Patch "f2fs: fix null-ptr-deref in f2fs_submit_page_bio()" has been added to the 6.11-stable tree

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



This is a note to let you know that I've just added the patch titled

    f2fs: fix null-ptr-deref in f2fs_submit_page_bio()

to the 6.11-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     f2fs-fix-null-ptr-deref-in-f2fs_submit_page_bio.patch
and it can be found in the queue-6.11 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.



commit 97cce6a616c332a969eabcfbee10e24b78a7134d
Author: Ye Bin <yebin10@xxxxxxxxxx>
Date:   Sat Oct 12 00:44:50 2024 +0800

    f2fs: fix null-ptr-deref in f2fs_submit_page_bio()
    
    [ Upstream commit b7d0a97b28083084ebdd8e5c6bccd12e6ec18faa ]
    
    There's issue as follows when concurrently installing the f2fs.ko
    module and mounting the f2fs file system:
    KASAN: null-ptr-deref in range [0x0000000000000020-0x0000000000000027]
    RIP: 0010:__bio_alloc+0x2fb/0x6c0 [f2fs]
    Call Trace:
     <TASK>
     f2fs_submit_page_bio+0x126/0x8b0 [f2fs]
     __get_meta_page+0x1d4/0x920 [f2fs]
     get_checkpoint_version.constprop.0+0x2b/0x3c0 [f2fs]
     validate_checkpoint+0xac/0x290 [f2fs]
     f2fs_get_valid_checkpoint+0x207/0x950 [f2fs]
     f2fs_fill_super+0x1007/0x39b0 [f2fs]
     mount_bdev+0x183/0x250
     legacy_get_tree+0xf4/0x1e0
     vfs_get_tree+0x88/0x340
     do_new_mount+0x283/0x5e0
     path_mount+0x2b2/0x15b0
     __x64_sys_mount+0x1fe/0x270
     do_syscall_64+0x5f/0x170
     entry_SYSCALL_64_after_hwframe+0x76/0x7e
    
    Above issue happens as the biset of the f2fs file system is not
    initialized before register "f2fs_fs_type".
    To address above issue just register "f2fs_fs_type" at the last in
    init_f2fs_fs(). Ensure that all f2fs file system resources are
    initialized.
    
    Fixes: f543805fcd60 ("f2fs: introduce private bioset")
    Signed-off-by: Ye Bin <yebin10@xxxxxxxxxx>
    Reviewed-by: Chao Yu <chao@xxxxxxxxxx>
    Signed-off-by: Jaegeuk Kim <jaegeuk@xxxxxxxxxx>
    Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>

diff --git a/fs/f2fs/super.c b/fs/f2fs/super.c
index 0f6e2b3f6a4c5..615ca1f0ef59b 100644
--- a/fs/f2fs/super.c
+++ b/fs/f2fs/super.c
@@ -4972,9 +4972,6 @@ static int __init init_f2fs_fs(void)
 	err = f2fs_init_shrinker();
 	if (err)
 		goto free_sysfs;
-	err = register_filesystem(&f2fs_fs_type);
-	if (err)
-		goto free_shrinker;
 	f2fs_create_root_stats();
 	err = f2fs_init_post_read_processing();
 	if (err)
@@ -4997,7 +4994,12 @@ static int __init init_f2fs_fs(void)
 	err = f2fs_create_casefold_cache();
 	if (err)
 		goto free_compress_cache;
+	err = register_filesystem(&f2fs_fs_type);
+	if (err)
+		goto free_casefold_cache;
 	return 0;
+free_casefold_cache:
+	f2fs_destroy_casefold_cache();
 free_compress_cache:
 	f2fs_destroy_compress_cache();
 free_compress_mempool:
@@ -5012,8 +5014,6 @@ static int __init init_f2fs_fs(void)
 	f2fs_destroy_post_read_processing();
 free_root_stats:
 	f2fs_destroy_root_stats();
-	unregister_filesystem(&f2fs_fs_type);
-free_shrinker:
 	f2fs_exit_shrinker();
 free_sysfs:
 	f2fs_exit_sysfs();
@@ -5037,6 +5037,7 @@ static int __init init_f2fs_fs(void)
 
 static void __exit exit_f2fs_fs(void)
 {
+	unregister_filesystem(&f2fs_fs_type);
 	f2fs_destroy_casefold_cache();
 	f2fs_destroy_compress_cache();
 	f2fs_destroy_compress_mempool();
@@ -5045,7 +5046,6 @@ static void __exit exit_f2fs_fs(void)
 	f2fs_destroy_iostat_processing();
 	f2fs_destroy_post_read_processing();
 	f2fs_destroy_root_stats();
-	unregister_filesystem(&f2fs_fs_type);
 	f2fs_exit_shrinker();
 	f2fs_exit_sysfs();
 	f2fs_destroy_garbage_collection_cache();




[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux