From patchwork Tue Aug 23 15:55:31 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrey Ryabinin X-Patchwork-Id: 9297833 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 5782A607F0 for ; Wed, 24 Aug 2016 13:41:25 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 4709D28D09 for ; Wed, 24 Aug 2016 13:41:25 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 35F1428FAF; Wed, 24 Aug 2016 13:41:25 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.8 required=2.0 tests=BAYES_00,DKIM_SIGNED, RCVD_IN_DNSWL_HI,T_DKIM_INVALID autolearn=ham version=3.3.1 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 9CB5628D09 for ; Wed, 24 Aug 2016 13:41:24 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754821AbcHXNlX (ORCPT ); Wed, 24 Aug 2016 09:41:23 -0400 Received: from mail-db5eur01on0110.outbound.protection.outlook.com ([104.47.2.110]:65471 "EHLO EUR01-DB5-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1753012AbcHXNlW (ORCPT ); Wed, 24 Aug 2016 09:41:22 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=virtuozzo.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=ZzMeia4L9syzO8bwnPeYfd7KPTWoxYtvf9Wu1P45q+c=; b=hvh45h0rmc9ggRffIKcxS9jdQg9Vgqe96y6Rz9FI18QxxgXAoZbpc2D+DfLPqrj1vaGCbcj803jDVK88T46qYRKZA3u3O59f93oaYgY3C9cdey+u4pfCX7eblhnoAQaifHVBLrO7SQIUvIGdN7Iw++sll1FGQjOZxEa/OrTagCo= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=aryabinin@virtuozzo.com; Received: from localhost.sw.ru (195.214.232.10) by HE1PR0802MB2555.eurprd08.prod.outlook.com (10.175.35.148) with Microsoft SMTP Server (version=TLS1_0, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P384) id 15.1.587.13; Tue, 23 Aug 2016 15:54:19 +0000 From: Andrey Ryabinin To: Jens Axboe , Alexander Viro CC: , Maxim Patlasov , Christoph Hellwig , , "Andrey Ryabinin" Subject: [PATCH] fs/block_dev: fix potential NULL ptr deref in freeze_bdev() Date: Tue, 23 Aug 2016 18:55:31 +0300 Message-ID: <1471967731-3465-1-git-send-email-aryabinin@virtuozzo.com> X-Mailer: git-send-email 2.7.3 MIME-Version: 1.0 X-Originating-IP: [195.214.232.10] X-ClientProxiedBy: AM3PR03CA033.eurprd03.prod.outlook.com (10.141.191.161) To HE1PR0802MB2555.eurprd08.prod.outlook.com (10.175.35.148) X-MS-Office365-Filtering-Correlation-Id: a997ea28-9c4e-4884-209b-08d3cb6dbeb0 X-Microsoft-Exchange-Diagnostics: 1; HE1PR0802MB2555; 2:UdhM7x/t2gYnNojrA2ZWvhArqVkF49dLDRy4MqN3SL/j1m3Qny8wzvffY7JB5HWHCyCbhWZhRZWbrYvZ1g9DC0EmWqL90juCCIth9rSrjszTiuViHxcr8wnkW6FOptLqd8W70ooLhPLytyj+loD/4sl/sq3ubiYNarbK9dS6hp8ULHhgKHSjvWz2E4dzuI0u; 3:7YAaIPuiwyadp0B/YFrrsMMhB2603dbgGF06tlBUEFx9pZy9qk8xqVlCd2aCHCOo2bwaw6otxxpnqp918SPVHV78siodjcS3HxXbqTBE+5F7YAgAKOETw/iRDzNJM6IW X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:;SRVR:HE1PR0802MB2555; X-Microsoft-Exchange-Diagnostics: 1; HE1PR0802MB2555; 25:iDzoe2Lmga7+XjWanEhYJyziqtG5UBYKhRNO8XLfpS4NQ2sQtgqAWTDpHCXz/+UUPKH7e3ciPBZBsMSnETvVCSAF2EVTHNZp5g2OEGMS8jBDIxZ+J+6Tya6iuOswfNC3GuSYAVSxvhfSmzrK58HDaokjwnsagcUoLFUu9tkBOPp0vejGaDbb5w2f1aAD36ZFZv1DK6vgmgl7A7gPrA5brava+s9GJXFmemAU7Wf3zfnSbBOlKGsnK5F57w3lthB3e+RvvcR/k0NYq7fa00XztqQ8D2S03zjjyLHsNU5hDRX4c9VVv08XNrqhbVNVuQw9D5C4S8JZ07fEzX8O+/kwxsfgG7feKnnzvL87VB+GUjlIxoTzAw1AQoI5wHFQzqvvwYJ3pdac3x+fwpPOC0nibhJhBdqTeXDVAwLoIpw2p2dq5Bl2bmuM2/4hibFqDiowOs0uM08rLTXFVp0E7+etIMaFYP4j2bg+pDTHrCGbMZ7f+pf6f4h0kvypXZHTRkaJZE8HAeqX0UXm+6nW+8oBcd32dxyw2mB1zXNClBcE0oPQRw85hkzX+Ajx5ZOJSuUz+9b29+6ft1dgifwD3b4XE7ithOa6RF9uCbGG7rkbREG0biTfVbA5EfqokvlgEE055xbkdQ5+M5AjYvV1mO76GpP2FNP4QbiCSyzKc+Exc5RX6dinkqQbFUHVVZCe+HB7O0dhgrMpWK2IroBFeOxXSEnNQnpUzO6nzLp8Vy6dEEUPJyLjSUzLc7Oug4FBVuS6 X-Microsoft-Exchange-Diagnostics: 1; HE1PR0802MB2555; 31:ULEHoCksEWgVkOkgRglJDgk985sSk5KFVvEs3ZOEsZL4TG7Ey8IGgw7IcTxM7VQGTpySZSLlMoYDJxsYumAhNvH8nNb28nhJCm6sOKYfjlUv6fmt6Vn/BsgxvpuGaJAL0dLiVod9AB6IxNAotNjXKeLSasxQY9bLhNTC7H/tZWCM14H3R2QdPwkqV9mCc+0zLiKcVdT3ef+ZiM8PYC7M2+SZj14DqJdzX1C8qwaEa/s=; 4:OBEhhJQ2JkVhvgXo+XfBDuWGaemCPcrVPAncEuL1idqX4uJ/VqN3z3TGkdsLveYAUqkUwJniJOHO4fVNPkMVUys/umxn8gfSqtD2DFG9Jt24xJt2b+nIgGpJ2byu5iy1H+9wgmlqJCXCVOenKyRxrEZWmQLjEQk2QV/MMWsgcLyc1GVYNS/RAddohzw4HR8DbajaaPICbXFdCrdXl7zRlO+FSLbAaM72w4F6Rd6eBOBxoXCZbiVybIouyJVJs+PAmyK5s1rQ2g68thnb+2cL6i5cibfDAt6aDstc9fiGV4nIYkozYrVYCHLoneJqa9qtviuoi5x0Yc5URZQH5N5GPVmShmuTMMcDdLIHhKTIjFSXyqr0nNzHZA8MoEWi8IegmOtvlQwWung4426OGHVhGlKcsejV+DN/de9hn0BbhFc= X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:; X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(6040176)(601004)(2401047)(5005006)(8121501046)(3002001)(10201501046)(6043046)(6042046); SRVR:HE1PR0802MB2555; BCL:0; PCL:0; RULEID:; SRVR:HE1PR0802MB2555; X-Forefront-PRVS: 004395A01C X-Forefront-Antispam-Report: SFV:NSPM; SFS:(10019020)(4630300001)(979002)(6069001)(6009001)(7916002)(189002)(199003)(101416001)(92566002)(5660300001)(33646002)(86362001)(5003940100001)(5001770100001)(50986999)(189998001)(97736004)(77096005)(48376002)(229853001)(305945005)(50226002)(3846002)(7846002)(6116002)(7736002)(81166006)(586003)(8676002)(50466002)(81156014)(106356001)(107886002)(19580395003)(68736007)(36756003)(105586002)(19580405001)(76506005)(2906002)(4326007)(42186005)(69596002)(4001430100002)(47776003)(66066001)(53416004)(969003)(989001)(999001)(1009001)(1019001); DIR:OUT; SFP:1102; SCL:1; SRVR:HE1PR0802MB2555; H:localhost.sw.ru; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en; Received-SPF: None (protection.outlook.com: virtuozzo.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?us-ascii?Q?1; HE1PR0802MB2555; 23:vOmAxvtTQoRabEN9BzSWsUp7WDfD/A7OmUXLsS/?= =?us-ascii?Q?UgbZ6PZ1HV4eHxplgha1jzbkuorBDBIFTI+8++aiuhvXIaI3QiZhRtzWomnn?= =?us-ascii?Q?3NB1C99xbSl/9tRK0HKOAgus3D3BM8EC8x4PDDirpSxsWZOfeVKd1UyCRgtn?= =?us-ascii?Q?x+5H52Ff0NpwtHCdpF88vCDtFjGMzBUMqhSQzbsMtKKCgLfGjGHS8VB6qXcN?= =?us-ascii?Q?NNzDQ58YEw0seiM4OElsYM/V1XX5xhIABauilZWXsq+raaltRZSROV65W7PD?= =?us-ascii?Q?6GORLdTc3e/dkXKf5rXj9yYrsj1BWUa7Iw2Hgb5es42Xb4Vtn8iwuqcrYP8C?= =?us-ascii?Q?96eorMjbJ0LdI5fcIy69GU53eWuPEIKinCF3H2atINj1DkbI6NWu+WsxrTPY?= =?us-ascii?Q?drutssD9FJkljvrBEsZdHwk9tNe98eHxBpSZpUArHGlIwextJMEJnzb+2VfB?= =?us-ascii?Q?wgOcVnNguOAnqMw4eZwRAianfaapqK6+q/6OyoO89uB0HK8mqC8nW/AMeOEr?= =?us-ascii?Q?NupwgwhDfhTKiwN3qhPI6a9g0bdj3m4rLnETEqaaBLmlaW+vPIkVIP+6g+cw?= =?us-ascii?Q?Rc3A9iBYhTXyOgKvl7XY4l9BFhUmIkmoh9eifuMz5acY7IApQCa2TSyhIzxc?= =?us-ascii?Q?Ldc0mWoi21p0pLgp1tkG/FhJLm4m+hgsVIfk0zlqZqIbuTF6hAxh2F01pk3o?= =?us-ascii?Q?MxckXJkTi91Z1/O1eoa4KNUn3qRLptkezGCEuralts8VWfMPI8nCfPp+sW61?= =?us-ascii?Q?1zvmUk7SqIrVXVsbb0BiiS0JlkuhLHBkH96MrQ93dYdWgG2SSsBjIAXDCDK4?= =?us-ascii?Q?t6yG5bZm/t6dpx3gs9TsJkx+h593YuBHU2aAQdCBAGKwu2FfJb2h/aUkcPmn?= =?us-ascii?Q?Fo4EM2pxQOePbktEfV0x/Yn2VlHyOAOcC9EFpQH03VqWG42k/3CyJHfYeFTN?= =?us-ascii?Q?FOiieVmWTUynW6VrohYM00MzNzSahr4+i5Eba5QKlLl4jJihSbsSg4W4iTAV?= =?us-ascii?Q?5ZCdRMPfeUHFY4gYiSoi+OY9ch9k6vcBs+eVVS/GFs+jCUSqpH5bzrdvhlRL?= =?us-ascii?Q?camwiaAYB87TBmMsAbllDXXvruvM20bGyW4QgMomvKlN2L2cWgDgAMo0OlcF?= =?us-ascii?Q?M6DOmEP5isy/LZQPA1jY3F1yrOuGbU6b7Lb2bi9KAXHTUlBgmU6r4FyKuonx?= =?us-ascii?Q?QYDcDsqmeduEI/OtM1yrsUzlomYvNu8ZAxCV1K+jyUBIePv6HiRVwq1eAIFA?= =?us-ascii?Q?pPWskUc4q5HawgiPOWtYqiyAYyDhauqcI5L2HSVoQ?= X-Microsoft-Exchange-Diagnostics: 1; HE1PR0802MB2555; 6:0IYS39ZkZB3jO+92AC3y+Bcat8T3thZ/FeREs8oOVAestcuZLzluL2kqZVwgQF86xoMspMnsP/SlfVbSNhX6HjStp2HlK++xv1guGbsq7Cmw5ntAtwujqKzL/8y6JeAI3D8TxbAOF85gafa8ZhIO7XM0oHLlJ+bu1kRAxxhXJYqZQbboglCYLK+wf+6i97a2BQyPqIjDdo8p9/MyAj3J4E+reslXe9FA1SmkYHOFuYfe8CKWYNxmRQKGbJ6mfdfBCcnzksG2kv27GgUZWOJztrtSPxs+AR/fh1vbb7zXuJKk+2E933nzMjo/6dytrGPC; 5:QTd4F7K9+jdRG4JsKidZ8jwaHVBN0Nd3NMvwREaReUZj0Mzc0ljJMX9id44MWx/GgUV6xvsnGPVjuzoC2q5GC4AuwgE8DJRh0DUq1brZ0X2zLT5RVGB4SR7YHNPYK0E0X8PMkJ52mrImBh/6az+niQ==; 24:yj4lr0NXg9NxqpMitVUFowo3PR9LDtfdal2p0Z/HoVjL8Q9jFitZjz8NJcCpg+EHdaazpAW2CTZeThZEKfW7hO53uwIToaiH/S4Gbs6v3vU=; 7:srsHrDznqNYhVrxZqpphnUKVPrsSOYH6QC7iuof6j7HJzt1+LHho68ywcamf3cSmqw4slstoJejxRPOP/YOS1CIaC+s6LstXKVjGgPt92Unyf22jPqDQDCvHChG19G6CIdj+hHcgX+E7FpctP1Ja1pPiowBu8/GMb33BuGD3A5Kly6Ln/CBjzF4adgBWo89yp6h0ATWOI6lbK35jSbxIHuZHnOpiAukQI9DObKTzBqayfAVOXZE9fIKoLgb5O3KO SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1; HE1PR0802MB2555; 20:Oc7oPDiPcLGV4rq3/xV3dK3TQr7xmSRg+02c4e5obIDxSehKLdSCtr6xCGxjgv3KTh3SSboJWt8YDxema2gv4n/rwZCkM+QkNAfXAMDdpb0FxiMhbrZsdmduh+DsLBxzsbwgrTL6xjYZYQalOH+p3359TKrq8eQxUgf8SLo+uWQ= X-OriginatorOrg: virtuozzo.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Aug 2016 15:54:19.1942 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR0802MB2555 Sender: linux-fsdevel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-fsdevel@vger.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP Calling freeze_bdev() twice on the same block device without mounted filesystem get_super() will return NULL, which will lead to NULL-ptr dereference later in drop_super(). Check get_super() result to fix that. Note, that this is a purely theoretical issue. We have only 3 freeze_bdev() callers. 2 of them are in filesystem code and used on a device with mounted fs. The third one in lock_fs() has protection in upper-layer code against freezing block device the second time without thawing it first. Signed-off-by: Andrey Ryabinin Reviewed-by: Christoph Hellwig --- fs/block_dev.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/fs/block_dev.c b/fs/block_dev.c index c3cdde8..c18b083 100644 --- a/fs/block_dev.c +++ b/fs/block_dev.c @@ -249,7 +249,8 @@ struct super_block *freeze_bdev(struct block_device *bdev) * thaw_bdev drops it. */ sb = get_super(bdev); - drop_super(sb); + if (sb) + drop_super(sb); mutex_unlock(&bdev->bd_fsfreeze_mutex); return sb; }