Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 9e271ae2 authored by Anand Jain's avatar Anand Jain Committed by David Sterba
Browse files

Btrfs: kernel operation should come after user input has been verified 



By general rule of thumb there shouldn't be any way that user land
could trigger a kernel operation just by sending wrong arguments.

Here do commit cleanups after user input has been verified.

Signed-off-by: default avatarAnand Jain <anand.jain@oracle.com>
Signed-off-by: default avatarDavid Sterba <dsterba@suse.com>
parent 12b1c263

fs/btrfs/dev-replace.c

+13 −13
Original line number Diff line number Diff line
@@ -327,19 +327,6 @@ int btrfs_dev_replace_start(struct btrfs_root *root, 
	    args->start.tgtdev_name[0] == '\0')

		return -EINVAL;



	/*

	 * Here we commit the transaction to make sure commit_total_bytes

	 * of all the devices are updated.

	 */

	trans = btrfs_attach_transaction(root);

	if (!IS_ERR(trans)) {

		ret = btrfs_commit_transaction(trans, root);

		if (ret)

			return ret;

	} else if (PTR_ERR(trans) != -ENOENT) {

		return PTR_ERR(trans);

	}



	/* the disk copy procedure reuses the scrub code */

	mutex_lock(&fs_info->volume_mutex);

	ret = btrfs_dev_replace_find_srcdev(root, args->start.srcdevid,
@@ -356,6 +343,19 @@ int btrfs_dev_replace_start(struct btrfs_root *root, 
	if (ret)

		return ret;



	/*

	 * Here we commit the transaction to make sure commit_total_bytes

	 * of all the devices are updated.

	 */

	trans = btrfs_attach_transaction(root);

	if (!IS_ERR(trans)) {

		ret = btrfs_commit_transaction(trans, root);

		if (ret)

			return ret;

	} else if (PTR_ERR(trans) != -ENOENT) {

		return PTR_ERR(trans);

	}



	btrfs_dev_replace_lock(dev_replace);

	switch (dev_replace->replace_state) {

	case BTRFS_IOCTL_DEV_REPLACE_STATE_NEVER_STARTED: