a7y18lte-ubports/android_kernel_samsung_universal7885
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
d4b7048986
android_kernel_samsung_univ.../fs/ocfs2
History
alex chen b9e22bd828 ocfs2: subsystem.su_mutex is required while accessing the item->ci_parent 
commit 853bc26a7ea39e354b9f8889ae7ad1492ffa28d2 upstream.

The subsystem.su_mutex is required while accessing the item->ci_parent,
otherwise, NULL pointer dereference to the item->ci_parent will be
triggered in the following situation:

add node                     delete node
sys_write
 vfs_write
  configfs_write_file
   o2nm_node_store
    o2nm_node_local_write
                             do_rmdir
                              vfs_rmdir
                               configfs_rmdir
                                mutex_lock(&subsys->su_mutex);
                                unlink_obj
                                 item->ci_group = NULL;
                                 item->ci_parent = NULL;
	 to_o2nm_cluster_from_node
	  node->nd_item.ci_parent->ci_parent
	  BUG since of NULL pointer dereference to nd_item.ci_parent

Moreover, the o2nm_cluster also should be protected by the
subsystem.su_mutex.

[alex.chen@huawei.com: v2]
  Link: http://lkml.kernel.org/r/59EEAA69.9080703@huawei.com
Link: http://lkml.kernel.org/r/59E9B36A.10700@huawei.com
Signed-off-by: Alex Chen <alex.chen@huawei.com>
Reviewed-by: Jun Piao <piaojun@huawei.com>
Reviewed-by: Joseph Qi <jiangqi903@gmail.com>
Cc: Mark Fasheh <mfasheh@versity.com>
Cc: Joel Becker <jlbec@evilplan.org>
Cc: Junxiao Bi <junxiao.bi@oracle.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Salvatore Bonaccorso <carnil@debian.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2018-07-22 14:25:52 +02:00
..
cluster ocfs2: subsystem.su_mutex is required while accessing the item->ci_parent 2018-07-22 14:25:52 +02:00
dlm ocfs2/dlm: don't handle migrate lockres if already in shutdown 2018-05-30 07:49:08 +02:00
dlmfs
acl.c ocfs2/acl: use 'ip_xattr_sem' to protect getting extended attribute 2018-05-30 07:48:55 +02:00
acl.h ocfs2: fix posix_acl_create deadlock 2016-05-18 17:06:44 -07:00
alloc.c ocfs2: fstrim: Fix start offset of first cluster group during fstrim 2017-11-08 10:06:28 +01:00
alloc.h
aops.c fs: add i_blocksize() 2017-06-14 13:16:24 +02:00
aops.h
blockcheck.c
blockcheck.h
buffer_head_io.c ocfs2: clear the rest of the buffers on error 2015-09-04 16:54:41 -07:00
buffer_head_io.h
dcache.c
dcache.h
dir.c ocfs2: neaten do_error, ocfs2_error and ocfs2_abort 2015-09-04 16:54:41 -07:00
dir.h
dlmglue.c ocfs2/dlmglue: prepare tracking logic to avoid recursive cluster lock 2017-10-21 17:09:05 +02:00
dlmglue.h ocfs2/dlmglue: prepare tracking logic to avoid recursive cluster lock 2017-10-21 17:09:05 +02:00
export.c
export.h
extent_map.c ocfs2: neaten do_error, ocfs2_error and ocfs2_abort 2015-09-04 16:54:41 -07:00
extent_map.h
file.c Revert "ocfs2: should wait dio before inode lock in ocfs2_setattr()" 2017-12-09 18:42:43 +01:00
file.h
heartbeat.c
heartbeat.h
inode.c ocfs2: neaten do_error, ocfs2_error and ocfs2_abort 2015-09-04 16:54:41 -07:00
inode.h ocfs2: only take lock if dio entry when recover orphans 2015-11-05 19:34:48 -08:00
ioctl.c ioctl_compat: handle FITRIM 2015-07-09 11:42:21 -07:00
ioctl.h
journal.c ocfs2: return error when we attempt to access a dirty bh in jbd2 2018-05-30 07:48:55 +02:00
journal.h
Kconfig
localalloc.c ocfs2: neaten do_error, ocfs2_error and ocfs2_abort 2015-09-04 16:54:41 -07:00
localalloc.h
locks.c ocfs2: fix flock panic issue 2015-12-29 17:45:49 -08:00
locks.h
Makefile
mmap.c
mmap.h
move_extents.c ocfs2: neaten do_error, ocfs2_error and ocfs2_abort 2015-09-04 16:54:41 -07:00
move_extents.h
namei.c ocfs2: fix posix_acl_create deadlock 2016-05-18 17:06:44 -07:00
namei.h ocfs2: do not include dio entry in case of orphan scan 2015-11-05 19:34:48 -08:00
ocfs1_fs_compat.h
ocfs2_fs.h treewide: fix typos in comment blocks 2015-08-07 14:46:24 +02:00
ocfs2_ioctl.h
ocfs2_lockid.h
ocfs2_lockingver.h
ocfs2_trace.h
ocfs2.h ocfs2/dlmglue: prepare tracking logic to avoid recursive cluster lock 2017-10-21 17:09:05 +02:00
quota_global.c
quota_local.c ocfs2: neaten do_error, ocfs2_error and ocfs2_abort 2015-09-04 16:54:41 -07:00
quota.h
refcounttree.c ocfs2: fix posix_acl_create deadlock 2016-05-18 17:06:44 -07:00
refcounttree.h
reservations.c
reservations.h
resize.c ocfs2: fix BUG when calculate new backup super 2015-12-29 17:45:49 -08:00
resize.h
slot_map.c
slot_map.h
stack_o2cb.c
stack_user.c char: make misc_deregister a void function 2015-08-05 10:35:49 -07:00
stackglue.c ocfs2: fix crash caused by stale lvb with fsdlm plugin 2017-01-19 20:17:19 +01:00
stackglue.h ocfs2: fix crash caused by stale lvb with fsdlm plugin 2017-01-19 20:17:19 +01:00
suballoc.c ocfs2: improve performance for localalloc 2015-11-05 19:34:48 -08:00
suballoc.h
super.c ocfs2: return -EROFS to mount.ocfs2 if inode block is invalid 2018-05-30 07:48:55 +02:00
super.h ocfs2: neaten do_error, ocfs2_error and ocfs2_abort 2015-09-04 16:54:41 -07:00
symlink.c
symlink.h
sysfile.c
sysfile.h
uptodate.c
uptodate.h
xattr.c ocfs2/acl: use 'ip_xattr_sem' to protect getting extended attribute 2018-05-30 07:48:55 +02:00
xattr.h ocfs2: fix posix_acl_create deadlock 2016-05-18 17:06:44 -07:00