The branch main has been updated by markj: URL: https://cgit.FreeBSD.org/src/commit/?id=7565431f30909e67b1fd811155eb8788421e51d9
commit 7565431f30909e67b1fd811155eb8788421e51d9 Author: Mark Johnston <[email protected]> AuthorDate: 2022-06-14 15:36:00 +0000 Commit: Mark Johnston <[email protected]> CommitDate: 2022-06-14 16:00:59 +0000 mount: Fix an incorrect assertion in kernel_mount() The pointer to the mount values may be null if an error occurred while copying them in, so fix the assertion condition to reflect that possibility. While here, move some initialization code into the error == 0 block. No functional change intended. Reported by: syzkaller MFC after: 2 weeks Sponsored by: The FreeBSD Foundation --- sys/kern/vfs_mount.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/sys/kern/vfs_mount.c b/sys/kern/vfs_mount.c index e3818b67e841..e33492cd8367 100644 --- a/sys/kern/vfs_mount.c +++ b/sys/kern/vfs_mount.c @@ -2813,16 +2813,16 @@ kernel_mount(struct mntarg *ma, uint64_t flags) int error; KASSERT(ma != NULL, ("kernel_mount NULL ma")); - KASSERT(ma->v != NULL, ("kernel_mount NULL ma->v")); + KASSERT(ma->error != 0 || ma->v != NULL, ("kernel_mount NULL ma->v")); KASSERT(!(ma->len & 1), ("kernel_mount odd ma->len (%d)", ma->len)); - auio.uio_iov = ma->v; - auio.uio_iovcnt = ma->len; - auio.uio_segflg = UIO_SYSSPACE; - error = ma->error; - if (!error) + if (error == 0) { + auio.uio_iov = ma->v; + auio.uio_iovcnt = ma->len; + auio.uio_segflg = UIO_SYSSPACE; error = vfs_donmount(curthread, flags, &auio); + } free_mntarg(ma); return (error); }
