Re: [f2fs-dev] [PATCH v3] f2fs: validate ACL entry sizes in f2fs_acl_from_disk()

Next message: Xianwei Zhao: "Re: [PATCH RFC 1/2] dt-bindings: pinctl: amlogic,pinctrl-a4: Add gpio irq property"
Previous message: patchwork-bot+f2fs: "Re: [f2fs-dev] [PATCH 1/6] f2fs: fix wrong description in printed log"
In reply to: Chao Yu: "Re: [PATCH v3] f2fs: validate ACL entry sizes in f2fs_acl_from_disk()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: patchwork-bot+f2fs

Date: Mon Jun 15 2026 - 22:51:32 EST

Hello:

This patch was applied to jaegeuk/f2fs.git (dev)
by Jaegeuk Kim <jaegeuk@xxxxxxxxxx>:

On Mon, 15 Jun 2026 15:19:54 +0800 you wrote:
> f2fs_acl_count() only validates the aggregate ACL xattr length. A
> malformed ACL can still place ACL_USER or ACL_GROUP in a slot that only
> contains struct f2fs_acl_entry_short bytes, and f2fs_acl_from_disk()
> then reads entry->e_id before verifying that a full entry fits.
>
> Require a short entry before reading e_tag and e_perm, and require a
> full entry before reading e_id for ACL_USER and ACL_GROUP. Return
> -EFSCORRUPTED from these new truncated-entry checks, while keeping the
> pre-existing -EINVAL paths unchanged.
>
> [...]

Here is the summary with links:
- [f2fs-dev,v3] f2fs: validate ACL entry sizes in f2fs_acl_from_disk()
https://git.kernel.org/jaegeuk/f2fs/c/f3b87155543b

You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html