Received: by 2002:a05:7412:b101:b0:e2:908c:2ebd with SMTP id az1csp2955138rdb; Wed, 15 Nov 2023 16:14:53 -0800 (PST) X-Google-Smtp-Source: AGHT+IEtViYeSgWRUhgHVHFKKDjJU7+E6iQklaskv40zSo8+f95dWmXb9I6yVjnOLYUtw0iJArCl X-Received: by 2002:a17:902:7449:b0:1cc:bf63:929 with SMTP id e9-20020a170902744900b001ccbf630929mr6049871plt.64.1700093693219; Wed, 15 Nov 2023 16:14:53 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1700093693; cv=none; d=google.com; s=arc-20160816; b=ZN9qx6yi9ftGHwTavziVsb+5QepZyOiKYXSeJJnnaVhKgZUGAGz9InBwjJKFDoWkYH TgEv5CLW3vRKBaIANkw/Q0re4c2DGLX1rHeMooATmStdb8cGqitAl1RNTGNw0R8KMiXQ g3GZg+K0QaWwFpDdBLPWj1Od3w5XCvrIkbk4p38Ru5WSdAHuYb4rBOq0n7yekU6v54nO pwoqyGs5GPp0/7jz0sLvWgMiVagNHI1DfA/FeymC9ZGj/QPa/ON20N2UYazDu+6UyHTe kLgGN74VPsiwfy7AiLpDdMZTs5G2GGAjOsSYW+3hAMP9AKCuNowb5JMhDJFt8ZS7y/Cj tQcA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from; bh=qHx930yK5EwudtE/lUDrovnQN403kqMt8qXwV6ytSjU=; fh=NgjoLSA/cFml66RbTiPwTYFkNlfHfz/KSqC8Agsw6ss=; b=AONWwACJJFLZcDvHR9BpinNJxUv6k0HPyRLjUUteKmX0l+CWiTSr6/XA9rNfqSOE+i PyBTno/ka3K/ZxE8Fi+WfZaGWhZekHzwy9NxT6h15KMXZk2Zix0TYv2lVrHR8ToOMBpw 3Hd58TlacO4PZP1J0c+zpmKQ93FAhiwmgY+9KI7XXyjbVsYtyB0E2lHYFEHiZt2w0TtN YFpejeohj7aGXtqtt3IT3DTuYvnWEpek36XTkdAydnOO08ANGJv6Bcx0Z1n3zX9ChV6v 4QHJqrVMPBizJLiUVajqMtzLT18L+0vUEcSwH5QHw/X7MXbhz1OqOeNezidJM6MYE6nD pvlA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.35 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from groat.vger.email (groat.vger.email. [23.128.96.35]) by mx.google.com with ESMTPS id q18-20020a170902eb9200b001bf1a9dbcc9si11390880plg.549.2023.11.15.16.14.52 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 15 Nov 2023 16:14:53 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.35 as permitted sender) client-ip=23.128.96.35; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.35 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by groat.vger.email (Postfix) with ESMTP id 7A0D780615EF; Wed, 15 Nov 2023 16:14:50 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at groat.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229965AbjKPAIE (ORCPT + 99 others); Wed, 15 Nov 2023 19:08:04 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:43958 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229692AbjKPAID (ORCPT ); Wed, 15 Nov 2023 19:08:03 -0500 Received: from smtp01.aussiebb.com.au (smtp01.aussiebb.com.au [IPv6:2403:5800:3:25::1001]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B10AA19E; Wed, 15 Nov 2023 16:07:56 -0800 (PST) Received: from localhost (localhost.localdomain [127.0.0.1]) by smtp01.aussiebb.com.au (Postfix) with ESMTP id 8D4B6100382; Thu, 16 Nov 2023 11:07:51 +1100 (AEDT) X-Virus-Scanned: Debian amavisd-new at smtp01.aussiebb.com.au Received: from smtp01.aussiebb.com.au ([127.0.0.1]) by localhost (smtp01.aussiebb.com.au [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iXf2Fp4tVd8S; Thu, 16 Nov 2023 11:07:51 +1100 (AEDT) Received: by smtp01.aussiebb.com.au (Postfix, from userid 116) id 82227100369; Thu, 16 Nov 2023 11:07:51 +1100 (AEDT) X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on groat.vger.email X-Spam-Level: X-Spam-Status: No, score=-0.8 required=5.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 Received: from donald.themaw.com (2403-580f-7fe0--101a.ip6.aussiebb.net [IPv6:2403:580f:7fe0::101a]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) (Authenticated sender: ian146@aussiebb.com.au) by smtp01.aussiebb.com.au (Postfix) with ESMTPSA id C1732100290; Thu, 16 Nov 2023 11:07:49 +1100 (AEDT) From: Ian Kent To: Al Viro , Christian Brauner Cc: Bill O'Donnell , Kernel Mailing List , autofs mailing list , linux-fsdevel , Ian Kent , syzbot+662f87a8ef490f45fa64@syzkaller.appspotmail.com Subject: [PATCH] autofs: add: new_inode check in autofs_fill_super() Date: Thu, 16 Nov 2023 08:07:46 +0800 Message-ID: <20231116000746.7359-1-raven@themaw.net> X-Mailer: git-send-email 2.41.0 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (groat.vger.email [0.0.0.0]); Wed, 15 Nov 2023 16:14:50 -0800 (PST) Add missing NULL check of root_inode in autofs_fill_super(). While we are at it simplify the logic by taking advantage of the VFS cleanup procedures and get rid of the goto error handling, as suggested by Al Viro. Signed-off-by: Ian Kent Cc: Al Viro Cc: Christian Brauner Cc: Bill O'Donnell Reported-by: syzbot+662f87a8ef490f45fa64@syzkaller.appspotmail.com --- fs/autofs/inode.c | 50 ++++++++++++++++++----------------------------- 1 file changed, 19 insertions(+), 31 deletions(-) diff --git a/fs/autofs/inode.c b/fs/autofs/inode.c index a5083d447a62..d5dd4223b461 100644 --- a/fs/autofs/inode.c +++ b/fs/autofs/inode.c @@ -311,7 +311,6 @@ static int autofs_fill_super(struct super_block *s, struct fs_context *fc) struct inode *root_inode; struct dentry *root; struct autofs_info *ino; - int ret = -ENOMEM; pr_debug("starting up, sbi = %p\n", sbi); @@ -328,56 +327,45 @@ static int autofs_fill_super(struct super_block *s, struct fs_context *fc) */ ino = autofs_new_ino(sbi); if (!ino) - goto fail; + goto -ENOMEM; root_inode = autofs_get_inode(s, S_IFDIR | 0755); - root_inode->i_uid = ctx->uid; - root_inode->i_gid = ctx->gid; - - root = d_make_root(root_inode); - if (!root) - goto fail_ino; - - root->d_fsdata = ino; + if (root_inode) { + root_inode->i_uid = ctx->uid; + root_inode->i_gid = ctx->gid; + root_inode->i_fop = &autofs_root_operations; + root_inode->i_op = &autofs_dir_inode_operations; + } + s->s_root = d_make_root(root_inode); + if (unlikely(!s->s_root)) { + autofs_free_ino(ino); + return -ENOMEM; + } + s->s_root->d_fsdata = ino; if (ctx->pgrp_set) { sbi->oz_pgrp = find_get_pid(ctx->pgrp); if (!sbi->oz_pgrp) { ret = invalf(fc, "Could not find process group %d", ctx->pgrp); - goto fail_dput; + return ret; } } else { sbi->oz_pgrp = get_task_pid(current, PIDTYPE_PGID); } if (autofs_type_trigger(sbi->type)) - __managed_dentry_set_managed(root); - - root_inode->i_fop = &autofs_root_operations; - root_inode->i_op = &autofs_dir_inode_operations; + /* s->s_root won't be contended so there's little to + * be gained by not taking the d_lock when setting + * d_flags, even when a lot mounts are being done. + */ + managed_dentry_set_managed(s->s_root); pr_debug("pipe fd = %d, pgrp = %u\n", sbi->pipefd, pid_nr(sbi->oz_pgrp)); sbi->flags &= ~AUTOFS_SBI_CATATONIC; - - /* - * Success! Install the root dentry now to indicate completion. - */ - s->s_root = root; return 0; - - /* - * Failure ... clean up. - */ -fail_dput: - dput(root); - goto fail; -fail_ino: - autofs_free_ino(ino); -fail: - return ret; } /* -- 2.41.0