[Devel] [PATCH RHEL7 COMMIT] ploop: Fix divide by null in purge_lru_warn()

Thu Jul 2 16:36:54 MSK 2020

The commit is pushed to "branch-rh7-3.10.0-1127.10.1.vz7.162.x-ovz" and will appear at https://src.openvz.org/scm/ovz/vzkernel.git
after rh7-3.10.0-1127.10.1.vz7.162.6
------>
commit 7dfbc654e558063d7599b49957fd4046348a76b8
Author: Kirill Tkhai <ktkhai at virtuozzo.com>
Date:   Thu Jul 2 16:36:53 2020 +0300

    ploop: Fix divide by null in purge_lru_warn()
    
    Despite purge_lru_mapping() at check time guarantees
    ploop_io_images_size in not 0:
    
        (u64)tree->map_size * atomic_long_read(&ploop_io_images_size) >
            (u64)max_entries * i_size_read(tree->mapping->host),
    
    the check and purge_lru_warn() are not protected to be correct
    at the same time, and race is possible there.
    
    Fix it.
    
    https://jira.sw.ru/browse/PSBM-104867
    Signed-off-by: Kirill Tkhai <ktkhai at virtuozzo.com>
---
 drivers/block/ploop/io_direct_map.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/drivers/block/ploop/io_direct_map.c b/drivers/block/ploop/io_direct_map.c
index a3f19d22e313..5528e86aab43 100644
--- a/drivers/block/ploop/io_direct_map.c
+++ b/drivers/block/ploop/io_direct_map.c
@@ -375,7 +375,9 @@ static inline void purge_lru_warn(struct extent_map_tree *tree)
 		sizeof(struct extent_map);
 
 	loff_t ratio = i_size_read(tree->mapping->host) * 100;
-	do_div(ratio, atomic_long_read(&ploop_io_images_size));
+	long images_size = atomic_long_read(&ploop_io_images_size) ? : 1;
+
+	do_div(ratio, images_size);
 
 	printk(KERN_WARNING "Purging lru entry from extent tree for inode %ld "
 	       "(map_size=%d ratio=%lld%%)\n",
