[f2fs-dev] [PATCH 1/2] f2fs: fix to do sanity check on node folio during its writeback

Fri, 17 Oct 2025 18:25:57 -0700 

Add more sanity check on node folio during its writeback, if node footer
indicates it is an inode:
- i_mode should be consistent w/ inode
- ofs_of_node should be consistent w/ non-xattr node

In addition, if sanity check fails, let's shutdown filesystem to avoid
looping to redirty and writeback it.

Cc: [email protected]
Signed-off-by: Chao Yu <[email protected]>
---
 fs/f2fs/node.c | 29 +++++++++++++++++++++++++----
 1 file changed, 25 insertions(+), 4 deletions(-)

diff --git a/fs/f2fs/node.c b/fs/f2fs/node.c
index 482a362f2625..2bb9e6d35080 100644
--- a/fs/f2fs/node.c
+++ b/fs/f2fs/node.c
@@ -1504,20 +1504,37 @@ static int sanity_check_node_footer(struct f2fs_sb_info 
*sbi,
                                        struct folio *folio, pgoff_t nid,
                                        enum node_type ntype)
 {
+       bool is_inode;
+
        if (unlikely(nid != nid_of_node(folio)))
                goto out_err;
 
+       is_inode = IS_INODE(folio);
+
        switch (ntype) {
+       case NODE_TYPE_REGULAR:
+               if (is_inode) {
+                       umode_t m = le16_to_cpu(F2FS_INODE(folio)->i_mode);
+
+                       if (!S_ISLNK(m) && !S_ISREG(m) && !S_ISDIR(m) &&
+                               !S_ISCHR(m) && !S_ISBLK(m) && !S_ISFIFO(m) &&
+                               !S_ISSOCK(m))
+                               goto out_err;
+
+                       if (f2fs_has_xattr_block(ofs_of_node(folio)))
+                               goto out_err;
+               }
+               break;
        case NODE_TYPE_INODE:
-               if (!IS_INODE(folio))
+               if (!is_inode)
                        goto out_err;
                break;
        case NODE_TYPE_XATTR:
-               if (!f2fs_has_xattr_block(ofs_of_node(folio)))
+               if (is_inode || !f2fs_has_xattr_block(ofs_of_node(folio)))
                        goto out_err;
                break;
        case NODE_TYPE_NON_INODE:
-               if (IS_INODE(folio))
+               if (is_inode)
                        goto out_err;
                break;
        default:
@@ -1751,7 +1768,11 @@ static bool __write_node_folio(struct folio *folio, bool 
atomic, bool *submitted
 
        /* get old block addr of this node page */
        nid = nid_of_node(folio);
-       f2fs_bug_on(sbi, folio->index != nid);
+
+       if (sanity_check_node_footer(sbi, folio, nid, NODE_TYPE_REGULAR)) {
+               f2fs_handle_critical_error(sbi, STOP_CP_REASON_CORRUPTED_NID);
+               goto redirty_out;
+       }
 
        if (f2fs_get_node_info(sbi, nid, &ni, !do_balance))
                goto redirty_out;
-- 
2.49.0



_______________________________________________
Linux-f2fs-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel

Reply via email to