* [4.14.y][PATCH 1/2] kernfs: deal with kernfs_fill_super() failures
@ 2021-06-22 21:06 Guilherme G. Piccoli
2021-06-22 21:06 ` [4.14.y][PATCH 2/2] unfuck sysfs_mount() Guilherme G. Piccoli
0 siblings, 1 reply; 4+ messages in thread
From: Guilherme G. Piccoli @ 2021-06-22 21:06 UTC (permalink / raw)
To: stable; +Cc: gpiccoli, viro
From: Al Viro <viro@zeniv.linux.org.uk>
commit 82382acec0c97b91830fff7130d0acce4ac4f3f3 upstream.
make sure that info->node is initialized early, so that kernfs_kill_sb()
can list_del() it safely.
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Guilherme G. Piccoli <gpiccoli@canonical.com>
---
Hey Al, is there any reason for the absence of this patch in the stable
kernels? We had a report of a crash (NULL-ptr dereference) that seems to be
fixed by this patch - if there isn't a reason, I'd like to propose this one
to be merged on 4.14.y . I've build-tested in x86-64 with defconfig.
Thanks in advance,
Guilherme
fs/kernfs/mount.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/fs/kernfs/mount.c b/fs/kernfs/mount.c
index 5019058e0f6a..610267585f8f 100644
--- a/fs/kernfs/mount.c
+++ b/fs/kernfs/mount.c
@@ -320,6 +320,7 @@ struct dentry *kernfs_mount_ns(struct file_system_type *fs_type, int flags,
info->root = root;
info->ns = ns;
+ INIT_LIST_HEAD(&info->node);
sb = sget_userns(fs_type, kernfs_test_super, kernfs_set_super, flags,
&init_user_ns, info);
--
2.31.1
^ permalink raw reply related [flat|nested] 4+ messages in thread
* [4.14.y][PATCH 2/2] unfuck sysfs_mount()
2021-06-22 21:06 [4.14.y][PATCH 1/2] kernfs: deal with kernfs_fill_super() failures Guilherme G. Piccoli
@ 2021-06-22 21:06 ` Guilherme G. Piccoli
2021-06-23 14:57 ` Greg KH
0 siblings, 1 reply; 4+ messages in thread
From: Guilherme G. Piccoli @ 2021-06-22 21:06 UTC (permalink / raw)
To: stable; +Cc: gpiccoli, viro
From: Al Viro <viro@zeniv.linux.org.uk>
commit 7b745a4e4051e1bbce40e0b1c2cf636c70583aa4 upstream.
new_sb is left uninitialized in case of early failures in kernfs_mount_ns(),
and while IS_ERR(root) is true in all such cases, using IS_ERR(root) || !new_sb
is not a solution - IS_ERR(root) is true in some cases when new_sb is true.
Make sure new_sb is initialized (and matches the reality) in all cases and
fix the condition for dropping kobj reference - we want it done precisely
in those situations where the reference has not been transferred into a new
super_block instance.
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Guilherme G. Piccoli <gpiccoli@canonical.com>
---
I'd like to protest this patch title heheh
But I think it's better to keep consistency with upstream. It's the same
case as patch 1 of the series, no clear reason for its absence in stable.
Build-tested on x86-64 with defconfig.
Thanks,
Guilherme
fs/sysfs/mount.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/fs/sysfs/mount.c b/fs/sysfs/mount.c
index 20b8f82e115b..2bbe84d9c0a8 100644
--- a/fs/sysfs/mount.c
+++ b/fs/sysfs/mount.c
@@ -28,7 +28,7 @@ static struct dentry *sysfs_mount(struct file_system_type *fs_type,
{
struct dentry *root;
void *ns;
- bool new_sb;
+ bool new_sb = false;
if (!(flags & MS_KERNMOUNT)) {
if (!kobj_ns_current_may_mount(KOBJ_NS_TYPE_NET))
@@ -38,9 +38,9 @@ static struct dentry *sysfs_mount(struct file_system_type *fs_type,
ns = kobj_ns_grab_current(KOBJ_NS_TYPE_NET);
root = kernfs_mount_ns(fs_type, flags, sysfs_root,
SYSFS_MAGIC, &new_sb, ns);
- if (IS_ERR(root) || !new_sb)
+ if (!new_sb)
kobj_ns_drop(KOBJ_NS_TYPE_NET, ns);
- else if (new_sb)
+ else if (!IS_ERR(root))
root->d_sb->s_iflags |= SB_I_USERNS_VISIBLE;
return root;
--
2.31.1
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [4.14.y][PATCH 2/2] unfuck sysfs_mount()
2021-06-22 21:06 ` [4.14.y][PATCH 2/2] unfuck sysfs_mount() Guilherme G. Piccoli
@ 2021-06-23 14:57 ` Greg KH
2021-06-23 15:11 ` Guilherme Piccoli
0 siblings, 1 reply; 4+ messages in thread
From: Greg KH @ 2021-06-23 14:57 UTC (permalink / raw)
To: Guilherme G. Piccoli; +Cc: stable, viro
On Tue, Jun 22, 2021 at 06:06:22PM -0300, Guilherme G. Piccoli wrote:
> From: Al Viro <viro@zeniv.linux.org.uk>
>
> commit 7b745a4e4051e1bbce40e0b1c2cf636c70583aa4 upstream.
>
> new_sb is left uninitialized in case of early failures in kernfs_mount_ns(),
> and while IS_ERR(root) is true in all such cases, using IS_ERR(root) || !new_sb
> is not a solution - IS_ERR(root) is true in some cases when new_sb is true.
>
> Make sure new_sb is initialized (and matches the reality) in all cases and
> fix the condition for dropping kobj reference - we want it done precisely
> in those situations where the reference has not been transferred into a new
> super_block instance.
>
> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
> Signed-off-by: Guilherme G. Piccoli <gpiccoli@canonical.com>
> ---
>
> I'd like to protest this patch title heheh
> But I think it's better to keep consistency with upstream. It's the same
> case as patch 1 of the series, no clear reason for its absence in stable.
> Build-tested on x86-64 with defconfig.
Both now queued up, thanks.
greg k-h
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [4.14.y][PATCH 2/2] unfuck sysfs_mount()
2021-06-23 14:57 ` Greg KH
@ 2021-06-23 15:11 ` Guilherme Piccoli
0 siblings, 0 replies; 4+ messages in thread
From: Guilherme Piccoli @ 2021-06-23 15:11 UTC (permalink / raw)
To: Greg KH; +Cc: # v4 . 16+, Al Viro
Thanks a lot Greg!
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2021-06-23 15:12 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-06-22 21:06 [4.14.y][PATCH 1/2] kernfs: deal with kernfs_fill_super() failures Guilherme G. Piccoli
2021-06-22 21:06 ` [4.14.y][PATCH 2/2] unfuck sysfs_mount() Guilherme G. Piccoli
2021-06-23 14:57 ` Greg KH
2021-06-23 15:11 ` Guilherme Piccoli
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.