diff mbox series

[v2] autofs: add: new_inode check in autofs_fill_super()

Message ID 20231119225319.331156-1-raven@themaw.net (mailing list archive)
State New, archived
Headers show
Series [v2] autofs: add: new_inode check in autofs_fill_super() | expand

Commit Message

Ian Kent Nov. 19, 2023, 10:53 p.m. UTC
Add missing NULL check of root_inode in autofs_fill_super().

While we are at it simplify the logic by taking advantage of the VFS
cleanup procedures and get rid of the goto error handling, as suggested
by Al Viro.

Signed-off-by: Ian Kent <raven@themaw.net>
Cc: Al Viro <viro@zeniv.linux.org.uk>
Cc: Christian Brauner <brauner@kernel.org>
Cc: Bill O'Donnell <billodo@redhat.com>
Reported-by: syzbot+662f87a8ef490f45fa64@syzkaller.appspotmail.com
---
 fs/autofs/inode.c | 59 ++++++++++++++++++-----------------------------
 1 file changed, 22 insertions(+), 37 deletions(-)

Comments

Bill O'Donnell Nov. 20, 2023, 12:07 a.m. UTC | #1
On Mon, Nov 20, 2023 at 06:53:19AM +0800, Ian Kent wrote:
> Add missing NULL check of root_inode in autofs_fill_super().
> 
> While we are at it simplify the logic by taking advantage of the VFS
> cleanup procedures and get rid of the goto error handling, as suggested
> by Al Viro.
> 
> Signed-off-by: Ian Kent <raven@themaw.net>
> Cc: Al Viro <viro@zeniv.linux.org.uk>
> Cc: Christian Brauner <brauner@kernel.org>
> Cc: Bill O'Donnell <billodo@redhat.com>
> Reported-by: syzbot+662f87a8ef490f45fa64@syzkaller.appspotmail.com

Reviewed-by: Bill O'Donnell <bodonnel@redhat.com>

> ---
>  fs/autofs/inode.c | 59 ++++++++++++++++++-----------------------------
>  1 file changed, 22 insertions(+), 37 deletions(-)
> 
> diff --git a/fs/autofs/inode.c b/fs/autofs/inode.c
> index a5083d447a62..6ecf68536240 100644
> --- a/fs/autofs/inode.c
> +++ b/fs/autofs/inode.c
> @@ -311,7 +311,6 @@ static int autofs_fill_super(struct super_block *s, struct fs_context *fc)
>  	struct inode *root_inode;
>  	struct dentry *root;
>  	struct autofs_info *ino;
> -	int ret = -ENOMEM;
>  
>  	pr_debug("starting up, sbi = %p\n", sbi);
>  
> @@ -328,56 +327,42 @@ static int autofs_fill_super(struct super_block *s, struct fs_context *fc)
>  	 */
>  	ino = autofs_new_ino(sbi);
>  	if (!ino)
> -		goto fail;
> +		return -ENOMEM;
>  
>  	root_inode = autofs_get_inode(s, S_IFDIR | 0755);
> -	root_inode->i_uid = ctx->uid;
> -	root_inode->i_gid = ctx->gid;
> -
> -	root = d_make_root(root_inode);
> -	if (!root)
> -		goto fail_ino;
> -
> -	root->d_fsdata = ino;
> +	if (root_inode) {
> +		root_inode->i_uid = ctx->uid;
> +		root_inode->i_gid = ctx->gid;
> +		root_inode->i_fop = &autofs_root_operations;
> +		root_inode->i_op = &autofs_dir_inode_operations;
> +	}
> +	s->s_root = d_make_root(root_inode);
> +	if (unlikely(!s->s_root)) {
> +		autofs_free_ino(ino);
> +		return -ENOMEM;
> +	}
> +	s->s_root->d_fsdata = ino;
>  
>  	if (ctx->pgrp_set) {
>  		sbi->oz_pgrp = find_get_pid(ctx->pgrp);
> -		if (!sbi->oz_pgrp) {
> -			ret = invalf(fc, "Could not find process group %d",
> -				     ctx->pgrp);
> -			goto fail_dput;
> -		}
> -	} else {
> +		if (!sbi->oz_pgrp)
> +			return invalf(fc, "Could not find process group %d",
> +				      ctx->pgrp);
> +	} else
>  		sbi->oz_pgrp = get_task_pid(current, PIDTYPE_PGID);
> -	}
>  
>  	if (autofs_type_trigger(sbi->type))
> -		__managed_dentry_set_managed(root);
> -
> -	root_inode->i_fop = &autofs_root_operations;
> -	root_inode->i_op = &autofs_dir_inode_operations;
> +		/* s->s_root won't be contended so there's little to
> +		 * be gained by not taking the d_lock when setting
> +		 * d_flags, even when a lot mounts are being done.
> +		 */
> +		managed_dentry_set_managed(s->s_root);
>  
>  	pr_debug("pipe fd = %d, pgrp = %u\n",
>  		 sbi->pipefd, pid_nr(sbi->oz_pgrp));
>  
>  	sbi->flags &= ~AUTOFS_SBI_CATATONIC;
> -
> -	/*
> -	 * Success! Install the root dentry now to indicate completion.
> -	 */
> -	s->s_root = root;
>  	return 0;
> -
> -	/*
> -	 * Failure ... clean up.
> -	 */
> -fail_dput:
> -	dput(root);
> -	goto fail;
> -fail_ino:
> -	autofs_free_ino(ino);
> -fail:
> -	return ret;
>  }
>  
>  /*
> -- 
> 2.41.0
>
Christian Brauner Nov. 20, 2023, 2:01 p.m. UTC | #2
On Mon, 20 Nov 2023 06:53:19 +0800, Ian Kent wrote:
> Add missing NULL check of root_inode in autofs_fill_super().
> 
> While we are at it simplify the logic by taking advantage of the VFS
> cleanup procedures and get rid of the goto error handling, as suggested
> by Al Viro.
> 
> 
> [...]

I've removed an unused variable. I also changed it so that it errors out
right after autofs_get_inode() returns NULL.

---

Applied to the vfs.fixes branch of the vfs/vfs.git tree.
Patches in the vfs.fixes branch should appear in linux-next soon.

Please report any outstanding bugs that were missed during review in a
new review to the original patch series allowing us to drop it.

It's encouraged to provide Acked-bys and Reviewed-bys even though the
patch has now been applied. If possible patch trailers will be updated.

Note that commit hashes shown below are subject to change due to rebase,
trailer updates or similar. If in doubt, please check the listed branch.

tree:   https://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs.git
branch: vfs.fixes

[1/1] autofs: add: new_inode check in autofs_fill_super()
      https://git.kernel.org/vfs/vfs/c/368e8258536e
diff mbox series

Patch

diff --git a/fs/autofs/inode.c b/fs/autofs/inode.c
index a5083d447a62..6ecf68536240 100644
--- a/fs/autofs/inode.c
+++ b/fs/autofs/inode.c
@@ -311,7 +311,6 @@  static int autofs_fill_super(struct super_block *s, struct fs_context *fc)
 	struct inode *root_inode;
 	struct dentry *root;
 	struct autofs_info *ino;
-	int ret = -ENOMEM;
 
 	pr_debug("starting up, sbi = %p\n", sbi);
 
@@ -328,56 +327,42 @@  static int autofs_fill_super(struct super_block *s, struct fs_context *fc)
 	 */
 	ino = autofs_new_ino(sbi);
 	if (!ino)
-		goto fail;
+		return -ENOMEM;
 
 	root_inode = autofs_get_inode(s, S_IFDIR | 0755);
-	root_inode->i_uid = ctx->uid;
-	root_inode->i_gid = ctx->gid;
-
-	root = d_make_root(root_inode);
-	if (!root)
-		goto fail_ino;
-
-	root->d_fsdata = ino;
+	if (root_inode) {
+		root_inode->i_uid = ctx->uid;
+		root_inode->i_gid = ctx->gid;
+		root_inode->i_fop = &autofs_root_operations;
+		root_inode->i_op = &autofs_dir_inode_operations;
+	}
+	s->s_root = d_make_root(root_inode);
+	if (unlikely(!s->s_root)) {
+		autofs_free_ino(ino);
+		return -ENOMEM;
+	}
+	s->s_root->d_fsdata = ino;
 
 	if (ctx->pgrp_set) {
 		sbi->oz_pgrp = find_get_pid(ctx->pgrp);
-		if (!sbi->oz_pgrp) {
-			ret = invalf(fc, "Could not find process group %d",
-				     ctx->pgrp);
-			goto fail_dput;
-		}
-	} else {
+		if (!sbi->oz_pgrp)
+			return invalf(fc, "Could not find process group %d",
+				      ctx->pgrp);
+	} else
 		sbi->oz_pgrp = get_task_pid(current, PIDTYPE_PGID);
-	}
 
 	if (autofs_type_trigger(sbi->type))
-		__managed_dentry_set_managed(root);
-
-	root_inode->i_fop = &autofs_root_operations;
-	root_inode->i_op = &autofs_dir_inode_operations;
+		/* s->s_root won't be contended so there's little to
+		 * be gained by not taking the d_lock when setting
+		 * d_flags, even when a lot mounts are being done.
+		 */
+		managed_dentry_set_managed(s->s_root);
 
 	pr_debug("pipe fd = %d, pgrp = %u\n",
 		 sbi->pipefd, pid_nr(sbi->oz_pgrp));
 
 	sbi->flags &= ~AUTOFS_SBI_CATATONIC;
-
-	/*
-	 * Success! Install the root dentry now to indicate completion.
-	 */
-	s->s_root = root;
 	return 0;
-
-	/*
-	 * Failure ... clean up.
-	 */
-fail_dput:
-	dput(root);
-	goto fail;
-fail_ino:
-	autofs_free_ino(ino);
-fail:
-	return ret;
 }
 
 /*