From: Sasha Levin <sashal@kernel.org>
To: linux-kernel@vger.kernel.org, stable@vger.kernel.org
Cc: Chao Yu <chao@kernel.org>, Jaegeuk Kim <jaegeuk@kernel.org>,
Sasha Levin <sashal@kernel.org>,
linux-f2fs-devel@lists.sourceforge.net
Subject: [PATCH AUTOSEL 5.15 17/21] f2fs: fix to detect corrupted meta ino
Date: Mon, 17 Oct 2022 20:09:36 -0400 [thread overview]
Message-ID: <20221018000940.2731329-17-sashal@kernel.org> (raw)
In-Reply-To: <20221018000940.2731329-1-sashal@kernel.org>
From: Chao Yu <chao@kernel.org>
[ Upstream commit fcc2d8cc96b2f6141bbbe5b1e8953db990794b44 ]
It is possible that ino of dirent or orphan inode is corrupted in a
fuzzed image, occasionally, if corrupted ino is equal to meta ino:
meta_ino, node_ino or compress_ino, caller of f2fs_iget() from below
call paths will get meta inode directly, it's not allowed, let's
add sanity check to detect such cases.
case #1
- recover_dentry
- __f2fs_find_entry
- f2fs_iget_retry
case #2
- recover_orphan_inode
- f2fs_iget_retry
Signed-off-by: Chao Yu <chao@kernel.org>
Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
fs/f2fs/inode.c | 21 ++++++++++++++++-----
1 file changed, 16 insertions(+), 5 deletions(-)
diff --git a/fs/f2fs/inode.c b/fs/f2fs/inode.c
index bd8960f4966b..cc91bcebd2ca 100644
--- a/fs/f2fs/inode.c
+++ b/fs/f2fs/inode.c
@@ -480,6 +480,12 @@ static int do_read_inode(struct inode *inode)
return 0;
}
+static bool is_meta_ino(struct f2fs_sb_info *sbi, unsigned int ino)
+{
+ return ino == F2FS_NODE_INO(sbi) || ino == F2FS_META_INO(sbi) ||
+ ino == F2FS_COMPRESS_INO(sbi);
+}
+
struct inode *f2fs_iget(struct super_block *sb, unsigned long ino)
{
struct f2fs_sb_info *sbi = F2FS_SB(sb);
@@ -491,16 +497,21 @@ struct inode *f2fs_iget(struct super_block *sb, unsigned long ino)
return ERR_PTR(-ENOMEM);
if (!(inode->i_state & I_NEW)) {
+ if (is_meta_ino(sbi, ino)) {
+ f2fs_err(sbi, "inaccessible inode: %lu, run fsck to repair", ino);
+ set_sbi_flag(sbi, SBI_NEED_FSCK);
+ ret = -EFSCORRUPTED;
+ trace_f2fs_iget_exit(inode, ret);
+ iput(inode);
+ return ERR_PTR(ret);
+ }
+
trace_f2fs_iget(inode);
return inode;
}
- if (ino == F2FS_NODE_INO(sbi) || ino == F2FS_META_INO(sbi))
- goto make_now;
-#ifdef CONFIG_F2FS_FS_COMPRESSION
- if (ino == F2FS_COMPRESS_INO(sbi))
+ if (is_meta_ino(sbi, ino))
goto make_now;
-#endif
ret = do_read_inode(inode);
if (ret)
--
2.35.1
next prev parent reply other threads:[~2022-10-18 0:15 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-10-18 0:09 [PATCH AUTOSEL 5.15 01/21] crypto: qcom-rng - Fix qcom_rng_of_match unused warning Sasha Levin
2022-10-18 0:09 ` [PATCH AUTOSEL 5.15 02/21] crypto: ccp - Add a quirk to firmware update Sasha Levin
2022-10-18 0:09 ` [PATCH AUTOSEL 5.15 03/21] gfs2: Switch from strlcpy to strscpy Sasha Levin
2022-10-18 0:09 ` [PATCH AUTOSEL 5.15 04/21] powerpc/hw_breakpoint: Avoid relying on caller synchronization Sasha Levin
2022-10-18 0:09 ` [PATCH AUTOSEL 5.15 05/21] cgroup: Remove data-race around cgrp_dfl_visible Sasha Levin
2022-10-18 0:09 ` [PATCH AUTOSEL 5.15 06/21] of/fdt: Don't calculate initrd size from DT if start > end Sasha Levin
2022-10-18 0:09 ` [PATCH AUTOSEL 5.15 07/21] objtool,x86: Teach decode about LOOP* instructions Sasha Levin
2022-10-18 0:09 ` [PATCH AUTOSEL 5.15 08/21] locking/rwsem: Disable preemption while trying for rwsem lock Sasha Levin
2022-10-18 0:09 ` [PATCH AUTOSEL 5.15 09/21] gfs2: Check sb_bsize_shift after reading superblock Sasha Levin
2022-10-18 0:09 ` [PATCH AUTOSEL 5.15 10/21] powerpc/64: don't refer nr_cpu_ids in asm code when it's undefined Sasha Levin
2022-10-18 0:09 ` [PATCH AUTOSEL 5.15 11/21] m68knommu: fix non-specific 68328 choice interrupt build failure Sasha Levin
2022-10-18 0:09 ` [PATCH AUTOSEL 5.15 12/21] m68knommu: fix non-mmu classic 68000 legacy timer tick selection Sasha Levin
2022-10-18 0:09 ` [PATCH AUTOSEL 5.15 13/21] of: Fix "dma-ranges" handling for bus controllers Sasha Levin
2022-10-18 0:09 ` [PATCH AUTOSEL 5.15 14/21] x86/hyperv: Replace kmap() with kmap_local_page() Sasha Levin
2022-10-18 0:09 ` [PATCH AUTOSEL 5.15 15/21] kmsan: disable instrumentation of unsupported common kernel code Sasha Levin
2022-10-18 0:09 ` [PATCH AUTOSEL 5.15 16/21] kmsan: disable physical page merging in biovec Sasha Levin
2022-10-18 0:09 ` Sasha Levin [this message]
2022-10-18 0:09 ` [PATCH AUTOSEL 5.15 18/21] 9p: trans_fd/p9_conn_cancel: drop client lock earlier Sasha Levin
2022-10-18 0:09 ` [PATCH AUTOSEL 5.15 19/21] 9p/trans_fd: always use O_NONBLOCK read/write Sasha Levin
2022-10-18 0:09 ` [PATCH AUTOSEL 5.15 20/21] net/9p: use a dedicated spinlock for trans_fd Sasha Levin
2022-10-18 0:09 ` [PATCH AUTOSEL 5.15 21/21] virtio_pci: don't try to use intxif pin is zero Sasha Levin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20221018000940.2731329-17-sashal@kernel.org \
--to=sashal@kernel.org \
--cc=chao@kernel.org \
--cc=jaegeuk@kernel.org \
--cc=linux-f2fs-devel@lists.sourceforge.net \
--cc=linux-kernel@vger.kernel.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox