lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 15 Jun 2023 11:14:02 +0530
From:   Ayush Jain <ayush.jain3@....com>
To:     Christoph Hellwig <hch@...radead.org>
Cc:     "sfr@...b.auug.org.au" <sfr@...b.auug.org.au>,
        Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
        Linux Next Mailing List <linux-next@...r.kernel.org>,
        "Karny, Wyes" <Wyes.Karny@....com>, Jens Axboe <axboe@...nel.dk>,
        "linux-block@...r.kernel.org" <linux-block@...r.kernel.org>,
        "V, Narasimhan" <Narasimhan.V@....com>,
        "Shetty, Kalpana" <Kalpana.Shetty@....com>,
        "Shukla, Santosh" <Santosh.Shukla@....com>
Subject: Re: Kernel null pointer dereference on stopping raid device

On 6/14/2023 7:31 PM, Christoph Hellwig wrote:
> On Wed, Jun 14, 2023 at 09:54:07AM +0000, Jain, Ayush wrote:
>> Patch applied cleanly on next-20230614 and resolved the issue.
>>
>> Reported-by: Ayush Jain <ayush.jain3@....com>
>> Tested-by: Ayush Jain <ayush.jain3@....com>
> 
> That was just a quick hack to verify the problem.  I think this is
> the proper fix, can you try it as well?
> 

Sure, this works on my machine.

Tested-by: Ayush Jain <ayush.jain3@....com>

> diff --git a/drivers/md/md.c b/drivers/md/md.c
> index ca0de7ddd9434d..da523e80a4e990 100644
> --- a/drivers/md/md.c
> +++ b/drivers/md/md.c
> @@ -2467,10 +2467,12 @@ static void export_rdev(struct md_rdev *rdev, struct mddev *mddev)
>   
>   static void md_kick_rdev_from_array(struct md_rdev *rdev)
>   {
> -	bd_unlink_disk_holder(rdev->bdev, rdev->mddev->gendisk);
> +	struct mddev *mddev = rdev->mddev;
> +
> +	bd_unlink_disk_holder(rdev->bdev, mddev->gendisk);
>   	list_del_rcu(&rdev->same_set);
>   	pr_debug("md: unbind<%pg>\n", rdev->bdev);
> -	mddev_destroy_serial_pool(rdev->mddev, rdev, false);
> +	mddev_destroy_serial_pool(mddev, rdev, false);
>   	rdev->mddev = NULL;
>   	sysfs_remove_link(&rdev->kobj, "block");
>   	sysfs_put(rdev->sysfs_state);
> @@ -2488,7 +2490,7 @@ static void md_kick_rdev_from_array(struct md_rdev *rdev)
>   	INIT_WORK(&rdev->del_work, rdev_delayed_delete);
>   	kobject_get(&rdev->kobj);
>   	queue_work(md_rdev_misc_wq, &rdev->del_work);
> -	export_rdev(rdev, rdev->mddev);
> +	export_rdev(rdev, mddev);
>   }
>   
>   static void export_array(struct mddev *mddev)

Thanks & Regards,
Ayush Jain

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ