Received: by 2002:a05:6359:c8b:b0:c7:702f:21d4 with SMTP id go11csp162272rwb;
        Wed, 21 Sep 2022 19:37:23 -0700 (PDT)
X-Google-Smtp-Source: AMsMyM6jMFvlQwZshVwTTlCBk+7oDw1n1VWOqyiwIz7SXhVLS/oKJfpDLMJhIHVNx1McKO1cTy+Z
X-Received: by 2002:a17:90b:384f:b0:202:e1b9:5921 with SMTP id nl15-20020a17090b384f00b00202e1b95921mr13009255pjb.130.1663814243046;
        Wed, 21 Sep 2022 19:37:23 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1663814243; cv=none;
        d=google.com; s=arc-20160816;
        b=VcVzwlBPqo4GLuZQEqUkvD2K4kUQiaF+ONlkzUgD39Tsc856AaaaFxb9l+aD5+Tujr
         MgeB0GO0e/yp1EEsP8/vIDBkDxAKTQVzWXeTCPgkbOr/8VdWazcL4NAlTLWqnOrsFcsn
         P/epm5ktujiTdCeVCZZwqifVp8WyszGBC+qTyi05uildCCVQIIUYPxu4qvjB6FGvWZZt
         i8jcaNj7g6jBChBfynAE4JH077JEeItjqWJW3hqTmPxGDi9Y016m6gv/KYnwG9Frg6xP
         0sPolREowfi/nLR0/oS6VHUs1gFjCxPx1SxiouSUi1jDscOc7dJN9uHImMi4Y7z9RHlH
         lXDA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:in-reply-to:from
         :references:cc:to:content-language:subject:user-agent:mime-version
         :date:message-id:dkim-signature;
        bh=Ny+q5DoJI/hBJoiZgUrJz7sNYbSXBW4CVRac03vjAOE=;
        b=jQEcr8fCQvpQxpMz5fjLuVUHZh28iZA3igktFUgq2g2BICCUnbmzaQumyEqbXmSeMl
         Of+g9PdFlm4JrvM7qjIkIC6Dzu9OOyDWX/BWgnEMhlHsruZJgUjegP3bA1i1BshUof2d
         k95RfsgMZ/aYQNbA6F+QIMx2VrYMzCklgo6xrIq6EpKrTVJfKL9YfYItdbSDAQ3D7hgp
         5PiLC7Lka32/lgJc8j8YbCi6RMbrgR/cx7QSN9RjHQ6YSzbS/xLzrwDiOPGglwNfmdrl
         kxi8U9hvP8EqB8YxHd/lerx99NW7moHkKEZU5YDGWp8o3Q+3OcPYa+LWZsjSGUMES89I
         pk7A==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b=P2BbwMgG;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id a1-20020a170902ecc100b001769b63ec65si5837542plh.483.2022.09.21.19.37.04;
        Wed, 21 Sep 2022 19:37:23 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@kernel.org header.s=k20201202 header.b=P2BbwMgG;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S230263AbiIVBy0 (ORCPT <rfc822;andrey.bzh.r@gmail.com>
        + 99 others); Wed, 21 Sep 2022 21:54:26 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51770 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S229909AbiIVByX (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 21 Sep 2022 21:54:23 -0400
Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D2A1DA99EA
        for <linux-kernel@vger.kernel.org>; Wed, 21 Sep 2022 18:54:22 -0700 (PDT)
Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140])
        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
        (No client certificate requested)
        by dfw.source.kernel.org (Postfix) with ESMTPS id 2778F62E03
        for <linux-kernel@vger.kernel.org>; Thu, 22 Sep 2022 01:54:21 +0000 (UTC)
Received: by smtp.kernel.org (Postfix) with ESMTPSA id 8E545C433D6;
        Thu, 22 Sep 2022 01:54:19 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
        s=k20201202; t=1663811660;
        bh=daKmN7uJuDeH1R9QVXhts08inJKQ5l61NyNLAVl0mw8=;
        h=Date:Subject:To:Cc:References:From:In-Reply-To:From;
        b=P2BbwMgGbIs43cgBkNNo0FkR8WQutLBQUetMagrS+69fFNB11WgGFnCchJ3YWd3c1
         jvhTnp5j4u6fQrPODLUgmdpe3VdY0S8vexR7eoQbKpMy++YSfAhoPi1vSBdwCO7M3D
         qPkZPQ/5MnRy1KoUJL13g39/9HY8rKPWA7PftAYKIGNIAMgcD2wQREmlIk/Y7oT6ci
         JGMgDxaIpd75TtxD/xz7E5aenj2kwR6ftOvRVnVtgD4P2/ilCOISRSyAFoM6A8DEur
         TOvX33449C40W6rKb3q7kYC0ETljarGWcl/rOI6JFIfi7e8nUV9QJitfmAGQpZb3ps
         RiCY75RhVNw8A==
Message-ID: <44a1eca6-568b-a752-ef01-06de489eb466@kernel.org>
Date:   Thu, 22 Sep 2022 09:54:16 +0800
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101
 Thunderbird/91.13.0
Subject: Re: [PATCH v3] f2fs: fix to detect corrupted meta ino
Content-Language: en-US
To:     jaegeuk@kernel.org
Cc:     linux-f2fs-devel@lists.sourceforge.net,
        linux-kernel@vger.kernel.org
References: <20220913074812.2300528-1-chao@kernel.org>
From:   Chao Yu <chao@kernel.org>
In-Reply-To: <20220913074812.2300528-1-chao@kernel.org>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
X-Spam-Status: No, score=-10.8 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
        DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,NICE_REPLY_A,
        RCVD_IN_DNSWL_HI,SPF_HELO_NONE,SPF_PASS autolearn=ham
        autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Ping,

On 2022/9/13 15:48, Chao Yu wrote:
> It is possible that ino of dirent or orphan inode is corrupted in a
> fuzzed image, occasionally, if corrupted ino is equal to meta ino:
> meta_ino, node_ino or compress_ino, caller of f2fs_iget() from below
> call paths will get meta inode directly, it's not allowed, let's
> add sanity check to detect such cases.
> 
> case #1
> - recover_dentry
>   - __f2fs_find_entry
>   - f2fs_iget_retry
> 
> case #2
> - recover_orphan_inode
>   - f2fs_iget_retry
> 
> Signed-off-by: Chao Yu <chao@kernel.org>
> ---
> v3:
> - update commit title/message
> - change logic inside f2fs_iget() rather than its caller
>   fs/f2fs/inode.c | 25 ++++++++++++++++++-------
>   1 file changed, 18 insertions(+), 7 deletions(-)
> 
> diff --git a/fs/f2fs/inode.c b/fs/f2fs/inode.c
> index cde0a3dc80c3..1baac6056733 100644
> --- a/fs/f2fs/inode.c
> +++ b/fs/f2fs/inode.c
> @@ -487,6 +487,12 @@ static int do_read_inode(struct inode *inode)
>   	return 0;
>   }
>   
> +static bool is_meta_ino(struct f2fs_sb_info *sbi, unsigned int ino)
> +{
> +	return ino == F2FS_NODE_INO(sbi) || ino == F2FS_META_INO(sbi) ||
> +		ino == F2FS_COMPRESS_INO(sbi);
> +}
> +
>   struct inode *f2fs_iget(struct super_block *sb, unsigned long ino)
>   {
>   	struct f2fs_sb_info *sbi = F2FS_SB(sb);
> @@ -497,17 +503,22 @@ struct inode *f2fs_iget(struct super_block *sb, unsigned long ino)
>   	if (!inode)
>   		return ERR_PTR(-ENOMEM);
>   
> +	if (is_meta_ino(sbi, ino)) {
> +		if (!(inode->i_state & I_NEW)) {
> +			f2fs_err(sbi, "detect corrupted inode no:%lu, run fsck to repair", ino);
> +			set_sbi_flag(sbi, SBI_NEED_FSCK);
> +			ret = -EFSCORRUPTED;
> +			trace_f2fs_iget_exit(inode, ret);
> +			iput(inode);
> +			return ERR_PTR(ret);
> +		}
> +		goto make_now;
> +	}
> +
>   	if (!(inode->i_state & I_NEW)) {
>   		trace_f2fs_iget(inode);
>   		return inode;
>   	}
> -	if (ino == F2FS_NODE_INO(sbi) || ino == F2FS_META_INO(sbi))
> -		goto make_now;
> -
> -#ifdef CONFIG_F2FS_FS_COMPRESSION
> -	if (ino == F2FS_COMPRESS_INO(sbi))
> -		goto make_now;
> -#endif
>   
>   	ret = do_read_inode(inode);
>   	if (ret)