From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E795F612EB; Wed, 19 Jun 2024 11:27:04 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1718796425; cv=none; b=UgvwYMaYWi/6ZE1NjBGFUa+4z+Jko12vYEvxDLejD18Wp1QpExejsdUoIvg1vQ2CBa+ti4xm0D7UXgRLil91nOuTishvLevGV7KlzFxk63vOZ8QWIaO1nulA1uLoJuHvZLR3TSry8LZhSGlG++lzj9DoGhEbwR/ACg/STf+r6C4= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1718796425; c=relaxed/simple; bh=0hOuCVZMzu4EPGwSP4jUUH6lE8b0tGGjf5OMxmllJmk=; h=Subject:To:Cc:From:Date:Message-ID:MIME-Version:Content-Type; b=lVLD9RbOrLAaZeCCul27JJwgaTsSJDhGfOq0abLJ29mWEFpf0g92WrN4YOG+Qy0rAZYawqBsVKGTGtAaHyEqynl0bekoK2dBPBO6uJKD6a/3GktWEdthKkuljTieMYp8eEHt4tI0ZC/MBJNJpJEUYjkr6BMzv4ct7kT2hjtsjb4= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linuxfoundation.org header.i=@linuxfoundation.org header.b=Me8iKtJQ; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linuxfoundation.org header.i=@linuxfoundation.org header.b="Me8iKtJQ" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 1BA94C2BBFC; Wed, 19 Jun 2024 11:27:03 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1718796424; bh=0hOuCVZMzu4EPGwSP4jUUH6lE8b0tGGjf5OMxmllJmk=; h=Subject:To:Cc:From:Date:From; b=Me8iKtJQiDc2nu1kUCmqyR0+YGIFIu0fiMHPJ88h0v2BToXuLHuXIude7JuhRF0X2 bGFXV623Pvby25ovCOk4S116vpy3a9ZiFNqZUCZzg9r7ZUx1kzPWDrc7jDLm1U3gaN Ei+X290iCIFBD56ShHx4BT6ffPuvmEbBIrMGw5eQ= Subject: Patch "cachefiles, erofs: Fix NULL deref in when cachefiles is not doing ondemand-mode" has been added to the 6.6-stable tree To: chao@kernel.org,dhowells@redhat.com,gregkh@linuxfoundation.org,huyue2@coolpad.com,jefflexu@linux.alibaba.com,linux-erofs@lists.ozlabs.org,marc.dionne@auristor.com,netfs@lists.linux.dev,xiang@kernel.org Cc: From: Date: Wed, 19 Jun 2024 13:27:01 +0200 Message-ID: <2024061901-dangle-idealism-cf51@gregkh> Precedence: bulk X-Mailing-List: netfs@lists.linux.dev List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=ANSI_X3.4-1968 Content-Transfer-Encoding: 8bit X-stable: commit X-Patchwork-Hint: ignore This is a note to let you know that I've just added the patch titled cachefiles, erofs: Fix NULL deref in when cachefiles is not doing ondemand-mode to the 6.6-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: cachefiles-erofs-fix-null-deref-in-when-cachefiles-is-not-doing-ondemand-mode.patch and it can be found in the queue-6.6 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let know about it. >From c3d6569a43322f371e7ba0ad386112723757ac8f Mon Sep 17 00:00:00 2001 From: David Howells Date: Fri, 19 Jan 2024 20:49:34 +0000 Subject: cachefiles, erofs: Fix NULL deref in when cachefiles is not doing ondemand-mode From: David Howells commit c3d6569a43322f371e7ba0ad386112723757ac8f upstream. cachefiles_ondemand_init_object() as called from cachefiles_open_file() and cachefiles_create_tmpfile() does not check if object->ondemand is set before dereferencing it, leading to an oops something like: RIP: 0010:cachefiles_ondemand_init_object+0x9/0x41 ... Call Trace: cachefiles_open_file+0xc9/0x187 cachefiles_lookup_cookie+0x122/0x2be fscache_cookie_state_machine+0xbe/0x32b fscache_cookie_worker+0x1f/0x2d process_one_work+0x136/0x208 process_scheduled_works+0x3a/0x41 worker_thread+0x1a2/0x1f6 kthread+0xca/0xd2 ret_from_fork+0x21/0x33 Fix this by making cachefiles_ondemand_init_object() return immediately if cachefiles->ondemand is NULL. Fixes: 3c5ecfe16e76 ("cachefiles: extract ondemand info field from cachefiles_object") Reported-by: Marc Dionne Signed-off-by: David Howells cc: Gao Xiang cc: Chao Yu cc: Yue Hu cc: Jeffle Xu cc: linux-erofs@lists.ozlabs.org cc: netfs@lists.linux.dev cc: linux-fsdevel@vger.kernel.org Signed-off-by: Greg Kroah-Hartman --- fs/cachefiles/ondemand.c | 3 +++ 1 file changed, 3 insertions(+) --- a/fs/cachefiles/ondemand.c +++ b/fs/cachefiles/ondemand.c @@ -611,6 +611,9 @@ int cachefiles_ondemand_init_object(stru struct fscache_volume *volume = object->volume->vcookie; size_t volume_key_size, cookie_key_size, data_len; + if (!object->ondemand) + return 0; + /* * CacheFiles will firstly check the cache file under the root cache * directory. If the coherency check failed, it will fallback to Patches currently in stable-queue which might be from dhowells@redhat.com are queue-6.6/cachefiles-resend-an-open-request-if-the-read-reques.patch queue-6.6/cachefiles-add-restore-command-to-recover-inflight-o.patch queue-6.6/cachefiles-introduce-object-ondemand-state.patch queue-6.6/cachefiles-extract-ondemand-info-field-from-cachefil.patch queue-6.6/cachefiles-erofs-fix-null-deref-in-when-cachefiles-is-not-doing-ondemand-mode.patch