From: Sasha Levin <sashal@kernel.org>
To: linux-kernel@vger.kernel.org, stable@vger.kernel.org
Cc: Bob Peterson <rpeterso@redhat.com>,
syzbot+c6fd14145e2f62ca0784@syzkaller.appspotmail.com,
Andreas Gruenbacher <agruenba@redhat.com>,
Sasha Levin <sashal@kernel.org>,
cluster-devel@redhat.com
Subject: [PATCH AUTOSEL 5.4 01/17] gfs2: assign rgrp glock before compute_bitstructs
Date: Wed, 6 Apr 2022 21:15:05 -0400 [thread overview]
Message-ID: <20220407011521.115014-1-sashal@kernel.org> (raw)
From: Bob Peterson <rpeterso@redhat.com>
[ Upstream commit 428f651cb80b227af47fc302e4931791f2fb4741 ]
Before this patch, function read_rindex_entry called compute_bitstructs
before it allocated a glock for the rgrp. But if compute_bitstructs found
a problem with the rgrp, it called gfs2_consist_rgrpd, and that called
gfs2_dump_glock for rgd->rd_gl which had not yet been assigned.
read_rindex_entry
compute_bitstructs
gfs2_consist_rgrpd
gfs2_dump_glock <---------rgd->rd_gl was not set.
This patch changes read_rindex_entry so it assigns an rgrp glock before
calling compute_bitstructs so gfs2_dump_glock does not reference an
unassigned pointer. If an error is discovered, the glock must also be
put, so a new goto and label were added.
Reported-by: syzbot+c6fd14145e2f62ca0784@syzkaller.appspotmail.com
Signed-off-by: Bob Peterson <rpeterso@redhat.com>
Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
fs/gfs2/rgrp.c | 9 +++++----
1 file changed, 5 insertions(+), 4 deletions(-)
diff --git a/fs/gfs2/rgrp.c b/fs/gfs2/rgrp.c
index c056ed5c6df3..767d188e5e50 100644
--- a/fs/gfs2/rgrp.c
+++ b/fs/gfs2/rgrp.c
@@ -925,15 +925,15 @@ static int read_rindex_entry(struct gfs2_inode *ip)
rgd->rd_bitbytes = be32_to_cpu(buf.ri_bitbytes);
spin_lock_init(&rgd->rd_rsspin);
- error = compute_bitstructs(rgd);
- if (error)
- goto fail;
-
error = gfs2_glock_get(sdp, rgd->rd_addr,
&gfs2_rgrp_glops, CREATE, &rgd->rd_gl);
if (error)
goto fail;
+ error = compute_bitstructs(rgd);
+ if (error)
+ goto fail_glock;
+
rgd->rd_rgl = (struct gfs2_rgrp_lvb *)rgd->rd_gl->gl_lksb.sb_lvbptr;
rgd->rd_flags &= ~(GFS2_RDF_UPTODATE | GFS2_RDF_PREFERRED);
if (rgd->rd_data > sdp->sd_max_rg_data)
@@ -950,6 +950,7 @@ static int read_rindex_entry(struct gfs2_inode *ip)
}
error = 0; /* someone else read in the rgrp; free it and ignore it */
+fail_glock:
gfs2_glock_put(rgd->rd_gl);
fail:
--
2.35.1
WARNING: multiple messages have this Message-ID (diff)
From: Sasha Levin <sashal@kernel.org>
To: cluster-devel.redhat.com
Subject: [Cluster-devel] [PATCH AUTOSEL 5.4 01/17] gfs2: assign rgrp glock before compute_bitstructs
Date: Wed, 6 Apr 2022 21:15:05 -0400 [thread overview]
Message-ID: <20220407011521.115014-1-sashal@kernel.org> (raw)
A non-text attachment was scrubbed...
Name: not available
Type: application/octet-stream
Size: 2004 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/cluster-devel/attachments/20220406/48cc3156/attachment.obj>
next reply other threads:[~2022-04-07 1:25 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-04-07 1:15 Sasha Levin [this message]
2022-04-07 1:15 ` [Cluster-devel] [PATCH AUTOSEL 5.4 01/17] gfs2: assign rgrp glock before compute_bitstructs Sasha Levin
2022-04-07 1:15 ` [PATCH AUTOSEL 5.4 02/17] rtc: fix use-after-free on device removal Sasha Levin
2022-04-07 1:15 ` [PATCH AUTOSEL 5.4 03/17] um: Cleanup syscall_handler_t definition/cast, fix warning Sasha Levin
2022-04-07 1:15 ` Sasha Levin
2022-04-07 1:15 ` [PATCH AUTOSEL 5.4 04/17] um: port_user: Improve error handling when port-helper is not found Sasha Levin
2022-04-07 1:15 ` Sasha Levin
2022-04-07 1:15 ` [PATCH AUTOSEL 5.4 05/17] Input: add bounds checking to input_set_capability() Sasha Levin
2022-04-07 1:15 ` [PATCH AUTOSEL 5.4 06/17] Input: stmfts - fix reference leak in stmfts_input_open Sasha Levin
2022-04-07 1:15 ` Sasha Levin
2022-04-07 1:15 ` [PATCH AUTOSEL 5.4 07/17] crypto: stm32 - fix reference leak in stm32_crc_remove Sasha Levin
2022-04-07 1:15 ` Sasha Levin
2022-04-07 1:15 ` [PATCH AUTOSEL 5.4 08/17] crypto: x86/chacha20 - Avoid spurious jumps to other functions Sasha Levin
2022-04-07 1:15 ` [PATCH AUTOSEL 5.4 09/17] ALSA: hda/realtek: Enable headset mic on Lenovo P360 Sasha Levin
2022-04-07 1:15 ` Sasha Levin
2022-04-07 1:15 ` [PATCH AUTOSEL 5.4 10/17] nvme-multipath: fix hang when disk goes live over reconnect Sasha Levin
2022-04-07 1:15 ` [PATCH AUTOSEL 5.4 11/17] rtc: mc146818-lib: Fix the AltCentury for AMD platforms Sasha Levin
2022-04-07 1:15 ` [PATCH AUTOSEL 5.4 12/17] MIPS: lantiq: check the return value of kzalloc() Sasha Levin
2022-04-07 1:15 ` [PATCH AUTOSEL 5.4 13/17] drbd: remove usage of list iterator variable after loop Sasha Levin
2022-04-07 1:15 ` [PATCH AUTOSEL 5.4 14/17] platform/chrome: cros_ec_debugfs: detach log reader wq from devm Sasha Levin
2022-04-07 1:15 ` [PATCH AUTOSEL 5.4 15/17] ARM: 9191/1: arm/stacktrace, kasan: Silence KASAN warnings in unwind_frame() Sasha Levin
2022-04-07 1:15 ` Sasha Levin
2022-04-07 1:15 ` [PATCH AUTOSEL 5.4 16/17] nilfs2: fix lockdep warnings in page operations for btree nodes Sasha Levin
2022-04-07 1:15 ` Sasha Levin
2022-04-07 1:15 ` [PATCH AUTOSEL 5.4 17/17] nilfs2: fix lockdep warnings during disk space reclamation Sasha Levin
2022-04-07 1:15 ` Sasha Levin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220407011521.115014-1-sashal@kernel.org \
--to=sashal@kernel.org \
--cc=agruenba@redhat.com \
--cc=cluster-devel@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=rpeterso@redhat.com \
--cc=stable@vger.kernel.org \
--cc=syzbot+c6fd14145e2f62ca0784@syzkaller.appspotmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.