From 4f5edd82eb375f0e949192ac5a0b42858356e05d Mon Sep 17 00:00:00 2001 From: Steve Magnani Date: Mon, 11 Feb 2019 08:24:38 -0600 Subject: udf: disallow RW mount without valid integrity descriptor Refuse to mount a volume read-write without a coherent Logical Volume Integrity Descriptor, because we can't generate truly unique IDs without one. This fixes a bug where all inodes created on a UDF filesystem following mount without a coherent LVID are assigned unique ID 0 which can then confuse other UDF implementations. Signed-off-by: Steven J. Magnani Signed-off-by: Jan Kara --- fs/udf/super.c | 11 +++++++++++ 1 file changed, 11 insertions(+) (limited to 'fs/udf') diff --git a/fs/udf/super.c b/fs/udf/super.c index 2cf435c87583..a6940d90bedd 100644 --- a/fs/udf/super.c +++ b/fs/udf/super.c @@ -1474,6 +1474,17 @@ static int udf_load_logicalvol(struct super_block *sb, sector_t block, if (lvd->integritySeqExt.extLength) udf_load_logicalvolint(sb, leea_to_cpu(lvd->integritySeqExt)); ret = 0; + + if (!sbi->s_lvid_bh) { + /* We can't generate unique IDs without a valid LVID */ + if (sb_rdonly(sb)) { + UDF_SET_FLAG(sb, UDF_FLAG_RW_INCOMPAT); + } else { + udf_warn(sb, "Damaged or missing LVID, forcing " + "readonly mount\n"); + ret = -EACCES; + } + } out_bh: brelse(bh); return ret; -- cgit