udf: disallow RW mount without valid integrity descriptor Refuse to mount a volume read-write without a coherent Logical Volume Integrity Descriptor, because we can't generate truly unique IDs without one. This fixes a bug where all inodes created on a UDF filesystem following mount without a coherent LVID are assigned unique ID 0 which can then confuse other UDF implementations. Signed-off-by: Steven J. Magnani <steve@digidescorp.com> Signed-off-by: Jan Kara <jack@suse.cz>

commit: 4f5edd82eb375f0e949192ac5a0b42858356e05d [log] [tgz]
author: Steve Magnani <steve.magnani@digidescorp.com> Mon Feb 11 08:24:38 2019 -0600
committer: Jan Kara <jack@suse.cz> Mon Feb 11 18:31:35 2019 +0100
tree: 3ea5e479fe38b1688f574a4db8fd002ee8801713
parent: e8b4274735e416621cfb28c2802b4ad52da35d0f [diff]
diff --git a/fs/udf/super.c b/fs/udf/super.c
index 2cf435c..a6940d9 100644
--- a/fs/udf/super.c
+++ b/fs/udf/super.c

@@ -1474,6 +1474,17 @@ static int udf_load_logicalvol(struct super_block *sb, sector_t block,
 	if (lvd->integritySeqExt.extLength)
 		udf_load_logicalvolint(sb, leea_to_cpu(lvd->integritySeqExt));
 	ret = 0;
+
+	if (!sbi->s_lvid_bh) {
+		/* We can't generate unique IDs without a valid LVID */
+		if (sb_rdonly(sb)) {
+			UDF_SET_FLAG(sb, UDF_FLAG_RW_INCOMPAT);
+		} else {
+			udf_warn(sb, "Damaged or missing LVID, forcing "
+				     "readonly mount\n");
+			ret = -EACCES;
+		}
+	}
 out_bh:
 	brelse(bh);
 	return ret;
commit	4f5edd82eb375f0e949192ac5a0b42858356e05d	[log] [tgz]
author	Steve Magnani <steve.magnani@digidescorp.com>	Mon Feb 11 08:24:38 2019 -0600
committer	Jan Kara <jack@suse.cz>	Mon Feb 11 18:31:35 2019 +0100
tree	3ea5e479fe38b1688f574a4db8fd002ee8801713
parent	e8b4274735e416621cfb28c2802b4ad52da35d0f [diff]