ext4: disallow ea_inodes with extended attributes

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

An ea_inode stores the value of an extended attribute; it can not have
extended attributes itself, or this will cause recursive nightmares.
Add a check in ext4_iget() to make sure this is the case.

Cc: stable@kernel.org
Reported-by: syzbot+e44749b6ba4d0434cd47@syzkaller.appspotmail.com
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Link: https://lore.kernel.org/r/20230524034951.779531-4-tytso@mit.edu
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

Theodore Ts'o 2 years ago 2bc7e7c1 b928dfdc

1 changed file

expand all

ext4

inode.c

fs/ext4/inode.c

··· 4647 4647 if (flags & EXT4_IGET_EA_INODE) { 4648 4648 if (!(EXT4_I(inode)->i_flags & EXT4_EA_INODE_FL)) 4649 4649 return "missing EA_INODE flag"; 4650 + if (ext4_test_inode_state(inode, EXT4_STATE_XATTR) || 4651 + EXT4_I(inode)->i_file_acl) 4652 + return "ea_inode with extended attributes"; 4650 4653 } else { 4651 4654 if ((EXT4_I(inode)->i_flags & EXT4_EA_INODE_FL)) 4652 4655 return "unexpected EA_INODE flag";