Received: by 2002:a05:7412:a9a2:b0:e2:908c:2ebd with SMTP id o34csp882353rdh; Thu, 26 Oct 2023 20:24:13 -0700 (PDT) X-Google-Smtp-Source: AGHT+IGzyGJSEEhzFsJtgQAtGl66h0NEJui3fe+LCrNbQDf62Bs2taRK3w4Jzh0AtzdXMog5hVgp X-Received: by 2002:a81:4895:0:b0:589:fad6:c17c with SMTP id v143-20020a814895000000b00589fad6c17cmr1502947ywa.45.1698377053418; Thu, 26 Oct 2023 20:24:13 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1698377053; cv=none; d=google.com; s=arc-20160816; b=v1ZspPIyZdNiddd3Sve0so5UwdlI2vkQ/MbHXDr3e23NeVy5pcaY0KOcvjfxZq/uXM eiynyAbrSSCEXh+Z30rgegtSBo0+GtaZhVc/KxBCtAm2El/BgX1svDMX+S3jy306tpu3 +nUgKGbytouDoQRBtP0SkcaiwADBWGKie3VReO/5CrxR4EA107HJ6z+AvDgGRCGnljyv gPuXqOvl0yFm29dQOxvyob2oEo1RL/kDUKY1j3F8YsxNQGhBORl7I5VYrY8Sz8w32PGW i5sdC1DsiARJYuNmNCPTzXakCieU30TwQZAwWhvQtfHSHaV7n3Z4AdcRoW8A3GdpT1T/ IWRw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:in-reply-to :mime-version:user-agent:date:message-id:from:references:cc:to :subject; bh=e3hwwKHjwle/U+1lIbRCwL+NaVibP2KHc+4r3A8zfhM=; fh=zgxEVA8tVLhhoS6NUdxXxLLVdnHm7AqyXXtpAEuHs/s=; b=kCR2N8TJuKlY6vVI9uyJFUqfHCe7chrisQGa6oHzcQU2qOMh18u6Twlb9pPxc/fO/L HNqceqWVrdwsfLvL98GcuA2rWept2HVVx6MW66TE4jfrqzEcyQynOcbH4y8NcAso5oQG 3CSK3TTrtBvlPEton6B7hEMTBEfQlCZvjdxH4d39W8mCz6YTHMtLH9YRpQDUHEtXuJJ+ +YQkREovaOM9En/dTABNA74c/lvZvyj+mKQ5oB33YqVpiUboycmHDj4VngE5jWRLFHuI Std3Rxm/PClDfO4AM4yaRyukMShKl5PL4s09N+TBaaIGV3/meb4bijST4ZCt0PR6Izc5 ZVHA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:8 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=huawei.com Return-Path: Received: from fry.vger.email (fry.vger.email. [2620:137:e000::3:8]) by mx.google.com with ESMTPS id bc9-20020a05690c000900b005afdcd7492esi316238ywb.498.2023.10.26.20.24.12 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 26 Oct 2023 20:24:13 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:8 as permitted sender) client-ip=2620:137:e000::3:8; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:8 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=huawei.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by fry.vger.email (Postfix) with ESMTP id 4E68A83524C3; Thu, 26 Oct 2023 20:24:10 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at fry.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229633AbjJ0DXn (ORCPT + 99 others); Thu, 26 Oct 2023 23:23:43 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52440 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229437AbjJ0DXk (ORCPT ); Thu, 26 Oct 2023 23:23:40 -0400 Received: from szxga01-in.huawei.com (szxga01-in.huawei.com [45.249.212.187]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 09B67B4 for ; Thu, 26 Oct 2023 20:23:38 -0700 (PDT) Received: from kwepemm000013.china.huawei.com (unknown [172.30.72.56]) by szxga01-in.huawei.com (SkyGuard) with ESMTP id 4SGntn4ZhpzpWQB; Fri, 27 Oct 2023 11:18:41 +0800 (CST) Received: from [10.174.178.46] (10.174.178.46) by kwepemm000013.china.huawei.com (7.193.23.81) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.31; Fri, 27 Oct 2023 11:23:34 +0800 Subject: Re: [PATCH v3] mtd: Fix gluebi NULL pointer dereference caused by ftl notifier To: ZhaoLong Wang , , , , , CC: , , , References: <20231027012033.50280-1-wangzhaolong1@huawei.com> From: Zhihao Cheng Message-ID: <04a142af-a4e6-bb2c-fb92-61fc1df8ed98@huawei.com> Date: Fri, 27 Oct 2023 11:23:34 +0800 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:68.0) Gecko/20100101 Thunderbird/68.5.0 MIME-Version: 1.0 In-Reply-To: <20231027012033.50280-1-wangzhaolong1@huawei.com> Content-Type: text/plain; charset="utf-8"; format=flowed Content-Transfer-Encoding: 8bit X-Originating-IP: [10.174.178.46] X-ClientProxiedBy: dggems705-chm.china.huawei.com (10.3.19.182) To kwepemm000013.china.huawei.com (7.193.23.81) X-CFilter-Loop: Reflected X-Spam-Status: No, score=-4.1 required=5.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,NICE_REPLY_A,SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on fry.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (fry.vger.email [0.0.0.0]); Thu, 26 Oct 2023 20:24:10 -0700 (PDT) 在 2023/10/27 9:20, ZhaoLong Wang 写道: > If both flt.ko and gluebi.ko are loaded, the notiier of ftl > triggers NULL pointer dereference when trying to access > ‘gluebi->desc’ in gluebi_read(). > > ubi_gluebi_init > ubi_register_volume_notifier > ubi_enumerate_volumes > ubi_notify_all > gluebi_notify nb->notifier_call() > gluebi_create > mtd_device_register > mtd_device_parse_register > add_mtd_device > blktrans_notify_add not->add() > ftl_add_mtd tr->add_mtd() > scan_header > mtd_read > mtd_read_oob > mtd_read_oob_std > gluebi_read mtd->read() > gluebi->desc - NULL > > Detailed reproduction information available at the link[1], > > The solution for the gluebi module is to run jffs2 on the UBI > volume without considering working with ftl or mtdblock.[2]. > Therefore, this problem can be avoided by preventing gluebi > from creating mtdblock devices. > > Fixes: 2ba3d76a1e29 ("UBI: make gluebi a separate module") > Link: https://bugzilla.kernel.org/show_bug.cgi?id=217992 [1] > Link: https://lore.kernel.org/lkml/441107100.23734.1697904580252.JavaMail.zimbra@nod.at/ [2] > Signed-off-by: ZhaoLong Wang > --- > drivers/mtd/mtd_blkdevs.c | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) Reviewed-by: Zhihao Cheng