5.10-stable patches

added patches:
	ocfs2-fix-freeing-uninitialized-resource-on-ocfs2_dlm_shutdown.patch

diff --git a/queue-5.10/ocfs2-fix-freeing-uninitialized-resource-on-ocfs2_dlm_shutdown.patch b/queue-5.10/ocfs2-fix-freeing-uninitialized-resource-on-ocfs2_dlm_shutdown.patch
new file mode 100644 (file)
index 0000000..e71dafe
--- /dev/null
+++ b/queue-5.10/ocfs2-fix-freeing-uninitialized-resource-on-ocfs2_dlm_shutdown.patch
@@ -0,0 +1,69 @@
+From 550842cc60987b269e31b222283ade3e1b6c7fc8 Mon Sep 17 00:00:00 2001
+From: Heming Zhao <ocfs2-devel@oss.oracle.com>
+Date: Mon, 15 Aug 2022 16:57:54 +0800
+Subject: ocfs2: fix freeing uninitialized resource on ocfs2_dlm_shutdown
+
+From: Heming Zhao <ocfs2-devel@oss.oracle.com>
+
+commit 550842cc60987b269e31b222283ade3e1b6c7fc8 upstream.
+
+After commit 0737e01de9c4 ("ocfs2: ocfs2_mount_volume does cleanup job
+before return error"), any procedure after ocfs2_dlm_init() fails will
+trigger crash when calling ocfs2_dlm_shutdown().
+
+ie: On local mount mode, no dlm resource is initialized.  If
+ocfs2_mount_volume() fails in ocfs2_find_slot(), error handling will call
+ocfs2_dlm_shutdown(), then does dlm resource cleanup job, which will
+trigger kernel crash.
+
+This solution should bypass uninitialized resources in
+ocfs2_dlm_shutdown().
+
+Link: https://lkml.kernel.org/r/20220815085754.20417-1-heming.zhao@suse.com
+Fixes: 0737e01de9c4 ("ocfs2: ocfs2_mount_volume does cleanup job before return error")
+Signed-off-by: Heming Zhao <heming.zhao@suse.com>
+Reviewed-by: Joseph Qi <joseph.qi@linux.alibaba.com>
+Cc: Mark Fasheh <mark@fasheh.com>
+Cc: Joel Becker <jlbec@evilplan.org>
+Cc: Junxiao Bi <junxiao.bi@oracle.com>
+Cc: Changwei Ge <gechangwei@live.cn>
+Cc: Gang He <ghe@suse.com>
+Cc: Jun Piao <piaojun@huawei.com>
+Cc: <stable@vger.kernel.org>
+Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ fs/ocfs2/dlmglue.c |    8 +++++---
+ fs/ocfs2/super.c   |    3 +--
+ 2 files changed, 6 insertions(+), 5 deletions(-)
+
+--- a/fs/ocfs2/dlmglue.c
++++ b/fs/ocfs2/dlmglue.c
+@@ -3396,10 +3396,12 @@ void ocfs2_dlm_shutdown(struct ocfs2_sup
+       ocfs2_lock_res_free(&osb->osb_nfs_sync_lockres);
+       ocfs2_lock_res_free(&osb->osb_orphan_scan.os_lockres);
+ 
+-      ocfs2_cluster_disconnect(osb->cconn, hangup_pending);
+-      osb->cconn = NULL;
++      if (osb->cconn) {
++              ocfs2_cluster_disconnect(osb->cconn, hangup_pending);
++              osb->cconn = NULL;
+ 
+-      ocfs2_dlm_shutdown_debug(osb);
++              ocfs2_dlm_shutdown_debug(osb);
++      }
+ }
+ 
+ static int ocfs2_drop_lock(struct ocfs2_super *osb,
+--- a/fs/ocfs2/super.c
++++ b/fs/ocfs2/super.c
+@@ -1922,8 +1922,7 @@ static void ocfs2_dismount_volume(struct
+           !ocfs2_is_hard_readonly(osb))
+               hangup_needed = 1;
+ 
+-      if (osb->cconn)
+-              ocfs2_dlm_shutdown(osb, hangup_needed);
++      ocfs2_dlm_shutdown(osb, hangup_needed);
+ 
+       ocfs2_blockcheck_stats_debugfs_remove(&osb->osb_ecc_stats);
+       debugfs_remove_recursive(osb->osb_debug_root);

diff --git a/queue-5.10/series b/queue-5.10/series
index e0ad3f3373aa922a75d5e69de546981ade6a30dc..cd38aecbacc1f0da8aed8be90278703f76cc374e 100644 (file)
--- a/queue-5.10/series
+++ b/queue-5.10/series
@@ -48,3 +48,4 @@ mm-swap-fix-swap_info_struct-race-between-swapoff-and-get_swap_pages.patch
 selftests-intel_pstate-ftime-is-deprecated.patch
 drm-bridge-lt9611-fix-pll-being-unable-to-lock.patch
 revert-media-ti-cal-fix-possible-memory-leak-in-cal_ctx_create.patch
+ocfs2-fix-freeing-uninitialized-resource-on-ocfs2_dlm_shutdown.patch