# git rev-parse -q --verify 5e46d1b78a03d52306f21f77a4e4a144b6d31486^{commit} 5e46d1b78a03d52306f21f77a4e4a144b6d31486 already have revision, skipping fetch # git checkout -q -f -B kisskb 5e46d1b78a03d52306f21f77a4e4a144b6d31486 # git clean -qxdf # < git log -1 # commit 5e46d1b78a03d52306f21f77a4e4a144b6d31486 # Author: Tetsuo Handa # Date: Sun Mar 21 23:37:49 2021 +0900 # # reiserfs: update reiserfs_xattrs_initialized() condition # # syzbot is reporting NULL pointer dereference at reiserfs_security_init() # [1], for commit ab17c4f02156c4f7 ("reiserfs: fixup xattr_root caching") # is assuming that REISERFS_SB(s)->xattr_root != NULL in # reiserfs_xattr_jcreate_nblocks() despite that commit made # REISERFS_SB(sb)->priv_root != NULL && REISERFS_SB(s)->xattr_root == NULL # case possible. # # I guess that commit 6cb4aff0a77cc0e6 ("reiserfs: fix oops while creating # privroot with selinux enabled") wanted to check xattr_root != NULL # before reiserfs_xattr_jcreate_nblocks(), for the changelog is talking # about the xattr root. # # The issue is that while creating the privroot during mount # reiserfs_security_init calls reiserfs_xattr_jcreate_nblocks which # dereferences the xattr root. The xattr root doesn't exist, so we get # an oops. # # Therefore, update reiserfs_xattrs_initialized() to check both the # privroot and the xattr root. # # Link: https://syzkaller.appspot.com/bug?id=8abaedbdeb32c861dc5340544284167dd0e46cde # [1] # Reported-and-tested-by: syzbot # Signed-off-by: Tetsuo Handa # Fixes: 6cb4aff0a77c ("reiserfs: fix oops while creating privroot with selinux enabled") # Acked-by: Jeff Mahoney # Acked-by: Jan Kara # Signed-off-by: Linus Torvalds # < /opt/cross/kisskb/br-xtensa-full-2016.08-613-ge98b4dd/bin/xtensa-linux-gcc --version # < /opt/cross/kisskb/br-xtensa-full-2016.08-613-ge98b4dd/bin/xtensa-linux-ld --version # < git log --format=%s --max-count=1 5e46d1b78a03d52306f21f77a4e4a144b6d31486 # < make -s -j 10 ARCH=xtensa O=/kisskb/build/linus_xtensa-allmodconfig_xtensa CROSS_COMPILE=/opt/cross/kisskb/br-xtensa-full-2016.08-613-ge98b4dd/bin/xtensa-linux- allmodconfig # Added to kconfig CONFIG_BUILD_DOCSRC=n # Added to kconfig CONFIG_MODULE_SIG=n # Added to kconfig CONFIG_SAMPLES=n # < make -s -j 10 ARCH=xtensa O=/kisskb/build/linus_xtensa-allmodconfig_xtensa CROSS_COMPILE=/opt/cross/kisskb/br-xtensa-full-2016.08-613-ge98b4dd/bin/xtensa-linux- help # make -s -j 10 ARCH=xtensa O=/kisskb/build/linus_xtensa-allmodconfig_xtensa CROSS_COMPILE=/opt/cross/kisskb/br-xtensa-full-2016.08-613-ge98b4dd/bin/xtensa-linux- olddefconfig # make -s -j 10 ARCH=xtensa O=/kisskb/build/linus_xtensa-allmodconfig_xtensa CROSS_COMPILE=/opt/cross/kisskb/br-xtensa-full-2016.08-613-ge98b4dd/bin/xtensa-linux- In file included from /kisskb/src/arch/xtensa/include/asm/atomic.h:19:0, from /kisskb/src/include/linux/atomic.h:7, from /kisskb/src/include/linux/page_counter.h:5, from /kisskb/src/mm/memcontrol.c:28: /kisskb/src/mm/memcontrol.c: In function 'memcg_reparent_objcgs': /kisskb/src/arch/xtensa/include/asm/cmpxchg.h:173:3: warning: value computed is not used [-Wunused-value] ((__typeof__(*(ptr)))__xchg((unsigned long)(x),(ptr),sizeof(*(ptr)))) ^ /kisskb/src/mm/memcontrol.c:336:2: note: in expansion of macro 'xchg' xchg(&objcg->memcg, parent); ^ /kisskb/src/arch/xtensa/include/asm/cmpxchg.h:173:3: warning: value computed is not used [-Wunused-value] ((__typeof__(*(ptr)))__xchg((unsigned long)(x),(ptr),sizeof(*(ptr)))) ^ /kisskb/src/mm/memcontrol.c:343:3: note: in expansion of macro 'xchg' xchg(&iter->memcg, parent); ^ In file included from /kisskb/src/arch/xtensa/include/asm/atomic.h:19:0, from /kisskb/src/include/linux/atomic.h:7, from /kisskb/src/include/asm-generic/bitops/atomic.h:5, from /kisskb/src/arch/xtensa/include/asm/bitops.h:192, from /kisskb/src/include/linux/bitops.h:32, from /kisskb/src/include/linux/kernel.h:11, from /kisskb/src/include/linux/list.h:9, from /kisskb/src/include/linux/wait.h:7, from /kisskb/src/include/linux/wait_bit.h:8, from /kisskb/src/include/linux/fs.h:6, from /kisskb/src/fs/ocfs2/file.c:13: /kisskb/src/fs/ocfs2/file.c: In function 'ocfs2_file_write_iter': /kisskb/src/arch/xtensa/include/asm/cmpxchg.h:173:3: warning: value computed is not used [-Wunused-value] ((__typeof__(*(ptr)))__xchg((unsigned long)(x),(ptr),sizeof(*(ptr)))) ^ /kisskb/src/fs/ocfs2/file.c:2421:3: note: in expansion of macro 'xchg' xchg(&iocb->ki_complete, saved_ki_complete); ^ /kisskb/src/drivers/input/joystick/analog.c:160:2: warning: #warning Precise timer not defined for this architecture. [-Wcpp] #warning Precise timer not defined for this architecture. ^ In file included from /kisskb/src/arch/xtensa/include/asm/atomic.h:19:0, from /kisskb/src/include/linux/atomic.h:7, from /kisskb/src/include/asm-generic/bitops/atomic.h:5, from /kisskb/src/arch/xtensa/include/asm/bitops.h:192, from /kisskb/src/include/linux/bitops.h:32, from /kisskb/src/include/linux/bitmap.h:8, from /kisskb/src/include/linux/ethtool.h:16, from /kisskb/src/drivers/net/ethernet/amazon/ena/ena_netdev.c:11: /kisskb/src/drivers/net/ethernet/amazon/ena/ena_netdev.c: In function 'ena_xdp_exchange_program_rx_in_range': /kisskb/src/arch/xtensa/include/asm/cmpxchg.h:173:3: warning: value computed is not used [-Wunused-value] ((__typeof__(*(ptr)))__xchg((unsigned long)(x),(ptr),sizeof(*(ptr)))) ^ /kisskb/src/drivers/net/ethernet/amazon/ena/ena_netdev.c:532:3: note: in expansion of macro 'xchg' xchg(&rx_ring->xdp_bpf_prog, prog); ^ /kisskb/src/drivers/gpu/drm/rockchip/cdn-dp-core.c:1124:12: warning: 'cdn_dp_resume' defined but not used [-Wunused-function] static int cdn_dp_resume(struct device *dev) ^ In file included from /kisskb/src/arch/xtensa/include/asm/atomic.h:19:0, from /kisskb/src/include/linux/atomic.h:7, from /kisskb/src/include/asm-generic/bitops/atomic.h:5, from /kisskb/src/arch/xtensa/include/asm/bitops.h:192, from /kisskb/src/include/linux/bitops.h:32, from /kisskb/src/drivers/net/ethernet/intel/ixgbevf/ixgbevf_main.c:11: /kisskb/src/drivers/net/ethernet/intel/ixgbevf/ixgbevf_main.c: In function 'ixgbevf_xdp_setup': /kisskb/src/arch/xtensa/include/asm/cmpxchg.h:173:3: warning: value computed is not used [-Wunused-value] ((__typeof__(*(ptr)))__xchg((unsigned long)(x),(ptr),sizeof(*(ptr)))) ^ /kisskb/src/drivers/net/ethernet/intel/ixgbevf/ixgbevf_main.c:4445:4: note: in expansion of macro 'xchg' xchg(&adapter->rx_ring[i]->xdp_prog, adapter->xdp_prog); ^ WARNING: modpost: lib/test_bitmap.o(.text.unlikely+0x58): Section mismatch in reference from the function bitmap_equal() to the variable .init.rodata:clump_exp The function bitmap_equal() references the variable __initconst clump_exp. This is often because bitmap_equal lacks a __initconst annotation or the annotation of clump_exp is wrong. WARNING: modpost: drivers/net/ethernet/qlogic/qed/qed.o(.data+0x3570): Section mismatch in reference from the variable qed_mfw_legacy_maps to the variable .init.rodata:qed_mfw_legacy_bb_100g The variable qed_mfw_legacy_maps references the variable __initconst qed_mfw_legacy_bb_100g If the reference is valid then annotate the variable with __init* or __refdata (see linux/init.h) or name the variable: *_template, *_timer, *_sht, *_ops, *_probe, *_probe_one, *_console WARNING: modpost: drivers/net/ethernet/qlogic/qed/qed.o(.data+0x3588): Section mismatch in reference from the variable qed_mfw_legacy_maps to the variable .init.rodata:qed_mfw_legacy_bb_100g The variable qed_mfw_legacy_maps references the variable __initconst qed_mfw_legacy_bb_100g If the reference is valid then annotate the variable with __init* or __refdata (see linux/init.h) or name the variable: *_template, *_timer, *_sht, *_ops, *_probe, *_probe_one, *_console WARNING: modpost: drivers/net/ethernet/qlogic/qed/qed.o(.data+0x35a0): Section mismatch in reference from the variable qed_mfw_legacy_maps to the variable .init.rodata:qed_mfw_legacy_bb_100g The variable qed_mfw_legacy_maps references the variable __initconst qed_mfw_legacy_bb_100g If the reference is valid then annotate the variable with __init* or __refdata (see linux/init.h) or name the variable: *_template, *_timer, *_sht, *_ops, *_probe, *_probe_one, *_console WARNING: modpost: drivers/net/ethernet/qlogic/qed/qed.o(.data+0x35b8): Section mismatch in reference from the variable qed_mfw_legacy_maps to the variable .init.rodata:qed_mfw_legacy_bb_100g The variable qed_mfw_legacy_maps references the variable __initconst qed_mfw_legacy_bb_100g If the reference is valid then annotate the variable with __init* or __refdata (see linux/init.h) or name the variable: *_template, *_timer, *_sht, *_ops, *_probe, *_probe_one, *_console WARNING: modpost: drivers/net/ethernet/qlogic/qed/qed.o(.data+0x35d0): Section mismatch in reference from the variable qed_mfw_legacy_maps to the variable .init.rodata:qed_mfw_legacy_bb_100g The variable qed_mfw_legacy_maps references the variable __initconst qed_mfw_legacy_bb_100g If the reference is valid then annotate the variable with __init* or __refdata (see linux/init.h) or name the variable: *_template, *_timer, *_sht, *_ops, *_probe, *_probe_one, *_console WARNING: modpost: drivers/net/ethernet/qlogic/qed/qed.o(.data+0x35e8): Section mismatch in reference from the variable qed_mfw_legacy_maps to the variable .init.rodata:qed_mfw_legacy_bb_100g The variable qed_mfw_legacy_maps references the variable __initconst qed_mfw_legacy_bb_100g If the reference is valid then annotate the variable with __init* or __refdata (see linux/init.h) or name the variable: *_template, *_timer, *_sht, *_ops, *_probe, *_probe_one, *_console WARNING: modpost: drivers/net/ethernet/qlogic/qed/qed.o(.data+0x3600): Section mismatch in reference from the variable qed_mfw_legacy_maps to the variable .init.rodata:qed_mfw_legacy_bb_100g The variable qed_mfw_legacy_maps references the variable __initconst qed_mfw_legacy_bb_100g If the reference is valid then annotate the variable with __init* or __refdata (see linux/init.h) or name the variable: *_template, *_timer, *_sht, *_ops, *_probe, *_probe_one, *_console WARNING: modpost: drivers/net/ethernet/qlogic/qed/qed.o(.data+0x3618): Section mismatch in reference from the variable qed_mfw_ext_maps to the variable .init.rodata:qed_mfw_legacy_bb_100g The variable qed_mfw_ext_maps references the variable __initconst qed_mfw_legacy_bb_100g If the reference is valid then annotate the variable with __init* or __refdata (see linux/init.h) or name the variable: *_template, *_timer, *_sht, *_ops, *_probe, *_probe_one, *_console WARNING: modpost: drivers/net/ethernet/qlogic/qed/qed.o(.data+0x3630): Section mismatch in reference from the variable qed_mfw_ext_maps to the variable .init.rodata:qed_mfw_legacy_bb_100g The variable qed_mfw_ext_maps references the variable __initconst qed_mfw_legacy_bb_100g If the reference is valid then annotate the variable with __init* or __refdata (see linux/init.h) or name the variable: *_template, *_timer, *_sht, *_ops, *_probe, *_probe_one, *_console WARNING: modpost: drivers/net/ethernet/qlogic/qed/qed.o(.data+0x3648): Section mismatch in reference from the variable qed_mfw_ext_maps to the variable .init.rodata:qed_mfw_legacy_bb_100g The variable qed_mfw_ext_maps references the variable __initconst qed_mfw_legacy_bb_100g If the reference is valid then annotate the variable with __init* or __refdata (see linux/init.h) or name the variable: *_template, *_timer, *_sht, *_ops, *_probe, *_probe_one, *_console WARNING: modpost: drivers/net/ethernet/qlogic/qed/qed.o(.data+0x3660): Section mismatch in reference from the variable qed_mfw_ext_maps to the variable .init.rodata:qed_mfw_legacy_bb_100g The variable qed_mfw_ext_maps references the variable __initconst qed_mfw_legacy_bb_100g If the reference is valid then annotate the variable with __init* or __refdata (see linux/init.h) or name the variable: *_template, *_timer, *_sht, *_ops, *_probe, *_probe_one, *_console WARNING: modpost: drivers/net/ethernet/qlogic/qed/qed.o(.data+0x3678): Section mismatch in reference from the variable qed_mfw_ext_maps to the variable .init.rodata:qed_mfw_legacy_bb_100g The variable qed_mfw_ext_maps references the variable __initconst qed_mfw_legacy_bb_100g If the reference is valid then annotate the variable with __init* or __refdata (see linux/init.h) or name the variable: *_template, *_timer, *_sht, *_ops, *_probe, *_probe_one, *_console WARNING: modpost: drivers/net/ethernet/qlogic/qed/qed.o(.data+0x3690): Section mismatch in reference from the variable qed_mfw_ext_maps to the variable .init.rodata:qed_mfw_legacy_bb_100g The variable qed_mfw_ext_maps references the variable __initconst qed_mfw_legacy_bb_100g If the reference is valid then annotate the variable with __init* or __refdata (see linux/init.h) or name the variable: *_template, *_timer, *_sht, *_ops, *_probe, *_probe_one, *_console WARNING: modpost: drivers/net/ethernet/qlogic/qed/qed.o(.data+0x36a8): Section mismatch in reference from the variable qed_mfw_ext_maps to the variable .init.rodata:qed_mfw_legacy_bb_100g The variable qed_mfw_ext_maps references the variable __initconst qed_mfw_legacy_bb_100g If the reference is valid then annotate the variable with __init* or __refdata (see linux/init.h) or name the variable: *_template, *_timer, *_sht, *_ops, *_probe, *_probe_one, *_console WARNING: modpost: drivers/net/ethernet/qlogic/qed/qed.o(.data+0x36c0): Section mismatch in reference from the variable qed_mfw_ext_maps to the variable .init.rodata:qed_mfw_legacy_bb_100g The variable qed_mfw_ext_maps references the variable __initconst qed_mfw_legacy_bb_100g If the reference is valid then annotate the variable with __init* or __refdata (see linux/init.h) or name the variable: *_template, *_timer, *_sht, *_ops, *_probe, *_probe_one, *_console WARNING: modpost: drivers/net/ethernet/qlogic/qed/qed.o(.data+0x36d8): Section mismatch in reference from the variable qed_mfw_ext_maps to the variable .init.rodata:qed_mfw_legacy_bb_100g The variable qed_mfw_ext_maps references the variable __initconst qed_mfw_legacy_bb_100g If the reference is valid then annotate the variable with __init* or __refdata (see linux/init.h) or name the variable: *_template, *_timer, *_sht, *_ops, *_probe, *_probe_one, *_console WARNING: modpost: drivers/net/ethernet/qlogic/qede/qede.o(.data+0x134): Section mismatch in reference from the variable qede_forced_speed_maps to the variable .init.rodata:qede_forced_speed_100000 The variable qede_forced_speed_maps references the variable __initconst qede_forced_speed_100000 If the reference is valid then annotate the variable with __init* or __refdata (see linux/init.h) or name the variable: *_template, *_timer, *_sht, *_ops, *_probe, *_probe_one, *_console WARNING: modpost: drivers/net/ethernet/qlogic/qede/qede.o(.data+0x14c): Section mismatch in reference from the variable qede_forced_speed_maps to the variable .init.rodata:qede_forced_speed_100000 The variable qede_forced_speed_maps references the variable __initconst qede_forced_speed_100000 If the reference is valid then annotate the variable with __init* or __refdata (see linux/init.h) or name the variable: *_template, *_timer, *_sht, *_ops, *_probe, *_probe_one, *_console WARNING: modpost: drivers/net/ethernet/qlogic/qede/qede.o(.data+0x164): Section mismatch in reference from the variable qede_forced_speed_maps to the variable .init.rodata:qede_forced_speed_100000 The variable qede_forced_speed_maps references the variable __initconst qede_forced_speed_100000 If the reference is valid then annotate the variable with __init* or __refdata (see linux/init.h) or name the variable: *_template, *_timer, *_sht, *_ops, *_probe, *_probe_one, *_console WARNING: modpost: drivers/net/ethernet/qlogic/qede/qede.o(.data+0x17c): Section mismatch in reference from the variable qede_forced_speed_maps to the variable .init.rodata:qede_forced_speed_100000 The variable qede_forced_speed_maps references the variable __initconst qede_forced_speed_100000 If the reference is valid then annotate the variable with __init* or __refdata (see linux/init.h) or name the variable: *_template, *_timer, *_sht, *_ops, *_probe, *_probe_one, *_console WARNING: modpost: drivers/net/ethernet/qlogic/qede/qede.o(.data+0x194): Section mismatch in reference from the variable qede_forced_speed_maps to the variable .init.rodata:qede_forced_speed_100000 The variable qede_forced_speed_maps references the variable __initconst qede_forced_speed_100000 If the reference is valid then annotate the variable with __init* or __refdata (see linux/init.h) or name the variable: *_template, *_timer, *_sht, *_ops, *_probe, *_probe_one, *_console WARNING: modpost: drivers/net/ethernet/qlogic/qede/qede.o(.data+0x1ac): Section mismatch in reference from the variable qede_forced_speed_maps to the variable .init.rodata:qede_forced_speed_100000 The variable qede_forced_speed_maps references the variable __initconst qede_forced_speed_100000 If the reference is valid then annotate the variable with __init* or __refdata (see linux/init.h) or name the variable: *_template, *_timer, *_sht, *_ops, *_probe, *_probe_one, *_console WARNING: modpost: drivers/net/ethernet/qlogic/qede/qede.o(.data+0x1c4): Section mismatch in reference from the variable qede_forced_speed_maps to the variable .init.rodata:qede_forced_speed_100000 The variable qede_forced_speed_maps references the variable __initconst qede_forced_speed_100000 If the reference is valid then annotate the variable with __init* or __refdata (see linux/init.h) or name the variable: *_template, *_timer, *_sht, *_ops, *_probe, *_probe_one, *_console Completed OK # rm -rf /kisskb/build/linus_xtensa-allmodconfig_xtensa # Build took: 0:20:17.651270