* [PATCH][next] null_blk: Fix null pointer dereference on nullb->disk on blk_cleanup_disk call
@ 2021-06-02 10:06 Colin King
2021-06-03 0:00 ` Chaitanya Kulkarni
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: Colin King @ 2021-06-02 10:06 UTC (permalink / raw)
To: Jens Axboe, Damien Le Moal, Christoph Hellwig, Ulf Hansson, linux-block
Cc: kernel-janitors, linux-kernel
From: Colin Ian King <colin.king@canonical.com>
The error handling on a nullb->disk allocation currently jumps to
out_cleanup_disk that calls blk_cleanup_disk with a null pointer causing
a null pointer dereference issue. Fix this by jumping to out_cleanup_tags
instead.
Addresses-Coverity: ("Dereference after null check")
Fixes: 132226b301b5 ("null_blk: convert to blk_alloc_disk/blk_cleanup_disk")
Signed-off-by: Colin Ian King <colin.king@canonical.com>
---
drivers/block/null_blk/main.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/block/null_blk/main.c b/drivers/block/null_blk/main.c
index d8e098f1e5b5..83d803cb57c8 100644
--- a/drivers/block/null_blk/main.c
+++ b/drivers/block/null_blk/main.c
@@ -1856,7 +1856,7 @@ static int null_add_dev(struct nullb_device *dev)
goto out_cleanup_tags;
nullb->disk = alloc_disk_node(1, nullb->dev->home_node);
if (!nullb->disk)
- goto out_cleanup_disk;
+ goto out_cleanup_tags;
nullb->disk->queue = nullb->q;
} else if (dev->queue_mode == NULL_Q_BIO) {
rv = -ENOMEM;
--
2.31.1
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH][next] null_blk: Fix null pointer dereference on nullb->disk on blk_cleanup_disk call
2021-06-02 10:06 [PATCH][next] null_blk: Fix null pointer dereference on nullb->disk on blk_cleanup_disk call Colin King
@ 2021-06-03 0:00 ` Chaitanya Kulkarni
2021-06-03 5:48 ` Christoph Hellwig
2021-06-03 15:54 ` Jens Axboe
2 siblings, 0 replies; 4+ messages in thread
From: Chaitanya Kulkarni @ 2021-06-03 0:00 UTC (permalink / raw)
To: Colin King, Jens Axboe, Damien Le Moal, Christoph Hellwig,
Ulf Hansson, linux-block
Cc: kernel-janitors, linux-kernel
On 6/2/21 03:07, Colin King wrote:
> From: Colin Ian King <colin.king@canonical.com>
>
> The error handling on a nullb->disk allocation currently jumps to
> out_cleanup_disk that calls blk_cleanup_disk with a null pointer causing
> a null pointer dereference issue. Fix this by jumping to out_cleanup_tags
> instead.
>
> Addresses-Coverity: ("Dereference after null check")
> Fixes: 132226b301b5 ("null_blk: convert to blk_alloc_disk/blk_cleanup_disk")
> Signed-off-by: Colin Ian King <colin.king@canonical.com>
Looks good.
Reviewed-by: Chaitanya Kulkarni <chaitanya.kulkarni@wdc.com>
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH][next] null_blk: Fix null pointer dereference on nullb->disk on blk_cleanup_disk call
2021-06-02 10:06 [PATCH][next] null_blk: Fix null pointer dereference on nullb->disk on blk_cleanup_disk call Colin King
2021-06-03 0:00 ` Chaitanya Kulkarni
@ 2021-06-03 5:48 ` Christoph Hellwig
2021-06-03 15:54 ` Jens Axboe
2 siblings, 0 replies; 4+ messages in thread
From: Christoph Hellwig @ 2021-06-03 5:48 UTC (permalink / raw)
To: Colin King
Cc: Jens Axboe, Damien Le Moal, Christoph Hellwig, Ulf Hansson,
linux-block, kernel-janitors, linux-kernel
Looks good,
Reviewed-by: Christoph Hellwig <hch@lst.de>
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH][next] null_blk: Fix null pointer dereference on nullb->disk on blk_cleanup_disk call
2021-06-02 10:06 [PATCH][next] null_blk: Fix null pointer dereference on nullb->disk on blk_cleanup_disk call Colin King
2021-06-03 0:00 ` Chaitanya Kulkarni
2021-06-03 5:48 ` Christoph Hellwig
@ 2021-06-03 15:54 ` Jens Axboe
2 siblings, 0 replies; 4+ messages in thread
From: Jens Axboe @ 2021-06-03 15:54 UTC (permalink / raw)
To: Colin King, Damien Le Moal, Christoph Hellwig, Ulf Hansson, linux-block
Cc: kernel-janitors, linux-kernel
On 6/2/21 4:06 AM, Colin King wrote:
> From: Colin Ian King <colin.king@canonical.com>
>
> The error handling on a nullb->disk allocation currently jumps to
> out_cleanup_disk that calls blk_cleanup_disk with a null pointer causing
> a null pointer dereference issue. Fix this by jumping to out_cleanup_tags
> instead.
Applied, thanks.
--
Jens Axboe
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2021-06-03 15:54 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-06-02 10:06 [PATCH][next] null_blk: Fix null pointer dereference on nullb->disk on blk_cleanup_disk call Colin King
2021-06-03 0:00 ` Chaitanya Kulkarni
2021-06-03 5:48 ` Christoph Hellwig
2021-06-03 15:54 ` Jens Axboe
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.