On 2023/12/24 19:53, Edward Adam Davis wrote:
If inode is the ext4 boot loader inode, then when it is a directory, the inode should also be set to bad inode. Reported-and-tested-by: syzbot+2c4a3b922a860084cc7f@xxxxxxxxxxxxxxxxxxxxxxxxx Signed-off-by: Edward Adam Davis <eadavis@xxxxxx> --- fs/ext4/inode.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/fs/ext4/inode.c b/fs/ext4/inode.c index 61277f7f8722..b311f610f008 100644 --- a/fs/ext4/inode.c +++ b/fs/ext4/inode.c @@ -4944,8 +4944,12 @@ struct inode *__ext4_iget(struct super_block *sb, unsigned long ino, inode->i_fop = &ext4_file_operations; ext4_set_aops(inode); } else if (S_ISDIR(inode->i_mode)) { - inode->i_op = &ext4_dir_inode_operations; - inode->i_fop = &ext4_dir_operations; + if (ino == EXT4_BOOT_LOADER_INO) + make_bad_inode(inode);
Marking the boot loader inode as a bad inode here is useless, EXT4_IGET_BAD allows us to get a bad boot loader inode. In my opinion, it doesn't make sense to call lock_two_nondirectories() here to determine if the inode is a regular file or not, since the logic for dealing with non-regular files comes after the locking, so calling lock_two_inodes() directly here will suffice. Merry Christmas! Baokun
+ else { + inode->i_op = &ext4_dir_inode_operations; + inode->i_fop = &ext4_dir_operations; + } } else if (S_ISLNK(inode->i_mode)) { /* VFS does not allow setting these so must be corruption */ if (IS_APPEND(inode) || IS_IMMUTABLE(inode)) {