/ext4.h | patch | blob | history | |
| fs/ext4/inode.c | patch | blob | history | |
| fs/ext4/namei.c | patch | blob | history | |
| fs/ext4/super.c | patch | blob | history |
diff --git a/fs/ext4/ext4.h b/fs/ext4/ext4.h
index 790b14c5f262d415c90aa387185457b2971bb804..3891475e22f7660a471579986ad01ffadc7053a0 100644 (file)
--- a/fs/ext4/ext4.h
+++ b/fs/ext4/ext4.h
#define CONVERT_INLINE_DATA 2
extern struct inode *ext4_iget(struct super_block *, unsigned long);
+extern struct inode *ext4_iget_normal(struct super_block *, unsigned long);
extern int ext4_write_inode(struct inode *, struct writeback_control *);
extern int ext4_setattr(struct dentry *, struct iattr *);
extern int ext4_getattr(struct vfsmount *mnt, struct dentry *dentry,
diff --git a/fs/ext4/inode.c b/fs/ext4/inode.c
index f9e11df768d595d1a01d1e60e72d630617d25656..c04f7adc7b58afd9324f44a9d6732409b6316a65 100644 (file)
--- a/fs/ext4/inode.c
+++ b/fs/ext4/inode.c
return ERR_PTR(ret);
}
+struct inode *ext4_iget_normal(struct super_block *sb, unsigned long ino)
+{
+ if (ino < EXT4_FIRST_INO(sb) && ino != EXT4_ROOT_INO)
+ return ERR_PTR(-EIO);
+ return ext4_iget(sb, ino);
+}
+
static int ext4_inode_blocks_set(handle_t *handle,
struct ext4_inode *raw_inode,
struct ext4_inode_info *ei)
diff --git a/fs/ext4/namei.c b/fs/ext4/namei.c
index ab2f6dc44b3abf88b62902433f48a1aa78ba8561..f1312173fa90a5fdd685362138d06be7b16e8597 100644 (file)
--- a/fs/ext4/namei.c
+++ b/fs/ext4/namei.c
@@ -1430,7 +1430,7 @@ static struct dentry *ext4_lookup(struct inode *dir, struct dentry *dentry, unsi
dentry->d_name.name);
return ERR_PTR(-EIO);
}
- inode = ext4_iget(dir->i_sb, ino);
+ inode = ext4_iget_normal(dir->i_sb, ino);
if (inode == ERR_PTR(-ESTALE)) {
EXT4_ERROR_INODE(dir,
"deleted inode referenced: %u",
return ERR_PTR(-EIO);
}
- return d_obtain_alias(ext4_iget(child->d_inode->i_sb, ino));
+ return d_obtain_alias(ext4_iget_normal(child->d_inode->i_sb, ino));
}
/*
diff --git a/fs/ext4/super.c b/fs/ext4/super.c
index 4a33907c3c8a56d41e884a5174d30089c96c7171..a1b780abdf18dfa4b9d887659db4c8c4057bc55f 100644 (file)
--- a/fs/ext4/super.c
+++ b/fs/ext4/super.c
* Currently we don't know the generation for parent directory, so
* a generation of 0 means "accept any"
*/
- inode = ext4_iget(sb, ino);
+ inode = ext4_iget_normal(sb, ino);
if (IS_ERR(inode))
return ERR_CAST(inode);
if (generation && inode->i_generation != generation) {