On 11/1/20 12:42 AM, David Sterba wrote:
On Fri, Jan 10, 2020 at 05:05:54PM +0800, Anand Jain wrote:
fs_info is born during mount, and operations before the mount such as
scanning and assembling of the device volume should happen without any
reference to fs_info.
However the patch commit a9261d4125c9 (btrfs: harden agaist duplicate
fsid on scanned devices) used fs_info to call btrfs_warn_in_rcu() and
btrfs_info_in_rcu(), so if fs_info is NULL, the stacked functions leads
to btrfs_printk() which shall print "unknown" instead of sb->s_id. Or
even might UAF as reported in [1].
So do the right thing, don't use btrfs_warn_in_rcu() and
btrfs_info_in_rcu() in device_list_add() instead just open code it.
Link:
[1] https://www.spinics.net/lists/linux-btrfs/msg96524.html
Fixes: a9261d4125c9 (btrfs: harden agaist duplicate fsid on scanned devices)
Signed-off-by: Anand Jain <anand.jain@xxxxxxxxxx>
---
fs/btrfs/volumes.c | 12 ++++++++----
1 file changed, 8 insertions(+), 4 deletions(-)
diff --git a/fs/btrfs/volumes.c b/fs/btrfs/volumes.c
index 6fd90270e2c7..1a419841fc99 100644
--- a/fs/btrfs/volumes.c
+++ b/fs/btrfs/volumes.c
@@ -889,17 +889,21 @@ static noinline struct btrfs_device *device_list_add(const char *path,
if (device->bdev != path_bdev) {
bdput(path_bdev);
mutex_unlock(&fs_devices->device_list_mutex);
- btrfs_warn_in_rcu(device->fs_info,
- "duplicate device fsid:devid for %pU:%llu old:%s new:%s",
+ rcu_read_lock();
+ printk_ratelimited(
Avoiding fs_info here is correct but we don't want to use raw printk or
printk_ratelimited anywhere.
I think I discussed this a long time back, that we should rather pass
fs_devices in btrfs_warn_in_rcu().
I am ok to make such a change, are you ok? Or I wonder if there is
any other way?
Thanks, Anand
