From: Hou Tao <houtao1@huawei.com>
To: <linux-mtd@lists.infradead.org>, <dwmw2@infradead.org>
Cc: <richard.weinberger@gmail.com>, <boris.brezillon@bootlin.com>,
<linux-kernel@vger.kernel.org>, <stable@vger.kernel.org>
Subject: Re: [PATCH] jffs2: ensure wbuf_verify is valid before using it.
Date: Sun, 9 Dec 2018 14:35:08 +0800 [thread overview]
Message-ID: <df5b520c-bc32-e550-4c58-2c79d5e09893@huawei.com> (raw)
In-Reply-To: <20181020120849.65708-1-houtao1@huawei.com>
ping ?
On 2018/10/20 20:08, Hou Tao wrote:
> Now MTD emulated by UBI volumn doesn't allocate wbuf_verify in
> jffs2_ubivol_setup(), because UBI can do the verifcation itself,
> so when CONFIG_JFFS2_FS_WBUF_VERIFY is enabled and a MTD device
> emulated by UBI volumn is used, a Oops will occur as show in the
> following trace:
>
> general protection fault: 0000 [#1] SMP KASAN PTI
> CPU: 6 PID: 404 Comm: kworker/6:1 Not tainted 4.19.0-rc8
> Workqueue: events_long delayed_wbuf_sync
> RIP: 0010:ubi_io_read+0x156/0x650
> Call Trace:
> ubi_eba_read_leb+0x57d/0xba0
> ubi_leb_read+0xe5/0x1b0
> gluebi_read+0x10c/0x1a0
> mtd_read+0x112/0x340
> jffs2_verify_write+0xef/0x440
> __jffs2_flush_wbuf+0x3fa/0x3540
> jffs2_flush_wbuf_gc+0x1b1/0x2e0
> process_one_work+0x58b/0x11e0
> worker_thread+0x8f/0xfe0
> kthread+0x2ae/0x3a0
> ret_from_fork+0x35/0x40
>
> Fix the problem by checking the validity of wbuf_verify before
> using it in jffs2_verify_write().
>
> Cc: stable@vger.kernel.org
> Fixes: 0029da3bf430 ("JFFS2: add UBI support")
> Signed-off-by: Hou Tao <houtao1@huawei.com>
> ---
> fs/jffs2/wbuf.c | 7 +++++++
> 1 file changed, 7 insertions(+)
>
> diff --git a/fs/jffs2/wbuf.c b/fs/jffs2/wbuf.c
> index c6821a509481..3de45f4559d1 100644
> --- a/fs/jffs2/wbuf.c
> +++ b/fs/jffs2/wbuf.c
> @@ -234,6 +234,13 @@ static int jffs2_verify_write(struct jffs2_sb_info *c, unsigned char *buf,
> size_t retlen;
> char *eccstr;
>
> + /*
> + * MTD emulated by UBI volume doesn't allocate wbuf_verify,
> + * because it can do the verification itself.
> + */
> + if (!c->wbuf_verify)
> + return 0;
> +
> ret = mtd_read(c->mtd, ofs, c->wbuf_pagesize, &retlen, c->wbuf_verify);
> if (ret && ret != -EUCLEAN && ret != -EBADMSG) {
> pr_warn("%s(): Read back of page at %08x failed: %d\n",
>
next prev parent reply other threads:[~2018-12-09 6:35 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-10-20 12:08 [PATCH] jffs2: ensure wbuf_verify is valid before using it Hou Tao
2018-12-09 6:35 ` Hou Tao [this message]
2018-12-15 13:24 ` Hou Tao
2018-12-16 23:56 ` Richard Weinberger
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=df5b520c-bc32-e550-4c58-2c79d5e09893@huawei.com \
--to=houtao1@huawei.com \
--cc=boris.brezillon@bootlin.com \
--cc=dwmw2@infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mtd@lists.infradead.org \
--cc=richard.weinberger@gmail.com \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).