summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTheodore Ts'o <tytso@mit.edu>2023-05-05 22:20:29 -0400
committerTheodore Ts'o <tytso@mit.edu>2023-05-13 18:05:05 -0400
commit4c0b4818b1f636bc96359f7817a2d8bab6370162 (patch)
treefab933e7b6fadc2a7c08b70718704416fd96da04
parent4b3cb1d108bfc2aebb0d7c8a52261a53cf7f5786 (diff)
downloadlwn-4c0b4818b1f636bc96359f7817a2d8bab6370162.tar.gz
lwn-4c0b4818b1f636bc96359f7817a2d8bab6370162.zip
ext4: improve error recovery code paths in __ext4_remount()
If there are failures while changing the mount options in __ext4_remount(), we need to restore the old mount options. This commit fixes two problem. The first is there is a chance that we will free the old quota file names before a potential failure leading to a use-after-free. The second problem addressed in this commit is if there is a failed read/write to read-only transition, if the quota has already been suspended, we need to renable quota handling. Cc: stable@kernel.org Link: https://lore.kernel.org/r/20230506142419.984260-2-tytso@mit.edu Signed-off-by: Theodore Ts'o <tytso@mit.edu>
-rw-r--r--fs/ext4/super.c13
1 files changed, 10 insertions, 3 deletions
diff --git a/fs/ext4/super.c b/fs/ext4/super.c
index c7bc4a2709cc..bc0b4a98b337 100644
--- a/fs/ext4/super.c
+++ b/fs/ext4/super.c
@@ -6617,9 +6617,6 @@ static int __ext4_remount(struct fs_context *fc, struct super_block *sb)
}
#ifdef CONFIG_QUOTA
- /* Release old quota file names */
- for (i = 0; i < EXT4_MAXQUOTAS; i++)
- kfree(old_opts.s_qf_names[i]);
if (enable_quota) {
if (sb_any_quota_suspended(sb))
dquot_resume(sb, -1);
@@ -6629,6 +6626,9 @@ static int __ext4_remount(struct fs_context *fc, struct super_block *sb)
goto restore_opts;
}
}
+ /* Release old quota file names */
+ for (i = 0; i < EXT4_MAXQUOTAS; i++)
+ kfree(old_opts.s_qf_names[i]);
#endif
if (!test_opt(sb, BLOCK_VALIDITY) && sbi->s_system_blks)
ext4_release_system_zone(sb);
@@ -6642,6 +6642,13 @@ static int __ext4_remount(struct fs_context *fc, struct super_block *sb)
return 0;
restore_opts:
+ /*
+ * If there was a failing r/w to ro transition, we may need to
+ * re-enable quota
+ */
+ if ((sb->s_flags & SB_RDONLY) && !(old_sb_flags & SB_RDONLY) &&
+ sb_any_quota_suspended(sb))
+ dquot_resume(sb, -1);
sb->s_flags = old_sb_flags;
sbi->s_mount_opt = old_opts.s_mount_opt;
sbi->s_mount_opt2 = old_opts.s_mount_opt2;