From: Baokun Li Date: Thu, 16 Jun 2022 02:13:55 +0000 (+0800) Subject: ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h X-Git-Tag: baikal/mips/sdk5.9~38 X-Git-Url: https://git.baikalelectronics.ru/?a=commitdiff_plain;h=0be04f553e3099980e8863edfd779af7c399587d;p=kernel.git ext4: add EXT4_INODE_HAS_XATTR_SPACE macro in xattr.h [ Upstream commit a3cee0bc92ca42d5acd6a699ed0a6f9d291d5870 ] When adding an xattr to an inode, we must ensure that the inode_size is not less than EXT4_GOOD_OLD_INODE_SIZE + extra_isize + pad. Otherwise, the end position may be greater than the start position, resulting in UAF. Signed-off-by: Baokun Li Reviewed-by: Jan Kara Reviewed-by: Ritesh Harjani (IBM) Link: https://lore.kernel.org/r/20220616021358.2504451-2-libaokun1@huawei.com Signed-off-by: Theodore Ts'o Signed-off-by: Sasha Levin --- diff --git a/fs/ext4/xattr.h b/fs/ext4/xattr.h index 77efb9a627ad2..f885f362add4a 100644 --- a/fs/ext4/xattr.h +++ b/fs/ext4/xattr.h @@ -95,6 +95,19 @@ struct ext4_xattr_entry { #define EXT4_ZERO_XATTR_VALUE ((void *)-1) +/* + * If we want to add an xattr to the inode, we should make sure that + * i_extra_isize is not 0 and that the inode size is not less than + * EXT4_GOOD_OLD_INODE_SIZE + extra_isize + pad. + * EXT4_GOOD_OLD_INODE_SIZE extra_isize header entry pad data + * |--------------------------|------------|------|---------|---|-------| + */ +#define EXT4_INODE_HAS_XATTR_SPACE(inode) \ + ((EXT4_I(inode)->i_extra_isize != 0) && \ + (EXT4_GOOD_OLD_INODE_SIZE + EXT4_I(inode)->i_extra_isize + \ + sizeof(struct ext4_xattr_ibody_header) + EXT4_XATTR_PAD <= \ + EXT4_INODE_SIZE((inode)->i_sb))) + struct ext4_xattr_info { const char *name; const void *value;