cifs: Validate EAs for WSL reparse points

Major and minor numbers for char and block devices are mandatory for stat.
So check that the WSL EA $LXDEV is present for WSL CHR and BLK reparse
points.

WSL reparse point tag determinate type of the file. But file type is
present also in the WSL EA $LXMOD. So check that both file types are same.

Fixes: 78e26bec4d6d ("smb: client: parse uid, gid, mode and dev from WSL reparse points")
Signed-off-by: Pali Rohár <pali@kernel.org>
Signed-off-by: Steve French <stfrench@microsoft.com>

diff --git a/fs/smb/client/reparse.c b/fs/smb/client/reparse.c
index d88b41133e00c6cabfeeeea068c3e166f25df581..b387dfbaf16b053d16a11c0569c5845ffc9b8eae 100644 (file)
--- a/fs/smb/client/reparse.c
+++ b/fs/smb/client/reparse.c
@@ -747,11 +747,12 @@ int smb2_parse_reparse_point(struct cifs_sb_info *cifs_sb,
        return parse_reparse_point(buf, plen, cifs_sb, full_path, true, data);
 }
 
-static void wsl_to_fattr(struct cifs_open_info_data *data,
+static bool wsl_to_fattr(struct cifs_open_info_data *data,
                         struct cifs_sb_info *cifs_sb,
                         u32 tag, struct cifs_fattr *fattr)
 {
        struct smb2_file_full_ea_info *ea;
+       bool have_xattr_dev = false;
        u32 next = 0;
 
        switch (tag) {
@@ -794,13 +795,24 @@ static void wsl_to_fattr(struct cifs_open_info_data *data,
                        fattr->cf_uid = wsl_make_kuid(cifs_sb, v);
                else if (!strncmp(name, SMB2_WSL_XATTR_GID, nlen))
                        fattr->cf_gid = wsl_make_kgid(cifs_sb, v);
-               else if (!strncmp(name, SMB2_WSL_XATTR_MODE, nlen))
+               else if (!strncmp(name, SMB2_WSL_XATTR_MODE, nlen)) {
+                       /* File type in reparse point tag and in xattr mode must match. */
+                       if (S_DT(fattr->cf_mode) != S_DT(le32_to_cpu(*(__le32 *)v)))
+                               return false;
                        fattr->cf_mode = (umode_t)le32_to_cpu(*(__le32 *)v);
-               else if (!strncmp(name, SMB2_WSL_XATTR_DEV, nlen))
+               } else if (!strncmp(name, SMB2_WSL_XATTR_DEV, nlen)) {
                        fattr->cf_rdev = reparse_mkdev(v);
+                       have_xattr_dev = true;
+               }
        } while (next);
 out:
+
+       /* Major and minor numbers for char and block devices are mandatory. */
+       if (!have_xattr_dev && (tag == IO_REPARSE_TAG_LX_CHR || tag == IO_REPARSE_TAG_LX_BLK))
+               return false;
+
        fattr->cf_dtype = S_DT(fattr->cf_mode);
+       return true;
 }
 
 static bool posix_reparse_to_fattr(struct cifs_sb_info *cifs_sb,
@@ -874,7 +886,9 @@ bool cifs_reparse_point_to_fattr(struct cifs_sb_info *cifs_sb,
        case IO_REPARSE_TAG_AF_UNIX:
        case IO_REPARSE_TAG_LX_CHR:
        case IO_REPARSE_TAG_LX_BLK:
-               wsl_to_fattr(data, cifs_sb, tag, fattr);
+               ok = wsl_to_fattr(data, cifs_sb, tag, fattr);
+               if (!ok)
+                       return false;
                break;
        case IO_REPARSE_TAG_NFS:
                ok = posix_reparse_to_fattr(cifs_sb, fattr, data);