Re: [PATCH] f2fs: reject non-directory inode in f2fs_get_parent() to prevent null-ptr-deref

Next message: Greg KH: "Re: [PATCH v3] staging: rtl8723bs: remove dead code"
Previous message: Daniel Baluta: "Re: [PATCH 3/3] arm64: dts: freescale: imx93-tqma9352-mba93xxla-mini: Add WLAN/BT overlay"
In reply to: ZhengYuan Huang: "[PATCH] f2fs: reject non-directory inode in f2fs_get_parent() to prevent null-ptr-deref"
Next in thread: ZhengYuan Huang: "Re: [PATCH] f2fs: reject non-directory inode in f2fs_get_parent() to prevent null-ptr-deref"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Greg KH

Date: Wed Mar 18 2026 - 07:39:42 EST

On Wed, Mar 18, 2026 at 05:04:10PM +0800, ZhengYuan Huang wrote:
> [BUG]
> When accessing a crafted f2fs filesystem via open_by_handle_at(2), a
> KASAN null-pointer dereference is triggered deep inside the fscrypt
> inline-encryption path:

Does the f2fs fsck tool catch this issue when run on the corrupted
image?

> The bug is reproducible on next-20260313 with our dynamic
> metadata fuzzing tool that corrupts f2fs metadata at runtime.

That is not a valid threat model, sorry. If you can modify a filesystem
image while it is mounted, this is the least of your worries :)

thanks,

greg k-h