Received: by 2002:ab2:6203:0:b0:1f5:f2ab:c469 with SMTP id o3csp2199804lqt;
        Mon, 22 Apr 2024 04:41:09 -0700 (PDT)
X-Forwarded-Encrypted: i=3; AJvYcCWcpHiX/df1QSowUqd50FYbmEdIY4AnCXZUl/0yCHMwV7qQFSOngXRxOgUJPpqFLb8rzwVzl0ouv98iKJiP8TxU/tPGusLR/jqUa81x+w==
X-Google-Smtp-Source: AGHT+IEyF9pLpvBUC2/kxb7Cz8+wcn3qXpG5bfeNlMAn30OtV11nGAop6lhM5uMH/hsK6Uy0IBeP
X-Received: by 2002:a05:6a20:9c8f:b0:1ad:4753:3578 with SMTP id mj15-20020a056a209c8f00b001ad47533578mr353417pzb.60.1713786069609;
        Mon, 22 Apr 2024 04:41:09 -0700 (PDT)
ARC-Seal: i=2; a=rsa-sha256; t=1713786069; cv=pass;
        d=google.com; s=arc-20160816;
        b=ixlh4FUbeLINSt1I2GIi6cE/W6anUUDf65e2xjpE41Q3GqPaN6jwOcfNfOzvJSbRJp
         KXEeN+lLDOz0NUXGSR4QgRoX43Wtd84PrKQs3rVsFCLuyCfexJ/xVLwX1Kg8PslEZjas
         TwtcFFwFRyV+kIGWQR8f0aZyxwaQ+cbia4y7rppXleIOJF0qlezA+8cRtHp+b1l0vRyj
         HkPXNZl2aKyoV9kN/GAh7Bmw/LSGrYG1BO4G0vcdVtBudEgihnvjLjHCCSzs8ANZ2KWz
         eavWr9Pv9pb1eLBAx8RIe9r7GCY8R67BOU6QH1HnMY9oegtc7GFXWgSR3D0pxhHza2PG
         s95Q==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=content-transfer-encoding:in-reply-to:from:content-language
         :references:cc:to:subject:user-agent:mime-version:list-unsubscribe
         :list-subscribe:list-id:precedence:date:message-id:dkim-signature;
        bh=S7SoECJTVFW/s3jcVtwRCqtgqjwR+nyvH9E4BtCL//g=;
        fh=h4xgT+VjSOkXTJ1n8g9Vx/kXxmSZ6NLbRFy7FQaC8WY=;
        b=AgvMbhK96ZA5WY1Dy5G9C7jvz/sHUDz8DY4eP7YiN3Il5EgM6epkxnekVRFwY2fkuw
         B8rf9ejfgYhwCOENmJmKeBEQKXgiczcNK4Qejgs+pxYa+xuMLyhKZe0DNBgiCdR+AMwq
         InYru0Qcdxupas71qOc4LOyldbbnAffNLxjQYplIbZcPhELvnQaH3rwESApv0O9gejLv
         msFFL9vxq3qs0KuxleVIlxLmHra9aoTupctk734BHB2FmZhzXy3Mh9aTdWfULB4PE6XS
         1HNkREJkhAlDoK4SSDHheqecjb6W/QQcFnSpIO0/oCYIniUD3RwwLZg4r3t/Hh8k6oHp
         Cy4Q==;
        dara=google.com
ARC-Authentication-Results: i=2; mx.google.com;
       dkim=pass header.i=@linux.alibaba.com header.s=default header.b="E/L9S3Bo";
       arc=pass (i=1 spf=pass spfdomain=linux.alibaba.com dkim=pass dkdomain=linux.alibaba.com dmarc=pass fromdomain=linux.alibaba.com);
       spf=pass (google.com: domain of linux-kernel+bounces-153301-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-153301-linux.lists.archive=gmail.com@vger.kernel.org";
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.alibaba.com
Return-Path: <linux-kernel+bounces-153301-linux.lists.archive=gmail.com@vger.kernel.org>
Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [2604:1380:45e3:2400::1])
        by mx.google.com with ESMTPS id q41-20020a17090a17ac00b002aca29d0c08si4856722pja.105.2024.04.22.04.41.09
        for <linux.lists.archive@gmail.com>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Mon, 22 Apr 2024 04:41:09 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel+bounces-153301-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) client-ip=2604:1380:45e3:2400::1;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@linux.alibaba.com header.s=default header.b="E/L9S3Bo";
       arc=pass (i=1 spf=pass spfdomain=linux.alibaba.com dkim=pass dkdomain=linux.alibaba.com dmarc=pass fromdomain=linux.alibaba.com);
       spf=pass (google.com: domain of linux-kernel+bounces-153301-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-153301-linux.lists.archive=gmail.com@vger.kernel.org";
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linux.alibaba.com
Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by sv.mirrors.kernel.org (Postfix) with ESMTPS id EE0E1282958
	for <linux.lists.archive@gmail.com>; Mon, 22 Apr 2024 11:40:38 +0000 (UTC)
Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])
	by smtp.subspace.kernel.org (Postfix) with ESMTP id F24F8146D5F;
	Mon, 22 Apr 2024 11:40:04 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (1024-bit key) header.d=linux.alibaba.com header.i=@linux.alibaba.com header.b="E/L9S3Bo"
Received: from out30-111.freemail.mail.aliyun.com (out30-111.freemail.mail.aliyun.com [115.124.30.111])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 50DC5146A67
	for <linux-kernel@vger.kernel.org>; Mon, 22 Apr 2024 11:40:00 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=115.124.30.111
ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1713786003; cv=none; b=rmFuFU4P0hCxb14ZztebNHvMOXh48SvahqfIPRJYgEYRaLpcTlE24qXGgvg+pv/BShqqGPTi+RpieC7rTGj7mGZa1tRgZ0fs8DXMgNixKKhNyh+8mLcos726DExo4fOTicsk+86Ymfx3OkdnljRhSs1/xWzB89pkHUd1aBe2tdw=
ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1713786003; c=relaxed/simple;
	bh=d+qjr44gML1gaxYF9gACrYlVsmqhQSoGqoG4HK93mU0=;
	h=Message-ID:Date:MIME-Version:Subject:To:Cc:References:From:
	 In-Reply-To:Content-Type; b=hcRZLyslYWRVwp3BMT3BA9x8VL91WfeVV0cTQwttNuML1UZUJos5Q2C5v/kodNHYyZ+2UJvlbeyS0wR+WUYK1pjq5QMSfnh/NpTUY51mAOwU+4igC/9G8y8Jv8vYQfS/J9HP188/0BRiS97guQYdbdM872l48TrKczXkkOTvRYw=
ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.alibaba.com; spf=pass smtp.mailfrom=linux.alibaba.com; dkim=pass (1024-bit key) header.d=linux.alibaba.com header.i=@linux.alibaba.com header.b=E/L9S3Bo; arc=none smtp.client-ip=115.124.30.111
Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.alibaba.com
Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.alibaba.com
DKIM-Signature:v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=linux.alibaba.com; s=default;
	t=1713785998; h=Message-ID:Date:MIME-Version:Subject:To:From:Content-Type;
	bh=S7SoECJTVFW/s3jcVtwRCqtgqjwR+nyvH9E4BtCL//g=;
	b=E/L9S3BoFd39mV9XfrsW86GGxRjQw2Z4T94Kp76V4hQG0W2XthW+IbFnvo1MxBUpbw/xNY1hOg91/xPK44NQnxMNbsGdwe7gC7/dKqPi0l2sdYgqbq5bLe8TaZhDeCNZ/EIB1Kl0z98gJQW1eLi3GuYy9MAHUS71gy7s16ysqGY=
X-Alimail-AntiSpam:AC=PASS;BC=-1|-1;BR=01201311R191e4;CH=green;DM=||false|;DS=||;FP=0|-1|-1|-1|0|-1|-1|-1;HT=ay29a033018045170;MF=jefflexu@linux.alibaba.com;NM=1;PH=DS;RN=10;SR=0;TI=SMTPD_---0W534KMu_1713785996;
Received: from 30.221.150.42(mailfrom:jefflexu@linux.alibaba.com fp:SMTPD_---0W534KMu_1713785996)
          by smtp.aliyun-inc.com;
          Mon, 22 Apr 2024 19:39:58 +0800
Message-ID: <2a7edcc0-6890-412d-b2ba-8bfa8694beeb@linux.alibaba.com>
Date: Mon, 22 Apr 2024 19:39:56 +0800
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Subject: Re: [PATCH -next v3 1/2] erofs: get rid of erofs_fs_context
To: Baokun Li <libaokun1@huawei.com>, linux-erofs@lists.ozlabs.org
Cc: xiang@kernel.org, chao@kernel.org, huyue2@coolpad.com,
 viro@zeniv.linux.org.uk, brauner@kernel.org, linux-kernel@vger.kernel.org,
 yangerkun@huawei.com, houtao1@huawei.com
References: <20240419123611.947084-1-libaokun1@huawei.com>
 <20240419123611.947084-2-libaokun1@huawei.com>
 <8d751a33-af11-4aa8-8fad-cc24e825bde7@linux.alibaba.com>
 <4e8dd4f5-29dc-9459-6ba2-f399258952dc@huawei.com>
Content-Language: en-US
From: Jingbo Xu <jefflexu@linux.alibaba.com>
In-Reply-To: <4e8dd4f5-29dc-9459-6ba2-f399258952dc@huawei.com>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit



On 4/22/24 7:31 PM, Baokun Li wrote:
> Hi Jingbo,
> 
> On 2024/4/22 18:25, Jingbo Xu wrote:
>>
>> On 4/19/24 8:36 PM, Baokun Li wrote:
>>
>>> @@ -761,12 +747,15 @@ static void erofs_free_dev_context(struct
>>> erofs_dev_context *devs)
>>>     static void erofs_fc_free(struct fs_context *fc)
>>>   {
>>> -    struct erofs_fs_context *ctx = fc->fs_private;
>>> +    struct erofs_sb_info *sbi = fc->s_fs_info;
>>> +
>>> +    if (!sbi)
>>> +        return;
>>
>> This is the only difference comparing to the original code literally.
>> Is there any chance that fc->s_fs_info can be NULL when erofs_fc_free()
>> is called?
>>
>> Otherwise looks good to me.
>>
> When sget_fc() executes successfully, fc->s_fs_info is set to NULL,
> so the following NULL pointer dereference may occur:
> 
> do_new_mount
>   vfs_get_tree
>     erofs_fc_get_tree
>       get_tree_bdev
>         sget_dev
>           sget_fc
>             s = alloc_super
>             s->s_fs_info = fc->s_fs_info;
>             fc->s_fs_info = NULL;
>         fill_super
>         // return error
>         deactivate_locked_super
>           kfree(sbi);
>   put_fs_context
>     sbi = fc->s_fs_info
>     kfree(sbi->fsid)
> 

Alright, fc->s_fs_info is transferred to s->s_fs_info and set to NULL.

Feel free to add:

Reviewed-by: Jingbo Xu <jefflexu@linux.alibaba.com>

-- 
Thanks,
Jingbo