From: Benjamin Marzinski Date: Mon, 5 Dec 2016 05:26:38 +0000 (-0600) Subject: dm space map: always set ev if sm_ll_mutate() succeeds X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=b446396b7482938c859bfaa42320026d158616ae;p=GitHub%2Fmoto-9609%2Fandroid_kernel_motorola_exynos9610.git dm space map: always set ev if sm_ll_mutate() succeeds If no block was allocated or freed, sm_ll_mutate() wasn't setting *ev, leaving the variable unitialized. sm_ll_insert(), sm_disk_inc_block(), and sm_disk_new_block() all check ev to see if there was an allocation event in sm_ll_mutate(), possibly reading unitialized data. If no allocation event occured, sm_ll_mutate() should set *ev to SM_NONE. Signed-off-by: Benjamin Marzinski Acked-by: Joe Thornber Signed-off-by: Mike Snitzer --- diff --git a/drivers/md/persistent-data/dm-space-map-common.c b/drivers/md/persistent-data/dm-space-map-common.c index 10978ba1d2c1..4c28608a0c94 100644 --- a/drivers/md/persistent-data/dm-space-map-common.c +++ b/drivers/md/persistent-data/dm-space-map-common.c @@ -464,7 +464,8 @@ static int sm_ll_mutate(struct ll_disk *ll, dm_block_t b, ll->nr_allocated--; le32_add_cpu(&ie_disk.nr_free, 1); ie_disk.none_free_before = cpu_to_le32(min(le32_to_cpu(ie_disk.none_free_before), bit)); - } + } else + *ev = SM_NONE; return ll->save_ie(ll, index, &ie_disk); }