From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Anand Jain <anand.jain@oracle.com>,
David Sterba <dsterba@suse.com>
Subject: [PATCH 5.8 86/99] btrfs: fix put of uninitialized kobject after seed device delete
Date: Tue, 29 Sep 2020 13:02:09 +0200 [thread overview]
Message-ID: <20200929105933.967833986@linuxfoundation.org> (raw)
In-Reply-To: <20200929105929.719230296@linuxfoundation.org>
From: Anand Jain <anand.jain@oracle.com>
commit b5ddcffa37778244d5e786fe32f778edf2bfc93e upstream.
The following test case leads to NULL kobject free error:
mount seed /mnt
add sprout to /mnt
umount /mnt
mount sprout to /mnt
delete seed
kobject: '(null)' (00000000dd2b87e4): is not initialized, yet kobject_put() is being called.
WARNING: CPU: 1 PID: 15784 at lib/kobject.c:736 kobject_put+0x80/0x350
RIP: 0010:kobject_put+0x80/0x350
::
Call Trace:
btrfs_sysfs_remove_devices_dir+0x6e/0x160 [btrfs]
btrfs_rm_device.cold+0xa8/0x298 [btrfs]
btrfs_ioctl+0x206c/0x22a0 [btrfs]
ksys_ioctl+0xe2/0x140
__x64_sys_ioctl+0x1e/0x29
do_syscall_64+0x96/0x150
entry_SYSCALL_64_after_hwframe+0x44/0xa9
RIP: 0033:0x7f4047c6288b
::
This is because, at the end of the seed device-delete, we try to remove
the seed's devid sysfs entry. But for the seed devices under the sprout
fs, we don't initialize the devid kobject yet. So add a kobject state
check, which takes care of the bug.
Fixes: 668e48af7a94 ("btrfs: sysfs, add devid/dev_state kobject and device attributes")
CC: stable@vger.kernel.org # 5.6+
Signed-off-by: Anand Jain <anand.jain@oracle.com>
Reviewed-by: David Sterba <dsterba@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
fs/btrfs/sysfs.c | 16 ++++++++++------
1 file changed, 10 insertions(+), 6 deletions(-)
--- a/fs/btrfs/sysfs.c
+++ b/fs/btrfs/sysfs.c
@@ -1165,10 +1165,12 @@ int btrfs_sysfs_remove_devices_dir(struc
disk_kobj->name);
}
- kobject_del(&one_device->devid_kobj);
- kobject_put(&one_device->devid_kobj);
+ if (one_device->devid_kobj.state_initialized) {
+ kobject_del(&one_device->devid_kobj);
+ kobject_put(&one_device->devid_kobj);
- wait_for_completion(&one_device->kobj_unregister);
+ wait_for_completion(&one_device->kobj_unregister);
+ }
return 0;
}
@@ -1181,10 +1183,12 @@ int btrfs_sysfs_remove_devices_dir(struc
sysfs_remove_link(fs_devices->devices_kobj,
disk_kobj->name);
}
- kobject_del(&one_device->devid_kobj);
- kobject_put(&one_device->devid_kobj);
+ if (one_device->devid_kobj.state_initialized) {
+ kobject_del(&one_device->devid_kobj);
+ kobject_put(&one_device->devid_kobj);
- wait_for_completion(&one_device->kobj_unregister);
+ wait_for_completion(&one_device->kobj_unregister);
+ }
}
return 0;
next prev parent reply other threads:[~2020-09-29 11:50 UTC|newest]
Thread overview: 110+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-09-29 11:00 [PATCH 5.8 00/99] 5.8.13-rc1 review Greg Kroah-Hartman
2020-09-29 11:00 ` [PATCH 5.8 01/99] device_cgroup: Fix RCU list debugging warning Greg Kroah-Hartman
2020-09-29 11:00 ` [PATCH 5.8 02/99] ASoC: pcm3168a: ignore 0 Hz settings Greg Kroah-Hartman
2020-09-29 11:00 ` [PATCH 5.8 03/99] ASoC: wm8994: Skip setting of the WM8994_MICBIAS register for WM1811 Greg Kroah-Hartman
2020-09-29 11:00 ` [PATCH 5.8 04/99] ASoC: wm8994: Ensure the device is resumed in wm89xx_mic_detect functions Greg Kroah-Hartman
2020-09-29 11:00 ` [PATCH 5.8 05/99] ASoC: Intel: bytcr_rt5640: Add quirk for MPMAN Converter9 2-in-1 Greg Kroah-Hartman
2020-09-29 11:00 ` [PATCH 5.8 06/99] clk: versatile: Add of_node_put() before return statement Greg Kroah-Hartman
2020-09-29 11:00 ` [PATCH 5.8 07/99] RISC-V: Take text_mutex in ftrace_init_nop() Greg Kroah-Hartman
2020-09-29 11:00 ` [PATCH 5.8 08/99] i2c: aspeed: Mask IRQ status to relevant bits Greg Kroah-Hartman
2020-09-29 11:00 ` [PATCH 5.8 09/99] s390/init: add missing __init annotations Greg Kroah-Hartman
2020-09-29 11:00 ` [PATCH 5.8 10/99] lockdep: fix order in trace_hardirqs_off_caller() Greg Kroah-Hartman
2020-09-29 11:00 ` [PATCH 5.8 11/99] EDAC/ghes: Check whether the driver is on the safe list correctly Greg Kroah-Hartman
2020-09-29 11:00 ` [PATCH 5.8 12/99] drm/amdkfd: fix a memory leak issue Greg Kroah-Hartman
2020-09-29 11:00 ` [PATCH 5.8 13/99] drm/amd/display: Dont use DRM_ERROR() for DTM add topology Greg Kroah-Hartman
2020-09-29 11:00 ` [PATCH 5.8 14/99] drm/amd/display: update nv1x stutter latencies Greg Kroah-Hartman
2020-09-29 11:00 ` [PATCH 5.8 15/99] drm/amdgpu/dc: Require primary plane to be enabled whenever the CRTC is Greg Kroah-Hartman
2020-09-29 11:00 ` [PATCH 5.8 16/99] drm/amd/display: Dont log hdcp module warnings in dmesg Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 17/99] i2c: core: Call i2c_acpi_install_space_handler() before i2c_acpi_register_devices() Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 18/99] objtool: Fix noreturn detection for ignored functions Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 19/99] i2c: mediatek: Send i2c master code at more than 1MHz Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 20/99] riscv: Fix Kendryte K210 device tree Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 21/99] ieee802154: fix one possible memleak in ca8210_dev_com_init Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 22/99] ieee802154/adf7242: check status of adf7242_read_reg Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 23/99] clocksource/drivers/h8300_timer8: Fix wrong return value in h8300_8timer_init() Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 24/99] mwifiex: Increase AES key storage size to 256 bits Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 25/99] batman-adv: bla: fix type misuse for backbone_gw hash indexing Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 26/99] libbpf: Fix build failure from uninitialized variable warning Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 27/99] atm: eni: fix the missed pci_disable_device() for eni_init_one() Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 28/99] batman-adv: mcast/TT: fix wrongly dropped or rerouted packets Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 29/99] netfilter: ctnetlink: add a range check for l3/l4 protonum Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 30/99] netfilter: ctnetlink: fix mark based dump filtering regression Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 31/99] netfilter: conntrack: nf_conncount_init is failing with IPv6 disabled Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 32/99] netfilter: nft_meta: use socket user_ns to retrieve skuid and skgid Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 33/99] mac802154: tx: fix use-after-free Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 34/99] bpf: Fix clobbering of r2 in bpf_gen_ld_abs Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 35/99] tools/libbpf: Avoid counting local symbols in ABI check Greg Kroah-Hartman
2020-09-29 21:54 ` Justin Forbes
2020-09-30 5:02 ` Tony Ambardar
2020-09-30 15:40 ` Justin Forbes
2020-09-29 11:01 ` [PATCH 5.8 36/99] drm/vc4/vc4_hdmi: fill ASoC card owner Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 37/99] net: qed: Disable aRFS for NPAR and 100G Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 38/99] net: qede: " Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 39/99] net: qed: RDMA personality shouldnt fail VF load Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 40/99] igc: Fix wrong timestamp latency numbers Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 41/99] igc: Fix not considering the TX delay for timestamps Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 42/99] drm/sun4i: sun8i-csc: Secondary CSC register correction Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 43/99] hv_netvsc: Switch the data path at the right time during hibernation Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 44/99] spi: spi-fsl-dspi: use XSPI mode instead of DMA for DPAA2 SoCs Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 45/99] RDMA/core: Fix ordering of CQ pool destruction Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 46/99] batman-adv: Add missing include for in_interrupt() Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 47/99] xsk: Fix number of pinned pages/umem size discrepancy Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 48/99] nvme-tcp: fix kconfig dependency warning when !CRYPTO Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 49/99] batman-adv: mcast: fix duplicate mcast packets in BLA backbone from LAN Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 50/99] batman-adv: mcast: fix duplicate mcast packets in BLA backbone from mesh Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 51/99] batman-adv: mcast: fix duplicate mcast packets from BLA backbone to mesh Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 52/99] bpf: Fix a rcu warning for bpffs map pretty-print Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 53/99] lib80211: fix unmet direct dependendices config warning when !CRYPTO Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 54/99] mac80211: do not disable HE if HT is missing on 2.4 GHz Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 55/99] cfg80211: fix 6 GHz channel conversion Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 56/99] mac80211: fix 80 MHz association to 160/80+80 AP on 6 GHz Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 57/99] ALSA: asihpi: fix iounmap in error handler Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 58/99] io_uring: fix openat/openat2 unified prep handling Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 59/99] SUNRPC: Fix svc_flush_dcache() Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 60/99] regmap: fix page selection for noinc reads Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 61/99] regmap: fix page selection for noinc writes Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 62/99] net/mlx5e: mlx5e_fec_in_caps() returns a boolean Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 63/99] MIPS: Loongson-3: Fix fp register access if MSA enabled Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 64/99] PM / devfreq: tegra30: Disable clock on error in probe Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 65/99] MIPS: Add the missing CPU_1074K into __get_cpu_type() Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 66/99] regulator: axp20x: fix LDO2/4 description Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 67/99] spi: bcm-qspi: Fix probe regression on iProc platforms Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 68/99] KVM: x86: Reset MMU context if guest toggles CR4.SMAP or CR4.PKE Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 69/99] KVM: SVM: Add a dedicated INVD intercept routine Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 70/99] mm: validate pmd after splitting Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 71/99] arch/x86/lib/usercopy_64.c: fix __copy_user_flushcache() cache writeback Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 72/99] x86/irq: Make run_on_irqstack_cond() typesafe Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 73/99] x86/ioapic: Unbreak check_timer() Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 74/99] scsi: lpfc: Fix initial FLOGI failure due to BBSCN not supported Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 75/99] ALSA: usb-audio: Add delay quirk for H570e USB headsets Greg Kroah-Hartman
2020-09-29 11:01 ` [PATCH 5.8 76/99] ALSA: hda/realtek - Couldnt detect Mic if booting with headset plugged Greg Kroah-Hartman
2020-09-29 11:02 ` [PATCH 5.8 77/99] ALSA: hda/realtek: Enable front panel headset LED on Lenovo ThinkStation P520 Greg Kroah-Hartman
2020-09-29 11:02 ` [PATCH 5.8 78/99] lib/string.c: implement stpcpy Greg Kroah-Hartman
2020-09-29 11:02 ` [PATCH 5.8 79/99] tracing: fix double free Greg Kroah-Hartman
2020-09-29 11:02 ` [PATCH 5.8 80/99] s390/dasd: Fix zero write for FBA devices Greg Kroah-Hartman
2020-09-29 11:02 ` [PATCH 5.8 81/99] mt76: mt7615: use v1 MCU API on MT7615 to fix issues with adding/removing stations Greg Kroah-Hartman
2020-09-29 11:02 ` [PATCH 5.8 82/99] lib/bootconfig: Fix a bug of breaking existing tree nodes Greg Kroah-Hartman
2020-09-29 11:02 ` [PATCH 5.8 83/99] lib/bootconfig: Fix to remove tailing spaces after value Greg Kroah-Hartman
2020-09-29 11:02 ` [PATCH 5.8 84/99] kprobes: Fix to check probe enabled before disarm_kprobe_ftrace() Greg Kroah-Hartman
2020-09-29 11:02 ` [PATCH 5.8 85/99] kprobes: tracing/kprobes: Fix to kill kprobes on initmem after boot Greg Kroah-Hartman
2020-09-29 11:02 ` Greg Kroah-Hartman [this message]
2020-09-29 11:02 ` [PATCH 5.8 87/99] btrfs: fix overflow when copying corrupt csums for a message Greg Kroah-Hartman
2020-09-29 11:02 ` [PATCH 5.8 88/99] media: cec-adap.c: dont use flush_scheduled_work() Greg Kroah-Hartman
2020-09-29 11:02 ` [PATCH 5.8 89/99] MIPS: Loongson2ef: Disable Loongson MMI instructions Greg Kroah-Hartman
2020-09-29 11:02 ` [PATCH 5.8 90/99] dmabuf: fix NULL pointer dereference in dma_buf_release() Greg Kroah-Hartman
2020-09-29 11:02 ` [PATCH 5.8 91/99] mm, THP, swap: fix allocating cluster for swapfile by mistake Greg Kroah-Hartman
2020-09-29 11:02 ` [PATCH 5.8 92/99] mm/gup: fix gup_fast with dynamic page table folding Greg Kroah-Hartman
2020-09-29 11:02 ` [PATCH 5.8 93/99] mm: replace memmap_context by meminit_context Greg Kroah-Hartman
2020-09-29 11:02 ` [PATCH 5.8 94/99] mm: dont rely on system state to detect hot-plug operations Greg Kroah-Hartman
2020-09-29 11:02 ` [PATCH 5.8 95/99] s390/zcrypt: Fix ZCRYPT_PERDEV_REQCNT ioctl Greg Kroah-Hartman
2020-09-29 11:02 ` [PATCH 5.8 96/99] io_uring: ensure open/openat2 name is cleaned on cancelation Greg Kroah-Hartman
2020-09-29 11:02 ` [PATCH 5.8 97/99] KVM: arm64: Assume write fault on S1PTW permission fault on instruction fetch Greg Kroah-Hartman
2020-09-29 11:02 ` [PATCH 5.8 98/99] dm: fix bio splitting and its bio completion order for regular IO Greg Kroah-Hartman
2020-09-29 11:02 ` [PATCH 5.8 99/99] clocksource/drivers/timer-ti-dm: Do reset before enable Greg Kroah-Hartman
2020-09-29 13:39 ` [PATCH 5.8 00/99] 5.8.13-rc1 review Jeffrin Jose T
2020-09-29 20:54 ` Guenter Roeck
2020-10-01 19:23 ` Greg Kroah-Hartman
2020-09-30 7:28 ` Naresh Kamboju
2020-10-01 19:24 ` Greg Kroah-Hartman
2020-09-30 14:26 ` Shuah Khan
2020-10-01 19:24 ` Greg Kroah-Hartman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200929105933.967833986@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=anand.jain@oracle.com \
--cc=dsterba@suse.com \
--cc=linux-kernel@vger.kernel.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).