Received: by 2002:a25:683:0:0:0:0:0 with SMTP id 125csp2042661ybg; Fri, 5 Jun 2020 04:13:34 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyEWYg9meU1FPUqKLis5EEKL02T27w1dbPdyjwc5Q/fRePYgH99KRgUxTC5blOnH68q+FZJ X-Received: by 2002:a17:906:8614:: with SMTP id o20mr8422458ejx.444.1591355614658; Fri, 05 Jun 2020 04:13:34 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1591355614; cv=none; d=google.com; s=arc-20160816; b=Zqwhp41lkLLs+z1POVOpWUan8D37/GocsZXnU+FqjPachu1pU/pv1PN8UwvnkzzeNW g+eOcGVd/HuEmGyXSeE7Zfm4O6/L0Z1NAf0hdEh4KsVWhsm2z8Kf8Tc/ZWgTDdNR2hFP 6eVEANq8LnYmL+0nGKLJQkjlK+wbBHFyTrhejmqhE+FWZtBveA6XLIoonjFX/tjm0vpU C4wZQmlP7qkm1PyuMwbkbLOsSqaKCu1dA6ntoqTMTpBkkUJfQaUCXmEJuLVAt0qwuBJB 7Qcb5bdVxcUzVPPYVA4pQF2KMnNd8MERchf3JfQ3wRQG0qWKAnjevLKX8CFKNQhBHJp/ JFrA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :reply-to:in-reply-to:references:mime-version:dkim-signature; bh=1GKHLWvpFNoUWFlXO7nOa3ze1UpYMNpnsUeV0FBF7UU=; b=fMDzMbl4A4d/fYb6NPvY35+d1KOEOEqdZdbw4UgHkk6O2eNG7j3csTvkBn/3fzWz9h nkRPcTHOGHJ3Etn8y1xa5g46OuRC5yWERbE6Ugts1DJvguqyHBQt/3+tHApf4sh2OHvC hB4gp9ahOi1PRLHlA3peQe0zh38K1UbXo1o1O8EQjJPEHqUM3ygzoT6g+jwsOiyz+fm8 DU/lV6iVdW6HBUM7R8cBzES29i92cIapCGCxHJ3n3d89qTKxUkH2gYODvi2vePZpP88F 50Lwr3dVzBPq6uehbhUGWRC5HV6z5Y8GBo8A9H2zWmktstDMwbPeIwZHR1uxgz0+dE2W 9LEg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=OfNiz3jf; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id j11si3323932edp.371.2020.06.05.04.13.12; Fri, 05 Jun 2020 04:13:34 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=OfNiz3jf; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726933AbgFELLN (ORCPT + 99 others); Fri, 5 Jun 2020 07:11:13 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47458 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726225AbgFELLK (ORCPT ); Fri, 5 Jun 2020 07:11:10 -0400 Received: from mail-io1-xd42.google.com (mail-io1-xd42.google.com [IPv6:2607:f8b0:4864:20::d42]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 19256C08C5C2; Fri, 5 Jun 2020 04:11:10 -0700 (PDT) Received: by mail-io1-xd42.google.com with SMTP id k18so9862124ion.0; Fri, 05 Jun 2020 04:11:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:reply-to:from:date:message-id :subject:to:cc; bh=1GKHLWvpFNoUWFlXO7nOa3ze1UpYMNpnsUeV0FBF7UU=; b=OfNiz3jf+Vxz6C0L41VVz29Y/Zb5tN0TMhtnQAjYTKvMCCs/ws8UP8hwOPAckgdmEg taAfHT1DirHPEHOUZm9Jx+oUCIOTf5d64c5hgePpe4UNGjpVKX6hrAvM0f6+S+xx18qz LyrSh+BKkam+wlDUcxWPS+XVT7Ol7aZIs2/xquZWkI4YCLrCxE6HZsY7WKVRTJQfkYd+ q+57Cn0saXtASzVXzI7etV1G2HmZJS5dY7J2jDJnoMt75eMs6HJhBe/Urj2BdpnUkhKS nJUzZLDDhpPGNz7PiS4UqVwzH8uTlxZVaJVwnCO7jksfKNt+c46sxo4mxAhhoLejtr/F TYMA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:reply-to :from:date:message-id:subject:to:cc; bh=1GKHLWvpFNoUWFlXO7nOa3ze1UpYMNpnsUeV0FBF7UU=; b=KowvldTyy7+dZYiGeFbHeeuDgHwicmYhQXWtioYum0wUZl1s4uHidxRz9NHHbNv4i1 eFA64OZEF/ZXUp++6Yk683MMhvmSOjXDXa7DJXtO0NLsqnMQ6bScelTbW2lm/VdLyXHF 9+CdgkSD78wREFpJhj6fwAtApcS9IqjHN+S+Y7qEK8d2LjavQwXR8MXnDijm3xRi5gWQ jzylIz0BJqD1xUl0Xw58ygp2PP4fZFrpSFfkk84MMjebwH02VGbBWfIGCymWPPU+ivDD 34tlUUeLxca+gfc7MJSUMhoWIUCG7ykQNrWyJM5eJIIeLk0nH/DyFxlJYmehEFPJ+TQc Gvbg== X-Gm-Message-State: AOAM5339QmuMuk6EMsQKEms8z57b1irQ1jeOEsmS0/3RufLCCMmLCjXy ++OPxjhIyCdTPUdoC4tNNYbH0kxglLfeCKKzKGg= X-Received: by 2002:a05:6638:406:: with SMTP id q6mr8192265jap.125.1591355469426; Fri, 05 Jun 2020 04:11:09 -0700 (PDT) MIME-Version: 1.0 References: <88676ff2-cb7e-70ec-4421-ecf8318990b1@web.de> <5fa658bf-3028-9b5c-30cc-dbdef6bf8f7a@huawei.com> <20200605094353.GS30374@kadam> In-Reply-To: <20200605094353.GS30374@kadam> Reply-To: sedat.dilek@gmail.com From: Sedat Dilek Date: Fri, 5 Jun 2020 13:10:57 +0200 Message-ID: Subject: Re: [PATCH v2] block: Fix use-after-free in blkdev_get() To: Dan Carpenter Cc: Jason Yan , Jan Kara , Markus Elfring , linux-block@vger.kernel.org, linux-fsdevel@vger.kernel.org, hulkci@huawei.com, kernel-janitors@vger.kernel.org, linux-kernel@vger.kernel.org, Al Viro , Christoph Hellwig , Jens Axboe , Ming Lei Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Jun 5, 2020 at 11:46 AM Dan Carpenter wrote: > > A lot of maintainers have blocked Markus and asked him to stop trying > to help people write commit message. Saying "bdev" instead of "block > device" is more clear so your original message was better. > > The Fixes tag is a good idea though: > > Fixes: 89e524c04fa9 ("loop: Fix mount(2) failure due to race with LOOP_SET_FD") > > It broke last July. Before that, we used to check if __blkdev_get() > failed before dereferencing "bdev". > > I wonder if maybe the best fix is to re-add the "if (!res) " check back > to blkdev_get(). The __blkdev_get() looks like it can also free "whole" > though if it calls itself recursively and I don't really know this code > so I can't say for sure... > In things of Fixes: tag... For the first hunk I found: commit 8266602033d6adc6d10cb8811c1fd694767909b0 ("fix bdev leak in block_dev.c do_open()") - Sedat -