From: Gabriel Krisman Bertazi krisman@suse.de

mainline inclusion from mainline-v6.12-rc1 commit a2187431c395cdfbf144e3536f25468c64fc7cfa category: bugfix bugzilla: https://gitee.com/src-openeuler/kernel/issues/IAYR8N CVE: CVE-2024-49968

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?i...

--------------------------------

Commit 985b67cd8639 ("ext4: filesystems without casefold feature cannot be mounted with siphash") properly rejects volumes where s_def_hash_version is set to DX_HASH_SIPHASH, but the check and the error message should not look into casefold setup - a filesystem should never have DX_HASH_SIPHASH as the default hash. Fix it and, since we are there, move the check to ext4_hash_info_init.

Fixes:985b67cd8639 ("ext4: filesystems without casefold feature cannot be mounted with siphash")

Signed-off-by: Gabriel Krisman Bertazi krisman@suse.de Link: https://patch.msgid.link/87jzg1en6j.fsf_-_@mailhost.krisman.be Signed-off-by: Theodore Ts'o tytso@mit.edu Conflicts: fs/ext4/super.c [Context differences.] Signed-off-by: Yongjian Sun sunyongjian1@huawei.com --- fs/ext4/ext4.h | 1 + fs/ext4/super.c | 27 +++++++++++++++++---------- 2 files changed, 18 insertions(+), 10 deletions(-)

diff --git a/fs/ext4/ext4.h b/fs/ext4/ext4.h index 3f914d4c6d98..03bfb7f0a4a0 100644 --- a/fs/ext4/ext4.h +++ b/fs/ext4/ext4.h @@ -2456,6 +2456,7 @@ static inline __le16 ext4_rec_len_to_disk(unsigned len, unsigned blocksize) #define DX_HASH_HALF_MD4_UNSIGNED 4 #define DX_HASH_TEA_UNSIGNED 5 #define DX_HASH_SIPHASH 6 +#define DX_HASH_LAST DX_HASH_SIPHASH

static inline u32 ext4_chksum(struct ext4_sb_info *sbi, u32 crc, const void *address, unsigned int length) diff --git a/fs/ext4/super.c b/fs/ext4/super.c index 76cd0e62281b..561c1e890df2 100644 --- a/fs/ext4/super.c +++ b/fs/ext4/super.c @@ -3709,13 +3709,6 @@ int ext4_feature_set_ok(struct super_block *sb, int readonly) return 0; } #endif - if (EXT4_SB(sb)->s_es->s_def_hash_version == DX_HASH_SIPHASH && - !ext4_has_feature_casefold(sb)) { - ext4_msg(sb, KERN_ERR, - "Filesystem without casefold feature cannot be " - "mounted with siphash"); - return 0; - }

if (readonly) return 1; @@ -5234,16 +5227,27 @@ static int ext4_load_super(struct super_block *sb, ext4_fsblk_t *lsb, return ret; }

-static void ext4_hash_info_init(struct super_block *sb) +static int ext4_hash_info_init(struct super_block *sb) { struct ext4_sb_info *sbi = EXT4_SB(sb); struct ext4_super_block *es = sbi->s_es; unsigned int i;

+ sbi->s_def_hash_version = es->s_def_hash_version; + + if (sbi->s_def_hash_version > DX_HASH_LAST) { + ext4_msg(sb, KERN_ERR, + "Invalid default hash set in the superblock"); + return -EINVAL; + } else if (sbi->s_def_hash_version == DX_HASH_SIPHASH) { + ext4_msg(sb, KERN_ERR, + "SIPHASH is not a valid default hash value"); + return -EINVAL; + } + for (i = 0; i < 4; i++) sbi->s_hash_seed[i] = le32_to_cpu(es->s_hash_seed[i]);

- sbi->s_def_hash_version = es->s_def_hash_version; if (ext4_has_feature_dir_index(sb)) { i = le32_to_cpu(es->s_flags); if (i & EXT2_FLAGS_UNSIGNED_HASH) @@ -5261,6 +5265,7 @@ static void ext4_hash_info_init(struct super_block *sb) #endif } } + return 0; }

static int ext4_block_group_meta_init(struct super_block *sb, int silent) @@ -5408,7 +5413,9 @@ static int __ext4_fill_super(struct fs_context *fc, struct super_block *sb) if (err) goto failed_mount;

- ext4_hash_info_init(sb); + err = ext4_hash_info_init(sb); + if (err) + goto failed_mount;

err = ext4_handle_clustersize(sb); if (err)