[RHEL7,COMMIT] ploop: Fix divide by null in purge_lru_warn()

Submitted by Vasily Averin on July 2, 2020, 1:36 p.m.

Details

Message ID 202007021336.062DasqK011874@vvs.co7.work.ct
State New
Series "ploop: Fix divide by null in purge_lru_warn()"
Headers show

Commit Message

Vasily Averin July 2, 2020, 1:36 p.m.
The commit is pushed to "branch-rh7-3.10.0-1127.10.1.vz7.162.x-ovz" and will appear at https://src.openvz.org/scm/ovz/vzkernel.git
after rh7-3.10.0-1127.10.1.vz7.162.6
------>
commit 7dfbc654e558063d7599b49957fd4046348a76b8
Author: Kirill Tkhai <ktkhai@virtuozzo.com>
Date:   Thu Jul 2 16:36:53 2020 +0300

    ploop: Fix divide by null in purge_lru_warn()
    
    Despite purge_lru_mapping() at check time guarantees
    ploop_io_images_size in not 0:
    
        (u64)tree->map_size * atomic_long_read(&ploop_io_images_size) >
            (u64)max_entries * i_size_read(tree->mapping->host),
    
    the check and purge_lru_warn() are not protected to be correct
    at the same time, and race is possible there.
    
    Fix it.
    
    https://jira.sw.ru/browse/PSBM-104867
    Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
---
 drivers/block/ploop/io_direct_map.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

Patch hide | download patch | download mbox

diff --git a/drivers/block/ploop/io_direct_map.c b/drivers/block/ploop/io_direct_map.c
index a3f19d22e313..5528e86aab43 100644
--- a/drivers/block/ploop/io_direct_map.c
+++ b/drivers/block/ploop/io_direct_map.c
@@ -375,7 +375,9 @@  static inline void purge_lru_warn(struct extent_map_tree *tree)
 		sizeof(struct extent_map);
 
 	loff_t ratio = i_size_read(tree->mapping->host) * 100;
-	do_div(ratio, atomic_long_read(&ploop_io_images_size));
+	long images_size = atomic_long_read(&ploop_io_images_size) ? : 1;
+
+	do_div(ratio, images_size);
 
 	printk(KERN_WARNING "Purging lru entry from extent tree for inode %ld "
 	       "(map_size=%d ratio=%lld%%)\n",