[RH7] ploop: Fix divide by null in purge_lru_warn()

Submitted by Kirill Tkhai on June 23, 2020, 10:08 a.m.

Details

Message ID 159290691912.463544.1867140100840881580.stgit@localhost.localdomain
State New
Series "ploop: Fix divide by null in purge_lru_warn()"
Headers show

Commit Message

Kirill Tkhai June 23, 2020, 10:08 a.m.
Despite purge_lru_mapping() at check time guarantees
ploop_io_images_size in not 0:

    (u64)tree->map_size * atomic_long_read(&ploop_io_images_size) >
        (u64)max_entries * i_size_read(tree->mapping->host),

the check and purge_lru_warn() are not protected to be correct
at the same time, and race is possible there.

Fix it.

https://jira.sw.ru/browse/PSBM-104867

Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
---
 drivers/block/ploop/io_direct_map.c |    4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

Patch hide | download patch | download mbox

diff --git a/drivers/block/ploop/io_direct_map.c b/drivers/block/ploop/io_direct_map.c
index a3f19d22e313..5528e86aab43 100644
--- a/drivers/block/ploop/io_direct_map.c
+++ b/drivers/block/ploop/io_direct_map.c
@@ -375,7 +375,9 @@  static inline void purge_lru_warn(struct extent_map_tree *tree)
 		sizeof(struct extent_map);
 
 	loff_t ratio = i_size_read(tree->mapping->host) * 100;
-	do_div(ratio, atomic_long_read(&ploop_io_images_size));
+	long images_size = atomic_long_read(&ploop_io_images_size) ? : 1;
+
+	do_div(ratio, images_size);
 
 	printk(KERN_WARNING "Purging lru entry from extent tree for inode %ld "
 	       "(map_size=%d ratio=%lld%%)\n",