The EXT2_IOC_SETCOMPRMETHOD ioctl doesn't check that
S_ISREG(inode->i_mode) before setting EXT2_DIRTY_FL and
EXT2_CLEANUP_FL (when changing from "defer" method) or
before calling ext2_decompress_inode (when changing to
"never" method). This is just asking for trouble.
Fortunately a horrible accident is avoided in the
latter case because EXT2_COMPRBLK_FL is clear. In the
former case, however, a directory can acquire
EXT2_DIRTY_FL, and pass it on to files created in that
directory. If CONFIG_GZ_HACK is in use, this can
result in .gz/.bz2 files with EXT2_COMPR_FL clear and
Fix: Add S_ISREG(inode->i_mode) checks in relevant
parts of the EXT2_IOC_SETCOMPRMETHOD handler in ioctl.c.
Log in to post a comment.