Overview

File 0006-metadump-obfuscate-attrs-on-CRC-fs.patch of Package xfsprogs.5309

From 808533667049246264d804eb0a6c5cd36b0d11f6 Mon Sep 17 00:00:00 2001
From: Eric Sandeen <sandeen@sandeen.net>
Date: Thu, 30 Jul 2015 09:17:43 +1000
Subject: [PATCH 06/20] metadump: obfuscate attrs on CRC fs
References: bsc#939367 CVE-2012-2150

Lots of issues in xfs_metadump obfuscation of extended
attributes with CRC filesystems; this fixes it up.

The main issues are that the headers differ, and the
space in the remote blocks differ.

Tested with a script I'm using to do other metadump
work; I still owe an xfstest for this and other bits.

Signed-off-by: Eric Sandeen <sandeen@redhat.com>
Signed-off-by: Eric Sandeen <sandeen@sandeen.net>
Reviewed-by: Brian Foster <bfoster@redhat.com>
Signed-off-by: Dave Chinner <david@fromorbit.com>
Acked-by: Jan Kara <jack@suse.com>

---
 db/metadump.c | 41 +++++++++++++++++++++++++++--------------
 1 file changed, 27 insertions(+), 14 deletions(-)

diff --git a/db/metadump.c b/db/metadump.c
index 773d18c56cea..ffd1fe1f7288 100644
--- a/db/metadump.c
+++ b/db/metadump.c
@@ -1273,39 +1273,52 @@ add_remote_vals(
 	}
 }
 
+/* Handle remote and leaf attributes */
 static void
 obfuscate_attr_block(
-	char			*block,
-	xfs_dfiloff_t		offset)
+	char				*block,
+	xfs_fileoff_t			offset)
 {
-	xfs_attr_leafblock_t	*leaf;
-	int			i;
-	int			nentries;
-	xfs_attr_leaf_entry_t 	*entry;
-	xfs_attr_leaf_name_local_t *local;
-	xfs_attr_leaf_name_remote_t *remote;
+	struct xfs_attr_leafblock	*leaf;
+	struct xfs_attr3_icleaf_hdr	hdr;
+	int				i;
+	int				nentries;
+	xfs_attr_leaf_entry_t 		*entry;
+	xfs_attr_leaf_name_local_t 	*local;
+	xfs_attr_leaf_name_remote_t 	*remote;
+	__uint32_t			bs = mp->m_sb.sb_blocksize;
+
 
 	leaf = (xfs_attr_leafblock_t *)block;
 
-	if (be16_to_cpu(leaf->hdr.info.magic) != XFS_ATTR_LEAF_MAGIC) {
+	/* Remote attributes - attr3 has XFS_ATTR3_RMT_MAGIC, attr has none */
+	if ((be16_to_cpu(leaf->hdr.info.magic) != XFS_ATTR_LEAF_MAGIC) &&
+	    (be16_to_cpu(leaf->hdr.info.magic) != XFS_ATTR3_LEAF_MAGIC)) {
 		for (i = 0; i < attr_data.remote_val_count; i++) {
-			/* XXX: need to handle CRC headers */
 			if (attr_data.remote_vals[i] == offset)
-				memset(block, 0, XFS_LBSIZE(mp));
+				/* Macros to handle both attr and attr3 */
+				memset(block +
+					(bs - XFS_ATTR3_RMT_BUF_SPACE(mp, bs)),
+				      0, XFS_ATTR3_RMT_BUF_SPACE(mp, bs));
 		}
 		return;
 	}
 
-	nentries = be16_to_cpu(leaf->hdr.count);
+	/* Ok, it's a leaf - get header; accounts for crc & non-crc */
+	xfs_attr3_leaf_hdr_from_disk(&hdr, leaf);
+
+	nentries = hdr.count;
 	if (nentries * sizeof(xfs_attr_leaf_entry_t) +
-			sizeof(xfs_attr_leaf_hdr_t) > XFS_LBSIZE(mp)) {
+			xfs_attr3_leaf_hdr_size(leaf) >
+				XFS_ATTR3_RMT_BUF_SPACE(mp, bs)) {
 		if (show_warnings)
 			print_warning("invalid attr count in inode %llu",
 					(long long)cur_ino);
 		return;
 	}
 
-	for (i = 0, entry = &leaf->entries[0]; i < nentries; i++, entry++) {
+	entry = xfs_attr3_leaf_entryp(leaf);
+	for (i = 0; i < nentries; i++, entry++) {
 		if (be16_to_cpu(entry->nameidx) > XFS_LBSIZE(mp)) {
 			if (show_warnings)
 				print_warning(
-- 
2.1.4
openSUSE Build Service is sponsored by
Places