[PATCH v5 0/2] ocfs2: validate xattr entry bounds

Next message: Cen Zhang: "[PATCH v5 2/2] ocfs2: validate external xattr entries when reading metadata"
Previous message: Yousef Alhouseen: "[PATCH] scsi: megaraid: clear ioctl DMA buffers before use"
Next in thread: Cen Zhang: "[PATCH v5 2/2] ocfs2: validate external xattr entries when reading metadata"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Cen Zhang

Date: Thu Jun 25 2026 - 05:02:05 EST

Hi,

This series validates OCFS2 xattr entry name/value bounds when xattr
metadata is read and validated, before getxattr() or listxattr() can
walk out-of-range entry arrays or offsets from corrupted metadata.

Patch 1 validates inline xattrs from ocfs2_validate_inode_block().
Patch 2 reuses the same entry validator for non-indexed xattr blocks
and indexed xattr buckets.

Changes since v4:
- Replace the descriptive string argument with enum
ocfs2_xattr_entry_type.
- Drop the new per-operation full inline-xattr re-check; operation
paths keep their existing ibody header/count lookup, and full
entry bounds validation now runs at inode block read time.
- Simplify corruption messages to rely on the corrupt block number
instead of also naming the xattr storage kind.

Cen Zhang (2):
ocfs2: validate inline xattrs during inode block validation
ocfs2: validate external xattr entries when reading metadata

fs/ocfs2/inode.c | 4 +
fs/ocfs2/xattr.c | 194 +++++++++++++++++++++++++++++++++++++++++++----
fs/ocfs2/xattr.h | 2 +
3 files changed, 187 insertions(+), 13 deletions(-)

--
2.43.0