• Theodore Ts'o's avatar
    ext4: avoid hang when mounting non-journal filesystems with orphan list · 0e9a9a1a
    Theodore Ts'o authored
    When trying to mount a file system which does not contain a journal,
    but which does have a orphan list containing an inode which needs to
    be truncated, the mount call with hang forever in
    ext4_orphan_cleanup() because ext4_orphan_del() will return
    immediately without removing the inode from the orphan list, leading
    to an uninterruptible loop in kernel code which will busy out one of
    the CPU's on the system.
    
    This can be trivially reproduced by trying to mount the file system
    found in tests/f_orphan_extents_inode/image.gz from the e2fsprogs
    source tree.  If a malicious user were to put this on a USB stick, and
    mount it on a Linux desktop which has automatic mounts enabled, this
    could be considered a potential denial of service attack.  (Not a big
    deal in practice, but professional paranoids worry about such things,
    and have even been known to allocate CVE numbers for such problems.)
    Signed-off-by: default avatar"Theodore Ts'o" <tytso@mit.edu>
    Reviewed-by: default avatarZheng Liu <wenqing.lz@taobao.com>
    Cc: stable@vger.kernel.org
    0e9a9a1a
namei.c 86.2 KB