* [PATCH] ocfs2: Fix panic on kfree(xattr->name)
[not found] <5328D286.2010209@oracle.com>
@ 2014-03-19 12:55 ` Tetsuo Handa
2014-03-19 19:28 ` Tariq Saeed
0 siblings, 1 reply; 7+ messages in thread
From: Tetsuo Handa @ 2014-03-19 12:55 UTC (permalink / raw)
To: tariq.x.saeed, mfasheh, jlbec; +Cc: linux-fsdevel, linux-security-module
Tariq Saeed wrote:
> This commit did not take into account the callers of this function who
> assume they need to kfree() the name. It causes panic in ocfs2 on create
> file. I am puzzled how did this commit got into the tree without changing
> the callsites to NOT call kfree anymore. Am I missing something?
You are right. It is my mistake. I didn't realize that ocfs2 is calling kfree()
on the name field. Would you please test below patch?
Regards.
----------
>From 3940749700148f58265407987f813b773515661a Mon Sep 17 00:00:00 2001
From: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Date: Wed, 19 Mar 2014 21:49:21 +0900
Subject: [PATCH] ocfs2: Fix panic on kfree(xattr->name)
Commit 9548906b 'xattr: Constify ->name member of "struct xattr".' missed that
ocfs2 is calling kfree(xattr->name). As a result, kernel panic occurs upon
calling kfree(xattr->name) because xattr->name refers static constant names.
This patch removes kfree(xattr->name) from ocfs2_mknod() and ocfs2_symlink().
Reported-by: Tariq Saeed <tariq.x.saeed@oracle.com>
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Cc: <stable@vger.kernel.org> [3.12+]
---
fs/ocfs2/namei.c | 2 --
1 files changed, 0 insertions(+), 2 deletions(-)
diff --git a/fs/ocfs2/namei.c b/fs/ocfs2/namei.c
index 3683643..feed025 100644
--- a/fs/ocfs2/namei.c
+++ b/fs/ocfs2/namei.c
@@ -450,7 +450,6 @@ leave:
brelse(new_fe_bh);
brelse(parent_fe_bh);
- kfree(si.name);
kfree(si.value);
ocfs2_free_dir_lookup_result(&lookup);
@@ -1855,7 +1854,6 @@ bail:
brelse(new_fe_bh);
brelse(parent_fe_bh);
- kfree(si.name);
kfree(si.value);
ocfs2_free_dir_lookup_result(&lookup);
if (inode_ac)
--
1.7.1
^ permalink raw reply related [flat|nested] 7+ messages in thread
* Re: [PATCH] ocfs2: Fix panic on kfree(xattr->name)
2014-03-19 12:55 ` [PATCH] ocfs2: Fix panic on kfree(xattr->name) Tetsuo Handa
@ 2014-03-19 19:28 ` Tariq Saeed
2014-03-19 22:02 ` [Ocfs2-devel] " Tetsuo Handa
2014-03-27 22:13 ` Tariq Saeed
0 siblings, 2 replies; 7+ messages in thread
From: Tariq Saeed @ 2014-03-19 19:28 UTC (permalink / raw)
To: Tetsuo Handa, mfasheh, jlbec; +Cc: linux-fsdevel, linux-security-module
The patch works. What is the plan for submitting to mainline?
Thanks,
-Tariq
On 03/19/2014 05:55 AM, Tetsuo Handa wrote:
> Tariq Saeed wrote:
>> This commit did not take into account the callers of this function who
>> assume they need to kfree() the name. It causes panic in ocfs2 on create
>> file. I am puzzled how did this commit got into the tree without changing
>> the callsites to NOT call kfree anymore. Am I missing something?
>
> You are right. It is my mistake. I didn't realize that ocfs2 is calling kfree()
> on the name field. Would you please test below patch?
>
> Regards.
> ----------
>>From 3940749700148f58265407987f813b773515661a Mon Sep 17 00:00:00 2001
> From: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
> Date: Wed, 19 Mar 2014 21:49:21 +0900
> Subject: [PATCH] ocfs2: Fix panic on kfree(xattr->name)
>
> Commit 9548906b 'xattr: Constify ->name member of "struct xattr".' missed that
> ocfs2 is calling kfree(xattr->name). As a result, kernel panic occurs upon
> calling kfree(xattr->name) because xattr->name refers static constant names.
> This patch removes kfree(xattr->name) from ocfs2_mknod() and ocfs2_symlink().
>
> Reported-by: Tariq Saeed <tariq.x.saeed@oracle.com>
> Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
> Cc: <stable@vger.kernel.org> [3.12+]
> ---
> fs/ocfs2/namei.c | 2 --
> 1 files changed, 0 insertions(+), 2 deletions(-)
>
> diff --git a/fs/ocfs2/namei.c b/fs/ocfs2/namei.c
> index 3683643..feed025 100644
> --- a/fs/ocfs2/namei.c
> +++ b/fs/ocfs2/namei.c
> @@ -450,7 +450,6 @@ leave:
>
> brelse(new_fe_bh);
> brelse(parent_fe_bh);
> - kfree(si.name);
> kfree(si.value);
>
> ocfs2_free_dir_lookup_result(&lookup);
> @@ -1855,7 +1854,6 @@ bail:
>
> brelse(new_fe_bh);
> brelse(parent_fe_bh);
> - kfree(si.name);
> kfree(si.value);
> ocfs2_free_dir_lookup_result(&lookup);
> if (inode_ac)
>
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH] ocfs2: Fix panic on kfree(xattr->name)
2014-03-19 19:28 ` Tariq Saeed
@ 2014-03-19 22:02 ` Tetsuo Handa
2014-03-27 22:13 ` Tariq Saeed
1 sibling, 0 replies; 7+ messages in thread
From: Tetsuo Handa @ 2014-03-19 22:02 UTC (permalink / raw)
To: mfasheh, jlbec, ocfs2-devel
Cc: tariq.x.saeed, linux-fsdevel, linux-security-module
Thank you for testing.
Mark and Joel, would you pick up this patch via your tree?
Tariq Saeed wrote:
> The patch works. What is the plan for submitting to mainline?
> Thanks,
> -Tariq
>
> On 03/19/2014 05:55 AM, Tetsuo Handa wrote:
> > Tariq Saeed wrote:
> >> This commit did not take into account the callers of this function who
> >> assume they need to kfree() the name. It causes panic in ocfs2 on create
> >> file. I am puzzled how did this commit got into the tree without changing
> >> the callsites to NOT call kfree anymore. Am I missing something?
> >
> > You are right. It is my mistake. I didn't realize that ocfs2 is calling kfree()
> > on the name field. Would you please test below patch?
> >
> > Regards.
> > ----------
> >>From 3940749700148f58265407987f813b773515661a Mon Sep 17 00:00:00 2001
> > From: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
> > Date: Wed, 19 Mar 2014 21:49:21 +0900
> > Subject: [PATCH] ocfs2: Fix panic on kfree(xattr->name)
> >
> > Commit 9548906b 'xattr: Constify ->name member of "struct xattr".' missed that
> > ocfs2 is calling kfree(xattr->name). As a result, kernel panic occurs upon
> > calling kfree(xattr->name) because xattr->name refers static constant names.
> > This patch removes kfree(xattr->name) from ocfs2_mknod() and ocfs2_symlink().
> >
> > Reported-by: Tariq Saeed <tariq.x.saeed@oracle.com>
> > Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
> > Cc: <stable@vger.kernel.org> [3.12+]
> > ---
> > fs/ocfs2/namei.c | 2 --
> > 1 files changed, 0 insertions(+), 2 deletions(-)
> >
> > diff --git a/fs/ocfs2/namei.c b/fs/ocfs2/namei.c
> > index 3683643..feed025 100644
> > --- a/fs/ocfs2/namei.c
> > +++ b/fs/ocfs2/namei.c
> > @@ -450,7 +450,6 @@ leave:
> >
> > brelse(new_fe_bh);
> > brelse(parent_fe_bh);
> > - kfree(si.name);
> > kfree(si.value);
> >
> > ocfs2_free_dir_lookup_result(&lookup);
> > @@ -1855,7 +1854,6 @@ bail:
> >
> > brelse(new_fe_bh);
> > brelse(parent_fe_bh);
> > - kfree(si.name);
> > kfree(si.value);
> > ocfs2_free_dir_lookup_result(&lookup);
> > if (inode_ac)
> >
>
^ permalink raw reply [flat|nested] 7+ messages in thread
* [Ocfs2-devel] [PATCH] ocfs2: Fix panic on kfree(xattr->name)
@ 2014-03-19 22:02 ` Tetsuo Handa
0 siblings, 0 replies; 7+ messages in thread
From: Tetsuo Handa @ 2014-03-19 22:02 UTC (permalink / raw)
To: mfasheh, jlbec, ocfs2-devel
Cc: tariq.x.saeed, linux-fsdevel, linux-security-module
Thank you for testing.
Mark and Joel, would you pick up this patch via your tree?
Tariq Saeed wrote:
> The patch works. What is the plan for submitting to mainline?
> Thanks,
> -Tariq
>
> On 03/19/2014 05:55 AM, Tetsuo Handa wrote:
> > Tariq Saeed wrote:
> >> This commit did not take into account the callers of this function who
> >> assume they need to kfree() the name. It causes panic in ocfs2 on create
> >> file. I am puzzled how did this commit got into the tree without changing
> >> the callsites to NOT call kfree anymore. Am I missing something?
> >
> > You are right. It is my mistake. I didn't realize that ocfs2 is calling kfree()
> > on the name field. Would you please test below patch?
> >
> > Regards.
> > ----------
> >>From 3940749700148f58265407987f813b773515661a Mon Sep 17 00:00:00 2001
> > From: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
> > Date: Wed, 19 Mar 2014 21:49:21 +0900
> > Subject: [PATCH] ocfs2: Fix panic on kfree(xattr->name)
> >
> > Commit 9548906b 'xattr: Constify ->name member of "struct xattr".' missed that
> > ocfs2 is calling kfree(xattr->name). As a result, kernel panic occurs upon
> > calling kfree(xattr->name) because xattr->name refers static constant names.
> > This patch removes kfree(xattr->name) from ocfs2_mknod() and ocfs2_symlink().
> >
> > Reported-by: Tariq Saeed <tariq.x.saeed@oracle.com>
> > Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
> > Cc: <stable@vger.kernel.org> [3.12+]
> > ---
> > fs/ocfs2/namei.c | 2 --
> > 1 files changed, 0 insertions(+), 2 deletions(-)
> >
> > diff --git a/fs/ocfs2/namei.c b/fs/ocfs2/namei.c
> > index 3683643..feed025 100644
> > --- a/fs/ocfs2/namei.c
> > +++ b/fs/ocfs2/namei.c
> > @@ -450,7 +450,6 @@ leave:
> >
> > brelse(new_fe_bh);
> > brelse(parent_fe_bh);
> > - kfree(si.name);
> > kfree(si.value);
> >
> > ocfs2_free_dir_lookup_result(&lookup);
> > @@ -1855,7 +1854,6 @@ bail:
> >
> > brelse(new_fe_bh);
> > brelse(parent_fe_bh);
> > - kfree(si.name);
> > kfree(si.value);
> > ocfs2_free_dir_lookup_result(&lookup);
> > if (inode_ac)
> >
>
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH] ocfs2: Fix panic on kfree(xattr->name)
2014-03-19 19:28 ` Tariq Saeed
2014-03-19 22:02 ` [Ocfs2-devel] " Tetsuo Handa
@ 2014-03-27 22:13 ` Tariq Saeed
2014-03-28 13:48 ` Tetsuo Handa
1 sibling, 1 reply; 7+ messages in thread
From: Tariq Saeed @ 2014-03-27 22:13 UTC (permalink / raw)
To: Tetsuo Handa, mfasheh, jlbec
Cc: linux-fsdevel, linux-security-module, Srinivas Eeda
On 03/19/2014 12:28 PM, Tariq Saeed wrote:
> The patch works. What is the plan for submitting to mainline
can you please submit this patch to mainline.
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [PATCH] ocfs2: Fix panic on kfree(xattr->name)
2014-03-27 22:13 ` Tariq Saeed
@ 2014-03-28 13:48 ` Tetsuo Handa
2014-03-28 22:13 ` James Morris
0 siblings, 1 reply; 7+ messages in thread
From: Tetsuo Handa @ 2014-03-28 13:48 UTC (permalink / raw)
To: tariq.x.saeed, mfasheh, jlbec
Cc: linux-fsdevel, linux-security-module, srinivas.eeda
Tariq Saeed wrote:
> On 03/19/2014 12:28 PM, Tariq Saeed wrote:
> > The patch works. What is the plan for submitting to mainline
> can you please submit this patch to mainline.
No response from ocfs2 folks.
James, Al, can you pick up this patch?
----------
>From 3940749700148f58265407987f813b773515661a Mon Sep 17 00:00:00 2001
From: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Date: Wed, 19 Mar 2014 21:49:21 +0900
Subject: [PATCH] ocfs2: Fix panic on kfree(xattr->name)
Commit 9548906b 'xattr: Constify ->name member of "struct xattr".' missed that
ocfs2 is calling kfree(xattr->name). As a result, kernel panic occurs upon
calling kfree(xattr->name) because xattr->name refers static constant names.
This patch removes kfree(xattr->name) from ocfs2_mknod() and ocfs2_symlink().
Reported-by: Tariq Saeed <tariq.x.saeed@oracle.com>
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Cc: <stable@vger.kernel.org> [3.12+]
---
fs/ocfs2/namei.c | 2 --
1 files changed, 0 insertions(+), 2 deletions(-)
diff --git a/fs/ocfs2/namei.c b/fs/ocfs2/namei.c
index 3683643..feed025 100644
--- a/fs/ocfs2/namei.c
+++ b/fs/ocfs2/namei.c
@@ -450,7 +450,6 @@ leave:
brelse(new_fe_bh);
brelse(parent_fe_bh);
- kfree(si.name);
kfree(si.value);
ocfs2_free_dir_lookup_result(&lookup);
@@ -1855,7 +1854,6 @@ bail:
brelse(new_fe_bh);
brelse(parent_fe_bh);
- kfree(si.name);
kfree(si.value);
ocfs2_free_dir_lookup_result(&lookup);
if (inode_ac)
--
1.7.1
^ permalink raw reply related [flat|nested] 7+ messages in thread
* Re: [PATCH] ocfs2: Fix panic on kfree(xattr->name)
2014-03-28 13:48 ` Tetsuo Handa
@ 2014-03-28 22:13 ` James Morris
0 siblings, 0 replies; 7+ messages in thread
From: James Morris @ 2014-03-28 22:13 UTC (permalink / raw)
To: Tetsuo Handa
Cc: tariq.x.saeed, mfasheh, jlbec, linux-fsdevel,
linux-security-module, srinivas.eeda
On Fri, 28 Mar 2014, Tetsuo Handa wrote:
> Tariq Saeed wrote:
> > On 03/19/2014 12:28 PM, Tariq Saeed wrote:
> > > The patch works. What is the plan for submitting to mainline
> > can you please submit this patch to mainline.
>
> No response from ocfs2 folks.
> James, Al, can you pick up this patch?
This needs to go in via Al or akpm.
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2014-03-28 22:13 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
[not found] <5328D286.2010209@oracle.com>
2014-03-19 12:55 ` [PATCH] ocfs2: Fix panic on kfree(xattr->name) Tetsuo Handa
2014-03-19 19:28 ` Tariq Saeed
2014-03-19 22:02 ` Tetsuo Handa
2014-03-19 22:02 ` [Ocfs2-devel] " Tetsuo Handa
2014-03-27 22:13 ` Tariq Saeed
2014-03-28 13:48 ` Tetsuo Handa
2014-03-28 22:13 ` James Morris
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.