ocfs2: fix deadlock risk when kmalloc failed in dlm_query_region_handler
authorZhonghua Guo <guozhonghua@h3c.com>
Thu, 3 Apr 2014 21:47:02 +0000 (14:47 -0700)
committerLinus Torvalds <torvalds@linux-foundation.org>
Thu, 3 Apr 2014 23:20:55 +0000 (16:20 -0700)
In dlm_query_region_handler(), once kmalloc failed, it will unlock
dlm_domain_lock without lock first, then deadlock happens.

Signed-off-by: Zhonghua Guo <guozhonghua@h3c.com>
Signed-off-by: Joseph Qi <joseph.qi@huawei.com>
Reviewed-by: Srinivas Eeda <srinivas.eeda@oracle.com>
Tested-by: Joseph Qi <joseph.qi@huawei.com>
Cc: Joel Becker <jlbec@evilplan.org>
Cc: Mark Fasheh <mfasheh@suse.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
fs/ocfs2/dlm/dlmdomain.c

index 1307a8cff8dbedce7ae396d367d483a71fad91d1..c973690dc0bc41568b13558093c99a928947a640 100644 (file)
@@ -1123,7 +1123,6 @@ static int dlm_query_region_handler(struct o2net_msg *msg, u32 len,
        struct dlm_ctxt *dlm = NULL;
        char *local = NULL;
        int status = 0;
-       int locked = 0;
 
        qr = (struct dlm_query_region *) msg->buf;
 
@@ -1132,10 +1131,8 @@ static int dlm_query_region_handler(struct o2net_msg *msg, u32 len,
 
        /* buffer used in dlm_mast_regions() */
        local = kmalloc(sizeof(qr->qr_regions), GFP_KERNEL);
-       if (!local) {
-               status = -ENOMEM;
-               goto bail;
-       }
+       if (!local)
+               return -ENOMEM;
 
        status = -EINVAL;
 
@@ -1144,16 +1141,15 @@ static int dlm_query_region_handler(struct o2net_msg *msg, u32 len,
        if (!dlm) {
                mlog(ML_ERROR, "Node %d queried hb regions on domain %s "
                     "before join domain\n", qr->qr_node, qr->qr_domain);
-               goto bail;
+               goto out_domain_lock;
        }
 
        spin_lock(&dlm->spinlock);
-       locked = 1;
        if (dlm->joining_node != qr->qr_node) {
                mlog(ML_ERROR, "Node %d queried hb regions on domain %s "
                     "but joining node is %d\n", qr->qr_node, qr->qr_domain,
                     dlm->joining_node);
-               goto bail;
+               goto out_dlm_lock;
        }
 
        /* Support for global heartbeat was added in 1.1 */
@@ -1163,14 +1159,15 @@ static int dlm_query_region_handler(struct o2net_msg *msg, u32 len,
                     "but active dlm protocol is %d.%d\n", qr->qr_node,
                     qr->qr_domain, dlm->dlm_locking_proto.pv_major,
                     dlm->dlm_locking_proto.pv_minor);
-               goto bail;
+               goto out_dlm_lock;
        }
 
        status = dlm_match_regions(dlm, qr, local, sizeof(qr->qr_regions));
 
-bail:
-       if (locked)
-               spin_unlock(&dlm->spinlock);
+out_dlm_lock:
+       spin_unlock(&dlm->spinlock);
+
+out_domain_lock:
        spin_unlock(&dlm_domain_lock);
 
        kfree(local);