[Devel] [PATCH RHEL7 COMMIT] fuse kio: Fix dereferencing of NULL cs in map_replicating()
Konstantin Khorenko
khorenko at virtuozzo.com
Wed Jun 6 15:35:36 MSK 2018
The commit is pushed to "branch-rh7-3.10.0-693.21.1.vz7.50.x-ovz" and will appear at https://src.openvz.org/scm/ovz/vzkernel.git
after rh7-3.10.0-693.21.1.vz7.50.6
------>
commit 14e4831fd19aa7e039005251e8d871c789192ef8
Author: Kirill Tkhai <ktkhai at virtuozzo.com>
Date: Wed Jun 6 15:35:36 2018 +0300
fuse kio: Fix dereferencing of NULL cs in map_replicating()
This function reads csl->read_index before it checks for csl is not NULL.
Also, READ_ONCE() prohibits compiler optimizations (which could magically
to save the situation), so this has no a chance to work.
https://pmc.acronis.com/browse/VSTOR-10820
Signed-off-by: Kirill Tkhai <ktkhai at virtuozzo.com>
Acked-by: Konstantin Khorenko <khorenko at virtuozzo.com>
---
fs/fuse/kio/pcs/pcs_map.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/fs/fuse/kio/pcs/pcs_map.c b/fs/fuse/kio/pcs/pcs_map.c
index 650da306b055..0229aa37bccc 100644
--- a/fs/fuse/kio/pcs/pcs_map.c
+++ b/fs/fuse/kio/pcs/pcs_map.c
@@ -1260,13 +1260,15 @@ void map_notify_iochunk_error(struct pcs_int_request * sreq)
static void map_replicating(struct pcs_int_request *ireq)
{
struct pcs_cs_list * csl = ireq->iochunk.csl;
- int read_idx = READ_ONCE(csl->read_index);
+ int read_idx;
BUG_ON(pcs_req_direction(ireq->iochunk.cmd));
if (csl == NULL || csl->map == NULL)
return;
+ read_idx = READ_ONCE(csl->read_index);
+
TRACE("reading unfinished replica %lx %d", csl->blacklist, read_idx);
if (ireq->iochunk.cs_index != read_idx)
More information about the Devel
mailing list