This is a note to let you know that I've just added the patch titled
jfs: fix log->bdev_handle null ptr deref in lbmStartIO
to the 6.6-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
jfs-fix-log-bdev_handle-null-ptr-deref-in-lbmstartio.patch
and it can be found in the queue-6.6 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.
commit bc40c4b28e426ed299f2e8f3cc12ef9c1eba829c
Author: Lizhi Xu <lizhi.xu@xxxxxxxxxxxxx>
Date: Mon Oct 9 17:45:57 2023 +0800
jfs: fix log->bdev_handle null ptr deref in lbmStartIO
[ Upstream commit 6306ff39a7fcb7e9c59a00e6860b933b71a2ed3e ]
When sbi->flag is JFS_NOINTEGRITY in lmLogOpen(), log->bdev_handle can't
be inited, so it value will be NULL.
Therefore, add the "log ->no_integrity=1" judgment in lbmStartIO() to avoid such
problems.
Reported-and-tested-by: syzbot+23bc20037854bb335d59@xxxxxxxxxxxxxxxxxxxxxxxxx
Signed-off-by: Lizhi Xu <lizhi.xu@xxxxxxxxxxxxx>
Link: https://lore.kernel.org/r/20231009094557.1398920-1-lizhi.xu@xxxxxxxxxxxxx
Reviewed-by: Jan Kara <jack@xxxxxxx>
Signed-off-by: Christian Brauner <brauner@xxxxxxxxxx>
Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>
diff --git a/fs/jfs/jfs_logmgr.c b/fs/jfs/jfs_logmgr.c
index c911d838b8ec8..cb6d1fda66a70 100644
--- a/fs/jfs/jfs_logmgr.c
+++ b/fs/jfs/jfs_logmgr.c
@@ -2110,10 +2110,14 @@ static void lbmStartIO(struct lbuf * bp)
{
struct bio *bio;
struct jfs_log *log = bp->l_log;
+ struct block_device *bdev = NULL;
jfs_info("lbmStartIO");
- bio = bio_alloc(log->bdev_handle->bdev, 1, REQ_OP_WRITE | REQ_SYNC,
+ if (!log->no_integrity)
+ bdev = log->bdev_handle->bdev;
+
+ bio = bio_alloc(bdev, 1, REQ_OP_WRITE | REQ_SYNC,
GFP_NOFS);
bio->bi_iter.bi_sector = bp->l_blkno << (log->l2bsize - 9);
__bio_add_page(bio, bp->l_page, LOGPSIZE, bp->l_offset);
