From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id ECEFBC352B6 for ; Tue, 5 Apr 2022 08:19:17 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234391AbiDEINB (ORCPT ); Tue, 5 Apr 2022 04:13:01 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57658 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233975AbiDEH5y (ORCPT ); Tue, 5 Apr 2022 03:57:54 -0400 Received: from ams.source.kernel.org (ams.source.kernel.org [IPv6:2604:1380:4601:e00::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 08AA1939AF; Tue, 5 Apr 2022 00:51:43 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ams.source.kernel.org (Postfix) with ESMTPS id 75897B81B90; Tue, 5 Apr 2022 07:51:43 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id D6806C3410F; Tue, 5 Apr 2022 07:51:41 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1649145102; bh=oHVFxPkpSQYF4vQXl0hmS/0XMzT+M/SqED4Ids4AGWo=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=vwo6vvNLrKYJYz7AOc6FI2StfYu5A+mFjpZT5qyN9XR6QSIw8pCC3MS3AurrevFGK wHDKzlOLBSRNaEKSKlB+ONMS+JCsJatSXrF05o9w7HK6QAA02Re08Hbx+BO/FjWuhm xbqSiqfLY5Nzu8c7SrYIbfIxuMZOA/uQTuo/KWc0= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Dongliang Mu , Gao Xiang , Chao Yu , Sasha Levin Subject: [PATCH 5.17 0285/1126] fs: erofs: add sanity check for kobject in erofs_unregister_sysfs Date: Tue, 5 Apr 2022 09:17:12 +0200 Message-Id: <20220405070415.978906974@linuxfoundation.org> X-Mailer: git-send-email 2.35.1 In-Reply-To: <20220405070407.513532867@linuxfoundation.org> References: <20220405070407.513532867@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Dongliang Mu [ Upstream commit a942da24abc5839c11a8fc2a4b7cb268ea94ba54 ] Syzkaller hit 'WARNING: kobject bug in erofs_unregister_sysfs'. This bug is triggered by injecting fault in kobject_init_and_add of erofs_unregister_sysfs. Fix this by adding sanity check for kobject in erofs_unregister_sysfs Note that I've tested the patch and the crash does not occur any more. Link: https://lore.kernel.org/r/20220315132814.12332-1-dzm91@hust.edu.cn Signed-off-by: Dongliang Mu Fixes: 168e9a76200c ("erofs: add sysfs interface") Reviewed-by: Gao Xiang Reviewed-by: Chao Yu Signed-off-by: Gao Xiang Signed-off-by: Sasha Levin --- fs/erofs/sysfs.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/fs/erofs/sysfs.c b/fs/erofs/sysfs.c index dac252bc9228..f3babf1e6608 100644 --- a/fs/erofs/sysfs.c +++ b/fs/erofs/sysfs.c @@ -221,9 +221,11 @@ void erofs_unregister_sysfs(struct super_block *sb) { struct erofs_sb_info *sbi = EROFS_SB(sb); - kobject_del(&sbi->s_kobj); - kobject_put(&sbi->s_kobj); - wait_for_completion(&sbi->s_kobj_unregister); + if (sbi->s_kobj.state_in_sysfs) { + kobject_del(&sbi->s_kobj); + kobject_put(&sbi->s_kobj); + wait_for_completion(&sbi->s_kobj_unregister); + } } int __init erofs_init_sysfs(void) -- 2.34.1