From: Coly Li colyli@suse.de
mainline inclusion from mainline-5.6-rc1 commit 29cda393bcaad160c4bf3676ddd99855adafc72f category: feature bugzilla: 43003 CVE: NA ---------------------------
Patch "bcache: rework error unwinding in register_bcache" from Christoph Hellwig changes the local variables 'path' and 'err' in undefined initial state. If the code in register_bcache() jumps to label 'out:' or 'out_module_put:' by goto, these two variables might be reference with undefined value by the following line,
out_module_put: module_put(THIS_MODULE); out: pr_info("error %s: %s", path, err); return ret;
Therefore this patch initializes these two local variables properly in register_bcache() to avoid such issue.
Signed-off-by: Coly Li colyli@suse.de Signed-off-by: Jens Axboe axboe@kernel.dk Acked-by: Hanjun Guo guohanjun@huawei.com Reviewed-by: Yufen Yu yuyufen@huawei.com Signed-off-by: zhangyi (F) yi.zhang@huawei.com Signed-off-by: Yang Yingliang yangyingliang@huawei.com --- drivers/md/bcache/super.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/drivers/md/bcache/super.c b/drivers/md/bcache/super.c index eddc4ec3f7a4..a5bbaf0c047a 100644 --- a/drivers/md/bcache/super.c +++ b/drivers/md/bcache/super.c @@ -2369,18 +2369,20 @@ static ssize_t register_bcache(struct kobject *k, struct kobj_attribute *attr, const char *buffer, size_t size) { const char *err; - char *path; + char *path = NULL; struct cache_sb *sb; struct block_device *bdev = NULL; struct page *sb_page; ssize_t ret;
ret = -EBUSY; + err = "failed to reference bcache module"; if (!try_module_get(THIS_MODULE)) goto out;
/* For latest state of bcache_is_reboot */ smp_mb(); + err = "bcache is in reboot"; if (bcache_is_reboot) goto out_module_put;