Skip to content

Commit

Permalink
pstore: Fix warning in pstore_kill_sb()
Browse files Browse the repository at this point in the history 
syzbot is hitting WARN_ON(pstore_sb != sb) at pstore_kill_sb() [1], for the
assumption that pstore_sb != NULL is wrong because pstore_fill_super() will
not assign pstore_sb = sb when new_inode() for d_make_root() returned NULL
(due to memory allocation fault injection).

Since mount_single() calls pstore_kill_sb() when pstore_fill_super()
failed, pstore_kill_sb() needs to be aware of such failure path.

[1] https://syzkaller.appspot.com/bug?id=6abacb8da5137cb47a416f2bef95719ed60508a0

Reported-by: syzbot <[email protected]>
Signed-off-by: Tetsuo Handa <[email protected]>
Signed-off-by: Kees Cook <[email protected]>
Link: https://lore.kernel.org/r/[email protected]
  • Loading branch information
@kees
Tetsuo Handa authored and kees committed Feb 23, 2021
1 parent 19d8e91 commit 9c7d83a
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion fs/pstore/inode.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -467,7 +467,7 @@ static struct dentry *pstore_mount(struct file_system_type *fs_type,
static void pstore_kill_sb(struct super_block *sb)
{
mutex_lock(&pstore_sb_lock);
WARN_ON(pstore_sb != sb);
WARN_ON(pstore_sb && pstore_sb != sb);

kill_litter_super(sb);
pstore_sb = NULL;
Expand Down

0 comments on commit 9c7d83a

Please sign in to comment.