[Ocfs2-devel] [PATCH v1] ocfs2: Fix freeing uninitialized resource on ocfs2_dlm_shutdown

[Ocfs2-devel] [PATCH v1] ocfs2: Fix freeing uninitialized resource on ocfs2_dlm_shutdown

[Heming Zhao via Ocfs2-devel]

On local mount mode, no dlm resource is initialized. If
ocfs2_mount_volume() fails in ocfs2_find_slot(), error handling
will call ocfs2_dlm_shutdown(), then does dlm resource cleanup
job, which will trigger kernel crash.

Fixes: 0737e01de9c4 ("ocfs2: ocfs2_mount_volume does cleanup job before return error")
Signed-off-by: Heming Zhao <heming.zhao@suse.com>
---
draft -> v1:
 - separate to a single patch
 - by review comment:
   - do free lockres in shutdown path
   - put 'Fixes' string in one line
 - revise misspelled & grammar mistake in commit log
---
 fs/ocfs2/dlmglue.c | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/fs/ocfs2/dlmglue.c b/fs/ocfs2/dlmglue.c
index 801e60bab955..c28bc983a7b1 100644
--- a/fs/ocfs2/dlmglue.c
+++ b/fs/ocfs2/dlmglue.c
@@ -3403,10 +3403,12 @@ void ocfs2_dlm_shutdown(struct ocfs2_super *osb,
 	ocfs2_lock_res_free(&osb->osb_nfs_sync_lockres);
 	ocfs2_lock_res_free(&osb->osb_orphan_scan.os_lockres);
 
-	ocfs2_cluster_disconnect(osb->cconn, hangup_pending);
-	osb->cconn = NULL;
+	if (osb->cconn) {
+		ocfs2_cluster_disconnect(osb->cconn, hangup_pending);
+		osb->cconn = NULL;
 
-	ocfs2_dlm_shutdown_debug(osb);
+		ocfs2_dlm_shutdown_debug(osb);
+	}
 }
 
 static int ocfs2_drop_lock(struct ocfs2_super *osb,
-- 
2.37.1


_______________________________________________
Ocfs2-devel mailing list
Ocfs2-devel@oss.oracle.com
https://oss.oracle.com/mailman/listinfo/ocfs2-devel

Re: [Ocfs2-devel] [PATCH v1] ocfs2: Fix freeing uninitialized resource on ocfs2_dlm_shutdown

[Joseph Qi via Ocfs2-devel]

On 8/11/22 5:46 PM, Heming Zhao wrote:
> On local mount mode, no dlm resource is initialized. If
> ocfs2_mount_volume() fails in ocfs2_find_slot(), error handling

In fact, any procedure after ocfs2_dlm_init() fails will trigger this
issue. So we'd better describe it clearly, or just take the above case
as a example.

> will call ocfs2_dlm_shutdown(), then does dlm resource cleanup
> job, which will trigger kernel crash.
> 
> Fixes: 0737e01de9c4 ("ocfs2: ocfs2_mount_volume does cleanup job before return error")
> Signed-off-by: Heming Zhao <heming.zhao@suse.com>
> ---
> draft -> v1:
>  - separate to a single patch
>  - by review comment:
>    - do free lockres in shutdown path
>    - put 'Fixes' string in one line
>  - revise misspelled & grammar mistake in commit log
> ---
>  fs/ocfs2/dlmglue.c | 8 +++++---
>  1 file changed, 5 insertions(+), 3 deletions(-)
> 
> diff --git a/fs/ocfs2/dlmglue.c b/fs/ocfs2/dlmglue.c
> index 801e60bab955..c28bc983a7b1 100644
> --- a/fs/ocfs2/dlmglue.c
> +++ b/fs/ocfs2/dlmglue.c
> @@ -3403,10 +3403,12 @@ void ocfs2_dlm_shutdown(struct ocfs2_super *osb,
>  	ocfs2_lock_res_free(&osb->osb_nfs_sync_lockres);
>  	ocfs2_lock_res_free(&osb->osb_orphan_scan.os_lockres);
>  
> -	ocfs2_cluster_disconnect(osb->cconn, hangup_pending);
> -	osb->cconn = NULL;
> +	if (osb->cconn) {
> +		ocfs2_cluster_disconnect(osb->cconn, hangup_pending);
> +		osb->cconn = NULL;
>  
> -	ocfs2_dlm_shutdown_debug(osb);
> +		ocfs2_dlm_shutdown_debug(osb);
> +	}
>  }
>  
>  static int ocfs2_drop_lock(struct ocfs2_super *osb,

The checking osb->cconn in ocfs2_dismount_volume() has to be removed.

Thanks,
Joseph

_______________________________________________
Ocfs2-devel mailing list
Ocfs2-devel@oss.oracle.com
https://oss.oracle.com/mailman/listinfo/ocfs2-devel