In parse_server_interfaces() we hold a spinlock across a parsing look that
calls kmalloc(). Use GFP_ATOMIC for this kmalloc since we can not sleep
while holding a spinlock.
KASAN warning for this bug looks as:
[ 2638.506227] BUG: sleeping function called from invalid context at include/li\
nux/sched/mm.h:256
[ 2638.506360] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 3633, nam\
e: mount.cifs
[ 2638.506446] preempt_count: 1, expected: 0
[ 2638.506486] CPU: 0 PID: 3633 Comm: mount.cifs Tainted: G W OE 5.\
17.0-rc7-00006-g4eb628dd74df #135
[ 2638.506490] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.14.0-\
1.fc33 04/01/2014
[ 2638.506493] Call Trace:
[ 2638.506495] <TASK>
[ 2638.506497] dump_stack_lvl+0x34/0x44
[ 2638.506505] __might_resched.cold+0x13f/0x172
[ 2638.506509] ? _raw_spin_lock+0x81/0xe0
[ 2638.506514] ? parse_server_interfaces+0x3fe/0xc17 [cifs]
[ 2638.506610] kmem_cache_alloc_trace+0x261/0x2f0
[ 2638.506616] parse_server_interfaces+0x3fe/0xc17 [cifs]
[ 2638.506685] ? kref_put.isra.0+0x42/0x42 [cifs]
[ 2638.506754] smb3_qfs_tcon.cold+0x28/0x2d [cifs]
[ 2638.506821] ? open_cached_dir+0x1080/0x1080 [cifs]
[ 2638.506884] ? io_schedule_timeout+0x1a0/0x1a0
[ 2638.506888] ? _raw_spin_lock+0x81/0xe0
[ 2638.506892] ? _raw_write_lock_irq+0xd0/0xd0
[ 2638.506896] ? __raw_callee_save___native_queued_spin_unlock+0x11/0x1e
[ 2638.506901] ? _raw_spin_lock+0x81/0xe0
[ 2638.506904] ? cifs_get_tcon+0xea3/0x1bc0 [cifs]
[ 2638.506959] mount_get_conns+0x366/0xf60 [cifs]
[ 2638.507012] cifs_mount+0xcc/0xe90 [cifs]
[ 2638.507068] ? __irq_work_queue_local+0x67/0xa0
[ 2638.507073] ? follow_dfs_link+0x810/0x810 [cifs]
[ 2638.507125] ? _raw_spin_lock+0x81/0xe0
[ 2638.507130] cifs_smb3_do_mount+0x259/0x5f0 [cifs]
[ 2638.507180] ? cifs_sb_deactive+0x60/0x60 [cifs]
[ 2638.507231] ? mutex_lock+0x9f/0xf0
[ 2638.507234] ? __mutex_lock_slowpath+0x10/0x10
[ 2638.507238] ? smb3_fs_context_parse_monolithic+0x10b/0x2e0 [cifs]
[ 2638.507309] ? smb3_init_fs_context+0x1b6/0x8f0 [cifs]
[ 2638.507388] smb3_get_tree+0x77/0xf0 [cifs]
[ 2638.507450] vfs_get_tree+0x84/0x2b0
[ 2638.507455] do_new_mount+0x21e/0x480
[ 2638.507460] ? do_add_mount+0x370/0x370
[ 2638.507464] ? security_capable+0x56/0x90
[ 2638.507469] path_mount+0x2ad/0x1660
Signed-off-by: Ronnie Sahlberg <lsahlber@xxxxxxxxxx>
---
fs/cifs/smb2ops.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/cifs/smb2ops.c b/fs/cifs/smb2ops.c
index e04c3045c4d6..0ecd6e1832a1 100644
--- a/fs/cifs/smb2ops.c
+++ b/fs/cifs/smb2ops.c
@@ -569,7 +569,7 @@ parse_server_interfaces(struct network_interface_info_ioctl_rsp *buf,
/* no match. insert the entry in the list */
info = kmalloc(sizeof(struct cifs_server_iface),
- GFP_KERNEL);
+ GFP_ATOMIC);
if (!info) {
rc = -ENOMEM;
spin_unlock(&ses->iface_lock);
--
2.30.2
