From patchwork Mon Sep 13 13:14:21 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Greg KH X-Patchwork-Id: 510879 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-19.1 required=3.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER, INCLUDES_PATCH, MAILING_LIST_MULTI, SPF_HELO_NONE, SPF_PASS, URIBL_BLOCKED, USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id E6AC0C4332F for ; Mon, 13 Sep 2021 13:21:17 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id D3F43610CB for ; Mon, 13 Sep 2021 13:21:17 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S240542AbhIMNW3 (ORCPT ); Mon, 13 Sep 2021 09:22:29 -0400 Received: from mail.kernel.org ([198.145.29.99]:35046 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S240635AbhIMNVW (ORCPT ); Mon, 13 Sep 2021 09:21:22 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id 192046112D; Mon, 13 Sep 2021 13:20:03 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=linuxfoundation.org; s=korg; t=1631539204; bh=OPddaRiK+9M+Rx4KrOe4SDXtMoeMPsr7BQV8MVDSbAA=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=bxVWZZ+gN6+WBEAssQi4m21sDgE0UBjOhIUTyb4KjvHB46qhmJdlVK7ssL38mr7Nn yuR1vUwcMNQJnTB/8gVJskxUd0y9HRdhQOGBK8VOZIoNy+bOkt0rjOElqHhJfBX197 CpRr7jVOlrJa2FA2Wtp4w5YVpwNSMgQzM6mBjEnA= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Taehee Yoo , =?utf-8?q?M=C3=A1rio_Lopes?= , Sven Eckelmann , Sasha Levin Subject: [PATCH 5.4 080/144] debugfs: Return error during {full/open}_proxy_open() on rmmod Date: Mon, 13 Sep 2021 15:14:21 +0200 Message-Id: <20210913131050.641470610@linuxfoundation.org> X-Mailer: git-send-email 2.33.0 In-Reply-To: <20210913131047.974309396@linuxfoundation.org> References: <20210913131047.974309396@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: stable@vger.kernel.org From: Sven Eckelmann [ Upstream commit 112cedc8e600b668688eb809bf11817adec58ddc ] If a kernel module gets unloaded then it printed report about a leak before commit 275678e7a9be ("debugfs: Check module state before warning in {full/open}_proxy_open()"). An additional check was added in this commit to avoid this printing. But it was forgotten that the function must return an error in this case because it was not actually opened. As result, the systems started to crash or to hang when a module was unloaded while something was trying to open a file. Fixes: 275678e7a9be ("debugfs: Check module state before warning in {full/open}_proxy_open()") Cc: Taehee Yoo Reported-by: Mário Lopes Signed-off-by: Sven Eckelmann Link: https://lore.kernel.org/r/20210802162444.7848-1-sven@narfation.org Signed-off-by: Greg Kroah-Hartman Signed-off-by: Sasha Levin --- fs/debugfs/file.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/fs/debugfs/file.c b/fs/debugfs/file.c index 943637298f65..a32c5c7dcfd8 100644 --- a/fs/debugfs/file.c +++ b/fs/debugfs/file.c @@ -178,8 +178,10 @@ static int open_proxy_open(struct inode *inode, struct file *filp) if (!fops_get(real_fops)) { #ifdef CONFIG_MODULES if (real_fops->owner && - real_fops->owner->state == MODULE_STATE_GOING) + real_fops->owner->state == MODULE_STATE_GOING) { + r = -ENXIO; goto out; + } #endif /* Huh? Module did not clean up after itself at exit? */ @@ -313,8 +315,10 @@ static int full_proxy_open(struct inode *inode, struct file *filp) if (!fops_get(real_fops)) { #ifdef CONFIG_MODULES if (real_fops->owner && - real_fops->owner->state == MODULE_STATE_GOING) + real_fops->owner->state == MODULE_STATE_GOING) { + r = -ENXIO; goto out; + } #endif /* Huh? Module did not cleanup after itself at exit? */