On 12/15/2023 11:01 PM, Matthew Wilcox wrote:
On Fri, Dec 15, 2023 at 02:51:43PM +0000, Matthew Wilcox wrote:
I'm not saying no to this fix, but dump_mapping() is supposed to be
resilient against this. Is the issue that 'dentry' is NULL, or is it
some field within dentry that is NULL? eg, would this fix your
case?
Uh, dentry is an on-stack dentry. So obviously it's a pointer within it
that's NULL. Maybe this, having stared at the implementation of %pd?
Yes, I think below check can avoid crash of dentry_name() used by '%pd'.
Maybe we should also initialize on-stack dentry by
struct dentry dentry = { };
I can send a patch with your suggestion. Thanks.
+++ b/fs/inode.c
@@ -588,7 +588,8 @@ void dump_mapping(const struct address_space *mapping)
}
dentry_ptr = container_of(dentry_first, struct dentry, d_u.d_alias);
- if (get_kernel_nofault(dentry, dentry_ptr)) {
+ if (get_kernel_nofault(dentry, dentry_ptr) ||
+ !dentry->d_parent || !dentry->d_name) {
pr_warn("aops:%ps ino:%lx invalid dentry:%px\n",
a_ops, ino, dentry_ptr);
return;
