From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Date: Wed, 12 Apr 2023 08:48:01 +0000 (+0200)
Subject: 5.10-stable patches
X-Git-Tag: v5.15.107~5
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=eb68030686aad1c20d5f8cec4ceb2e22c8ad0587;p=thirdparty%2Fkernel%2Fstable-queue.git

5.10-stable patches

added patches:
	ocfs2-fix-freeing-uninitialized-resource-on-ocfs2_dlm_shutdown.patch
---

diff --git a/queue-5.10/ocfs2-fix-freeing-uninitialized-resource-on-ocfs2_dlm_shutdown.patch b/queue-5.10/ocfs2-fix-freeing-uninitialized-resource-on-ocfs2_dlm_shutdown.patch
new file mode 100644
index 00000000000..e71dafe21d0
--- /dev/null
+++ b/queue-5.10/ocfs2-fix-freeing-uninitialized-resource-on-ocfs2_dlm_shutdown.patch
@@ -0,0 +1,69 @@
+From 550842cc60987b269e31b222283ade3e1b6c7fc8 Mon Sep 17 00:00:00 2001
+From: Heming Zhao <ocfs2-devel@oss.oracle.com>
+Date: Mon, 15 Aug 2022 16:57:54 +0800
+Subject: ocfs2: fix freeing uninitialized resource on ocfs2_dlm_shutdown
+
+From: Heming Zhao <ocfs2-devel@oss.oracle.com>
+
+commit 550842cc60987b269e31b222283ade3e1b6c7fc8 upstream.
+
+After commit 0737e01de9c4 ("ocfs2: ocfs2_mount_volume does cleanup job
+before return error"), any procedure after ocfs2_dlm_init() fails will
+trigger crash when calling ocfs2_dlm_shutdown().
+
+ie: On local mount mode, no dlm resource is initialized.  If
+ocfs2_mount_volume() fails in ocfs2_find_slot(), error handling will call
+ocfs2_dlm_shutdown(), then does dlm resource cleanup job, which will
+trigger kernel crash.
+
+This solution should bypass uninitialized resources in
+ocfs2_dlm_shutdown().
+
+Link: https://lkml.kernel.org/r/20220815085754.20417-1-heming.zhao@suse.com
+Fixes: 0737e01de9c4 ("ocfs2: ocfs2_mount_volume does cleanup job before return error")
+Signed-off-by: Heming Zhao <heming.zhao@suse.com>
+Reviewed-by: Joseph Qi <joseph.qi@linux.alibaba.com>
+Cc: Mark Fasheh <mark@fasheh.com>
+Cc: Joel Becker <jlbec@evilplan.org>
+Cc: Junxiao Bi <junxiao.bi@oracle.com>
+Cc: Changwei Ge <gechangwei@live.cn>
+Cc: Gang He <ghe@suse.com>
+Cc: Jun Piao <piaojun@huawei.com>
+Cc: <stable@vger.kernel.org>
+Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ fs/ocfs2/dlmglue.c |    8 +++++---
+ fs/ocfs2/super.c   |    3 +--
+ 2 files changed, 6 insertions(+), 5 deletions(-)
+
+--- a/fs/ocfs2/dlmglue.c
++++ b/fs/ocfs2/dlmglue.c
+@@ -3396,10 +3396,12 @@ void ocfs2_dlm_shutdown(struct ocfs2_sup
+ 	ocfs2_lock_res_free(&osb->osb_nfs_sync_lockres);
+ 	ocfs2_lock_res_free(&osb->osb_orphan_scan.os_lockres);
+ 
+-	ocfs2_cluster_disconnect(osb->cconn, hangup_pending);
+-	osb->cconn = NULL;
++	if (osb->cconn) {
++		ocfs2_cluster_disconnect(osb->cconn, hangup_pending);
++		osb->cconn = NULL;
+ 
+-	ocfs2_dlm_shutdown_debug(osb);
++		ocfs2_dlm_shutdown_debug(osb);
++	}
+ }
+ 
+ static int ocfs2_drop_lock(struct ocfs2_super *osb,
+--- a/fs/ocfs2/super.c
++++ b/fs/ocfs2/super.c
+@@ -1922,8 +1922,7 @@ static void ocfs2_dismount_volume(struct
+ 	    !ocfs2_is_hard_readonly(osb))
+ 		hangup_needed = 1;
+ 
+-	if (osb->cconn)
+-		ocfs2_dlm_shutdown(osb, hangup_needed);
++	ocfs2_dlm_shutdown(osb, hangup_needed);
+ 
+ 	ocfs2_blockcheck_stats_debugfs_remove(&osb->osb_ecc_stats);
+ 	debugfs_remove_recursive(osb->osb_debug_root);
diff --git a/queue-5.10/series b/queue-5.10/series
index e0ad3f3373a..cd38aecbacc 100644
--- a/queue-5.10/series
+++ b/queue-5.10/series
@@ -48,3 +48,4 @@ mm-swap-fix-swap_info_struct-race-between-swapoff-and-get_swap_pages.patch
 selftests-intel_pstate-ftime-is-deprecated.patch
 drm-bridge-lt9611-fix-pll-being-unable-to-lock.patch
 revert-media-ti-cal-fix-possible-memory-leak-in-cal_ctx_create.patch
+ocfs2-fix-freeing-uninitialized-resource-on-ocfs2_dlm_shutdown.patch