From mboxrd@z Thu Jan  1 00:00:00 1970
From: Chengyu Song <csong84@gatech.edu>
Date: Mon, 23 Mar 2015 21:43:38 -0400
Subject: [Cluster-devel] [PATCH 1/1] dlm: incorrect check for debugfs returns
Message-ID: <1427161418-19200-1-git-send-email-csong84@gatech.edu>
List-Id: <cluster-devel.redhat.com>
To: cluster-devel.redhat.com
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit

debugfs_create_dir and debugfs_create_file may return -ENODEV when debugfs
is not configured, so the return value should be checked against ERROR_VALUE
as well, otherwise the later dereference of the dentry pointer would crash
the kernel.

Signed-off-by: Chengyu Song <csong84@gatech.edu>
---
 fs/dlm/debug_fs.c | 70 +++++++++++++++++++++++++++++++------------------------
 1 file changed, 39 insertions(+), 31 deletions(-)

diff --git a/fs/dlm/debug_fs.c b/fs/dlm/debug_fs.c
index eea6491..65666c8 100644
--- a/fs/dlm/debug_fs.c
+++ b/fs/dlm/debug_fs.c
@@ -709,78 +709,86 @@ void dlm_delete_debug_file(struct dlm_ls *ls)
 int dlm_create_debug_file(struct dlm_ls *ls)
 {
 	char name[DLM_LOCKSPACE_LEN+8];
+	struct dentry *dent;
 
 	/* format 1 */
 
-	ls->ls_debug_rsb_dentry = debugfs_create_file(ls->ls_name,
-						      S_IFREG | S_IRUGO,
-						      dlm_root,
-						      ls,
-						      &format1_fops);
-	if (!ls->ls_debug_rsb_dentry)
+	dent = debugfs_create_file(ls->ls_name,
+				   S_IFREG | S_IRUGO,
+				   dlm_root,
+				   ls,
+				   &format1_fops);
+	if (IS_ERR_OR_NULL(dent))
 		goto fail;
+	ls->ls_debug_rsb_dentry = dent;
 
 	/* format 2 */
 
 	memset(name, 0, sizeof(name));
 	snprintf(name, DLM_LOCKSPACE_LEN+8, "%s_locks", ls->ls_name);
 
-	ls->ls_debug_locks_dentry = debugfs_create_file(name,
-							S_IFREG | S_IRUGO,
-							dlm_root,
-							ls,
-							&format2_fops);
-	if (!ls->ls_debug_locks_dentry)
+	dent = debugfs_create_file(name,
+				   S_IFREG | S_IRUGO,
+				   dlm_root,
+				   ls,
+				   &format2_fops);
+	if (IS_ERR_OR_NULL(dent))
 		goto fail;
+	ls->ls_debug_locks_dentry = dent;
 
 	/* format 3 */
 
 	memset(name, 0, sizeof(name));
 	snprintf(name, DLM_LOCKSPACE_LEN+8, "%s_all", ls->ls_name);
 
-	ls->ls_debug_all_dentry = debugfs_create_file(name,
-						      S_IFREG | S_IRUGO,
-						      dlm_root,
-						      ls,
-						      &format3_fops);
-	if (!ls->ls_debug_all_dentry)
+	dent = debugfs_create_file(name,
+				   S_IFREG | S_IRUGO,
+				   dlm_root,
+				   ls,
+				   &format3_fops);
+	if (IS_ERR_OR_NULL(dent))
 		goto fail;
+	ls->ls_debug_all_dentry = dent;
 
 	/* format 4 */
 
 	memset(name, 0, sizeof(name));
 	snprintf(name, DLM_LOCKSPACE_LEN+8, "%s_toss", ls->ls_name);
 
-	ls->ls_debug_toss_dentry = debugfs_create_file(name,
-						       S_IFREG | S_IRUGO,
-						       dlm_root,
-						       ls,
-						       &format4_fops);
-	if (!ls->ls_debug_toss_dentry)
+	dent = debugfs_create_file(name,
+				   S_IFREG | S_IRUGO,
+				   dlm_root,
+				   ls,
+				   &format4_fops);
+	if (IS_ERR_OR_NULL(dent))
 		goto fail;
+	ls->ls_debug_toss_dentry = dent;
 
 	memset(name, 0, sizeof(name));
 	snprintf(name, DLM_LOCKSPACE_LEN+8, "%s_waiters", ls->ls_name);
 
-	ls->ls_debug_waiters_dentry = debugfs_create_file(name,
-							  S_IFREG | S_IRUGO,
-							  dlm_root,
-							  ls,
-							  &waiters_fops);
-	if (!ls->ls_debug_waiters_dentry)
+	dent = debugfs_create_file(name,
+				   S_IFREG | S_IRUGO,
+				   dlm_root,
+				   ls,
+				   &waiters_fops);
+	if (IS_ERR_OR_NULL(dent))
 		goto fail;
+	ls->ls_debug_waiters_dentry = dent;
 
 	return 0;
 
  fail:
 	dlm_delete_debug_file(ls);
-	return -ENOMEM;
+	return dent ? PTR_ERR(dent) : -ENOMEM;
 }
 
 int __init dlm_register_debugfs(void)
 {
 	mutex_init(&debug_buf_lock);
 	dlm_root = debugfs_create_dir("dlm", NULL);
+	if (IS_ERR(dlm_root))
+		return PTR_ERR(dlm_root);
 	return dlm_root ? 0 : -ENOMEM;
 }
 
-- 
2.1.0