From: Mike Snitzer <snitzer@redhat.com>
To: Dan Carpenter <dan.carpenter@oracle.com>
Cc: Alasdair Kergon <agk@redhat.com>,
dm-devel@redhat.com, kernel-janitors@vger.kernel.org
Subject: Re: dm mpath: potential NULL dereference with parse_path()
Date: Sat, 6 Jan 2018 11:20:45 -0500 [thread overview]
Message-ID: <20180106162045.GA27922@redhat.com> (raw)
In-Reply-To: <20180106092643.pq67kkzj2jsjlvzy@mwanda>
On Sat, Jan 06 2018 at 4:26P -0500,
Dan Carpenter <dan.carpenter@oracle.com> wrote:
> We forgot to set the error code on this path so it means we accidentally
> return NULL. The caller is expecting error pointers and will crash
> with a NULL dereference.
>
> Fixes: faf782b1c93d ("dm mpath: optimize NVMe bio-based support")
> Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
>
> diff --git a/drivers/md/dm-mpath.c b/drivers/md/dm-mpath.c
> index d1f32103ae86..0436a5466281 100644
> --- a/drivers/md/dm-mpath.c
> +++ b/drivers/md/dm-mpath.c
> @@ -883,6 +883,7 @@ static struct pgpath *parse_path(struct dm_arg_set *as, struct path_selector *ps
> INIT_DELAYED_WORK(&p->activate_path, activate_path_work);
> if (setup_scsi_dh(p->path.dev->bdev, m, &ti->error)) {
> dm_put_device(ti, p->path.dev);
> + r = -EINVAL;
> goto bad;
> }
> }
Thanks for the report, but I prefer the following fix, which I'll fold
into the original commit:
diff --git a/drivers/md/dm-mpath.c b/drivers/md/dm-mpath.c
index 99420b0ac2db..be581765edd1 100644
--- a/drivers/md/dm-mpath.c
+++ b/drivers/md/dm-mpath.c
@@ -882,7 +882,8 @@ static struct pgpath *parse_path(struct dm_arg_set *as, struct path_selector *ps
if (m->queue_mode != DM_TYPE_NVME_BIO_BASED) {
INIT_DELAYED_WORK(&p->activate_path, activate_path_work);
- if (setup_scsi_dh(p->path.dev->bdev, m, &ti->error)) {
+ r = setup_scsi_dh(p->path.dev->bdev, m, &ti->error);
+ if (r) {
dm_put_device(ti, p->path.dev);
goto bad;
}
WARNING: multiple messages have this Message-ID (diff)
From: Mike Snitzer <snitzer@redhat.com>
To: Dan Carpenter <dan.carpenter@oracle.com>
Cc: Alasdair Kergon <agk@redhat.com>,
dm-devel@redhat.com, kernel-janitors@vger.kernel.org
Subject: Re: dm mpath: potential NULL dereference with parse_path()
Date: Sat, 06 Jan 2018 16:20:45 +0000 [thread overview]
Message-ID: <20180106162045.GA27922@redhat.com> (raw)
In-Reply-To: <20180106092643.pq67kkzj2jsjlvzy@mwanda>
On Sat, Jan 06 2018 at 4:26P -0500,
Dan Carpenter <dan.carpenter@oracle.com> wrote:
> We forgot to set the error code on this path so it means we accidentally
> return NULL. The caller is expecting error pointers and will crash
> with a NULL dereference.
>
> Fixes: faf782b1c93d ("dm mpath: optimize NVMe bio-based support")
> Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
>
> diff --git a/drivers/md/dm-mpath.c b/drivers/md/dm-mpath.c
> index d1f32103ae86..0436a5466281 100644
> --- a/drivers/md/dm-mpath.c
> +++ b/drivers/md/dm-mpath.c
> @@ -883,6 +883,7 @@ static struct pgpath *parse_path(struct dm_arg_set *as, struct path_selector *ps
> INIT_DELAYED_WORK(&p->activate_path, activate_path_work);
> if (setup_scsi_dh(p->path.dev->bdev, m, &ti->error)) {
> dm_put_device(ti, p->path.dev);
> + r = -EINVAL;
> goto bad;
> }
> }
Thanks for the report, but I prefer the following fix, which I'll fold
into the original commit:
diff --git a/drivers/md/dm-mpath.c b/drivers/md/dm-mpath.c
index 99420b0ac2db..be581765edd1 100644
--- a/drivers/md/dm-mpath.c
+++ b/drivers/md/dm-mpath.c
@@ -882,7 +882,8 @@ static struct pgpath *parse_path(struct dm_arg_set *as, struct path_selector *ps
if (m->queue_mode != DM_TYPE_NVME_BIO_BASED) {
INIT_DELAYED_WORK(&p->activate_path, activate_path_work);
- if (setup_scsi_dh(p->path.dev->bdev, m, &ti->error)) {
+ r = setup_scsi_dh(p->path.dev->bdev, m, &ti->error);
+ if (r) {
dm_put_device(ti, p->path.dev);
goto bad;
}
next prev parent reply other threads:[~2018-01-06 16:20 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-01-06 9:26 [PATCH] dm mpath: potential NULL dereference with parse_path() Dan Carpenter
2018-01-06 9:26 ` Dan Carpenter
2018-01-06 16:20 ` Mike Snitzer [this message]
2018-01-06 16:20 ` Mike Snitzer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180106162045.GA27922@redhat.com \
--to=snitzer@redhat.com \
--cc=agk@redhat.com \
--cc=dan.carpenter@oracle.com \
--cc=dm-devel@redhat.com \
--cc=kernel-janitors@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.