a7y18lte-ubports/android_kernel_samsung_a7y18lte
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1d32ea219d
android_kernel_samsung_a7y1.../fs
History
Wengang Wang 9de6a36b59 fs/ocfs2: fix race in ocfs2_dentry_attach_lock() 
commit be99ca2716972a712cde46092c54dee5e6192bf8 upstream.

ocfs2_dentry_attach_lock() can be executed in parallel threads against the
same dentry.  Make that race safe.  The race is like this:

            thread A                               thread B

(A1) enter ocfs2_dentry_attach_lock,
seeing dentry->d_fsdata is NULL,
and no alias found by
ocfs2_find_local_alias, so kmalloc
a new ocfs2_dentry_lock structure
to local variable "dl", dl1

               .....

                                    (B1) enter ocfs2_dentry_attach_lock,
                                    seeing dentry->d_fsdata is NULL,
                                    and no alias found by
                                    ocfs2_find_local_alias so kmalloc
                                    a new ocfs2_dentry_lock structure
                                    to local variable "dl", dl2.

                                                   ......

(A2) set dentry->d_fsdata with dl1,
call ocfs2_dentry_lock() and increase
dl1->dl_lockres.l_ro_holders to 1 on
success.
              ......

                                    (B2) set dentry->d_fsdata with dl2
                                    call ocfs2_dentry_lock() and increase
				    dl2->dl_lockres.l_ro_holders to 1 on
				    success.

                                                  ......

(A3) call ocfs2_dentry_unlock()
and decrease
dl2->dl_lockres.l_ro_holders to 0
on success.
             ....

                                    (B3) call ocfs2_dentry_unlock(),
                                    decreasing
				    dl2->dl_lockres.l_ro_holders, but
				    see it's zero now, panic

Link: http://lkml.kernel.org/r/20190529174636.22364-1-wen.gang.wang@oracle.com
Signed-off-by: Wengang Wang <wen.gang.wang@oracle.com>
Reported-by: Daniel Sobe <daniel.sobe@nxp.com>
Tested-by: Daniel Sobe <daniel.sobe@nxp.com>
Reviewed-by: Changwei Ge <gechangwei@live.cn>
Reviewed-by: Joseph Qi <joseph.qi@linux.alibaba.com>
Cc: Mark Fasheh <mark@fasheh.com>
Cc: Joel Becker <jlbec@evilplan.org>
Cc: Junxiao Bi <junxiao.bi@oracle.com>
Cc: Gang He <ghe@suse.com>
Cc: Jun Piao <piaojun@huawei.com>
Cc: <stable@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2020-04-06 19:02:56 +02:00
..
9p 9p locks: add mount option for lock retry interval 2020-04-06 15:20:03 +02:00
adfs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
affs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
afs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
autofs4 A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
befs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
bfs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
btrfs Btrfs: fix race updating log root item during fsync 2020-04-06 18:21:28 +02:00
cachefiles A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
ceph ceph: flush dirty inodes before proceeding with remount 2020-04-06 18:13:58 +02:00
cifs CIFS: cifs_read_allocate_pages: don't iterate through whole page array on ENOMEM 2020-04-06 18:21:41 +02:00
coda A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
configfs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
cramfs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
crypto A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
debugfs debugfs: fix use-after-free on symlink traversal 2020-04-06 16:42:15 +02:00
devpts A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
dlm A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
ecryptfs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
efivarfs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
efs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
exofs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
exportfs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
ext2 A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
ext4 ext4: do not delete unlinked inode from orphan list on failed truncate 2020-04-06 18:14:53 +02:00
f2fs f2fs: fix to do sanity check on valid block count of segment 2020-04-06 19:01:57 +02:00
fat fs/fat/file.c: issue flush after the writeback of FAT 2020-04-06 19:00:52 +02:00
freevxfs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
fscache A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
fuse fuse: retrieve: cap requested size to negotiated max_write 2020-04-06 19:02:05 +02:00
gfs2 gfs2: Fix lru_count going negative 2020-04-06 18:15:29 +02:00
hfs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
hfsplus A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
hostfs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
hpfs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
hugetlbfs hugetlb: use same fault hash key for shared and private mappings 2020-04-06 18:15:12 +02:00
isofs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
jbd2 A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
jffs2 jffs2: fix use-after-free on symlink traversal 2020-04-06 16:42:13 +02:00
jfs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
kernfs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
lockd A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
logfs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
minix A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
ncpfs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
nfs NFS4: Fix v4.0 client state corruption when mount 2020-04-06 18:13:48 +02:00
nfs_common A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
nfsd nfsd: allow fh_want_write to be called twice 2020-04-06 19:02:07 +02:00
nilfs2 A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
nls A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
notify A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
ntfs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
ocfs2 fs/ocfs2: fix race in ocfs2_dentry_attach_lock() 2020-04-06 19:02:56 +02:00
omfs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
openpromfs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
overlayfs ovl: fix uid/gid when creating over whiteout 2020-04-06 15:28:07 +02:00
proc fs/proc/proc_sysctl.c: Fix a NULL pointer dereference 2020-04-06 16:40:32 +02:00
pstore A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
qnx4 A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
qnx6 A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
quota A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
ramfs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
reiserfs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
romfs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
sdcardfs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
sdfat A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
squashfs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
sysfs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
sysv A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
tracefs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
ubifs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
udf udf: Fix crash on IO error during truncate 2020-04-06 10:58:12 +02:00
ufs ufs: fix braino in ufs_get_inode_gid() for solaris UFS flavour 2020-04-06 18:14:41 +02:00
xfs A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
aio.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
anon_inodes.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
attr.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
bad_inode.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
binfmt_aout.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
binfmt_elf_fdpic.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
binfmt_elf.c binfmt_elf: switch to new creds when switching to new mm 2020-04-06 14:52:46 +02:00
binfmt_em86.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
binfmt_flat.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
binfmt_misc.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
binfmt_script.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
block_dev.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
buffer.c fs: fix guard_bio_eod to check for real EOD errors 2020-04-06 14:50:20 +02:00
char_dev.c chardev: add additional check for minor range overlap 2020-04-06 18:19:58 +02:00
compat_binfmt_elf.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
compat_ioctl.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
compat.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
coredump.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
dax.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
dcache.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
dcookies.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
direct-io.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
dlog_hook.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
drop_caches.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
eventfd.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
eventpoll.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
exec.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
fcntl.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
fhandle.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
file_table.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
file.c fs/file.c: initialize init_files.resize_wait 2020-04-06 14:49:46 +02:00
filesystems.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
fs_pin.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
fs_struct.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
fs-writeback.c fs/writeback.c: use rcu_barrier() to wait for inflight wb switches going into workqueue when umount 2020-04-06 18:12:59 +02:00
inode.c writeback: initialize inode members that track writeback history 2020-04-06 12:50:35 +02:00
internal.h A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
ioctl.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
Kconfig A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
Kconfig.binfmt A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
libfs.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
locks.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
Makefile A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
mbcache.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
mount.h A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
mpage.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
namei.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
namespace.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
no-block.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
nsfs.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
open.c fs: stream_open - opener for stream-like files so that read and write can run simultaneously without deadlock 2020-04-06 18:47:45 +02:00
pipe.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
pnode.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
pnode.h A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
posix_acl.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
proc_namespace.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
read_write.c fs: stream_open - opener for stream-like files so that read and write can run simultaneously without deadlock 2020-04-06 18:47:45 +02:00
readdir.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
select.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
seq_file.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
signalfd.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
splice.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
stack.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
stat.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
statfs.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
super.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
sync.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
timerfd.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
userfaultfd.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
utimes.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30
xattr.c A750FXXU4CTBC 2020-03-27 21:51:54 +05:30