jffs2: Fix use of uninitialized erase_completion_lcok
diff mbox series

Message ID 20190212002501.96725-1-brandon.maier@rockwellcollins.com
State Awaiting Upstream
Delegated to: Richard Weinberger
Headers show
Series
  • jffs2: Fix use of uninitialized erase_completion_lcok
Related show

Commit Message

Brandon Maier Feb. 12, 2019, 12:25 a.m. UTC
From: Clayton Shotwell <clayton.shotwell@rockwellcollins.com>

If jffs2_fill_super() detects a bad option, it will error out. But it
leaves a pointer to the uninitialized jffs2_sb_info in the super block.
It gets passed to jffs2_kill_sb() which attempts to use the spinlock,
generating the following warning:

[root@hostname tmp]# mount -t jffs2 -o 'bogus' /dev/mtdblock12 /mnt
[  354.060743] jffs2: Error: unrecognized mount option 'bogus' or missing value
[  354.067932] INFO: trying to register non-static key.
[  354.072847] the code is fine but needs lockdep annotation.
[  354.078315] turning off the locking correctness validator.
[  354.083804] CPU: 0 PID: 313 Comm: mount Not tainted 4.14.87 #1
[  354.089599] Hardware name: Xilinx Zynq Platform
[  354.094167] [<c0125e80>] (unwind_backtrace) from [<c0122080>] (show_stack+0x20/0x24)
[  354.101867] [<c0122080>] (show_stack) from [<c078f368>] (dump_stack+0xbc/0xe8)
[  354.109076] [<c078f368>] (dump_stack) from [<c0187b68>] (register_lock_class+0x27c/0x624)
[  354.117227] [<c0187b68>] (register_lock_class) from [<c018b334>] (__lock_acquire+0xa4/0x1c60)
[  354.125726] [<c018b334>] (__lock_acquire) from [<c018d92c>] (lock_acquire+0xd0/0x2b0)
[  354.133550] [<c018d92c>] (lock_acquire) from [<c07af704>] (_raw_spin_lock+0x54/0x64)
[  354.141271] [<c07af704>] (_raw_spin_lock) from [<c03d5ee8>] (jffs2_stop_garbage_collect_thread+0x24/0x5c)
[  354.150814] [<c03d5ee8>] (jffs2_stop_garbage_collect_thread) from [<c03d7278>] (jffs2_kill_sb+0x38/0x4c)
[  354.160276] [<c03d7278>] (jffs2_kill_sb) from [<c0287248>] (deactivate_locked_super+0x6c/0x90)
[  354.168878] [<c0287248>] (deactivate_locked_super) from [<c050ffcc>] (mount_mtd_aux+0x11c/0x124)
[  354.177623] [<c050ffcc>] (mount_mtd_aux) from [<c0510034>] (mount_mtd_nr+0x60/0x90)
[  354.185262] [<c0510034>] (mount_mtd_nr) from [<c05101d0>] (mount_mtd+0x16c/0x238)
[  354.192737] [<c05101d0>] (mount_mtd) from [<c03d72b4>] (jffs2_mount+0x28/0x30)
[  354.199946] [<c03d72b4>] (jffs2_mount) from [<c0288bd8>] (mount_fs+0x24/0xb8)
[  354.207073] [<c0288bd8>] (mount_fs) from [<c02aba34>] (vfs_kern_mount+0x64/0x138)
[  354.214528] [<c02aba34>] (vfs_kern_mount) from [<c02afb78>] (do_mount+0x198/0xce0)
[  354.222064] [<c02afb78>] (do_mount) from [<c02b0a5c>] (SyS_mount+0x84/0xac)
[  354.229028] [<c02b0a5c>] (SyS_mount) from [<c011cfc0>] (ret_fast_syscall+0x0/0x28)
mount: mounting /dev/mtdblock12 on /mnt failed: Invalid argument

Signed-off-by: Clayton Shotwell <clayton.shotwell@rockwellcollins.com>
Signed-off-by: Brandon Maier <brandon.maier@rockwellcollins.com>
---
 fs/jffs2/super.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

Comments

Brandon Maier April 11, 2019, 4:08 p.m. UTC | #1
Ping

Should I CC JFFS2 patches somewhere else? I don't see any traction on
JFFS patches in linux-mtd nor any emails from the maintainer Woodhouse
since November.

On Mon, Feb 11, 2019 at 6:25 PM Brandon Maier
<brandon.maier@rockwellcollins.com> wrote:
>
> From: Clayton Shotwell <clayton.shotwell@rockwellcollins.com>
>
> If jffs2_fill_super() detects a bad option, it will error out. But it
> leaves a pointer to the uninitialized jffs2_sb_info in the super block.
> It gets passed to jffs2_kill_sb() which attempts to use the spinlock,
> generating the following warning:
>
> [root@hostname tmp]# mount -t jffs2 -o 'bogus' /dev/mtdblock12 /mnt
> [  354.060743] jffs2: Error: unrecognized mount option 'bogus' or missing value
> [  354.067932] INFO: trying to register non-static key.
> [  354.072847] the code is fine but needs lockdep annotation.
> [  354.078315] turning off the locking correctness validator.
> [  354.083804] CPU: 0 PID: 313 Comm: mount Not tainted 4.14.87 #1
> [  354.089599] Hardware name: Xilinx Zynq Platform
> [  354.094167] [<c0125e80>] (unwind_backtrace) from [<c0122080>] (show_stack+0x20/0x24)
> [  354.101867] [<c0122080>] (show_stack) from [<c078f368>] (dump_stack+0xbc/0xe8)
> [  354.109076] [<c078f368>] (dump_stack) from [<c0187b68>] (register_lock_class+0x27c/0x624)
> [  354.117227] [<c0187b68>] (register_lock_class) from [<c018b334>] (__lock_acquire+0xa4/0x1c60)
> [  354.125726] [<c018b334>] (__lock_acquire) from [<c018d92c>] (lock_acquire+0xd0/0x2b0)
> [  354.133550] [<c018d92c>] (lock_acquire) from [<c07af704>] (_raw_spin_lock+0x54/0x64)
> [  354.141271] [<c07af704>] (_raw_spin_lock) from [<c03d5ee8>] (jffs2_stop_garbage_collect_thread+0x24/0x5c)
> [  354.150814] [<c03d5ee8>] (jffs2_stop_garbage_collect_thread) from [<c03d7278>] (jffs2_kill_sb+0x38/0x4c)
> [  354.160276] [<c03d7278>] (jffs2_kill_sb) from [<c0287248>] (deactivate_locked_super+0x6c/0x90)
> [  354.168878] [<c0287248>] (deactivate_locked_super) from [<c050ffcc>] (mount_mtd_aux+0x11c/0x124)
> [  354.177623] [<c050ffcc>] (mount_mtd_aux) from [<c0510034>] (mount_mtd_nr+0x60/0x90)
> [  354.185262] [<c0510034>] (mount_mtd_nr) from [<c05101d0>] (mount_mtd+0x16c/0x238)
> [  354.192737] [<c05101d0>] (mount_mtd) from [<c03d72b4>] (jffs2_mount+0x28/0x30)
> [  354.199946] [<c03d72b4>] (jffs2_mount) from [<c0288bd8>] (mount_fs+0x24/0xb8)
> [  354.207073] [<c0288bd8>] (mount_fs) from [<c02aba34>] (vfs_kern_mount+0x64/0x138)
> [  354.214528] [<c02aba34>] (vfs_kern_mount) from [<c02afb78>] (do_mount+0x198/0xce0)
> [  354.222064] [<c02afb78>] (do_mount) from [<c02b0a5c>] (SyS_mount+0x84/0xac)
> [  354.229028] [<c02b0a5c>] (SyS_mount) from [<c011cfc0>] (ret_fast_syscall+0x0/0x28)
> mount: mounting /dev/mtdblock12 on /mnt failed: Invalid argument
>
> Signed-off-by: Clayton Shotwell <clayton.shotwell@rockwellcollins.com>
> Signed-off-by: Brandon Maier <brandon.maier@rockwellcollins.com>
> ---
>  fs/jffs2/super.c | 5 ++++-
>  1 file changed, 4 insertions(+), 1 deletion(-)
>
> diff --git a/fs/jffs2/super.c b/fs/jffs2/super.c
> index bb6ae387469f..34f9a1c21620 100644
> --- a/fs/jffs2/super.c
> +++ b/fs/jffs2/super.c
> @@ -286,8 +286,11 @@ static int jffs2_fill_super(struct super_block *sb, void *data, int silent)
>         sb->s_fs_info = c;
>
>         ret = jffs2_parse_options(c, data);
> -       if (ret)
> +       if (ret) {
> +               sb->s_fs_info = NULL;
> +               kfree(c);
>                 return -EINVAL;
> +       }
>
>         /* Initialize JFFS2 superblock locks, the further initialization will
>          * be done later */
> --
> 2.20.1
>
Richard Weinberger April 12, 2019, 7:34 a.m. UTC | #2
On Thu, Apr 11, 2019 at 6:09 PM Brandon Maier
<brandon.maier@rockwellcollins.com> wrote:
>
> Ping
>
> Should I CC JFFS2 patches somewhere else? I don't see any traction on
> JFFS patches in linux-mtd nor any emails from the maintainer Woodhouse
> since November.

I'll take this patch.
Thanks for fixing.

Patch
diff mbox series

diff --git a/fs/jffs2/super.c b/fs/jffs2/super.c
index bb6ae387469f..34f9a1c21620 100644
--- a/fs/jffs2/super.c
+++ b/fs/jffs2/super.c
@@ -286,8 +286,11 @@  static int jffs2_fill_super(struct super_block *sb, void *data, int silent)
 	sb->s_fs_info = c;
 
 	ret = jffs2_parse_options(c, data);
-	if (ret)
+	if (ret) {
+		sb->s_fs_info = NULL;
+		kfree(c);
 		return -EINVAL;
+	}
 
 	/* Initialize JFFS2 superblock locks, the further initialization will
 	 * be done later */