redonkable
/
alistair23-linux
1
0
Fork 0
Code Releases Activity
alistair23-linux/fs/ceph
History
Luis Henriques f22f743a2a ceph: fix race in concurrent __ceph_remove_cap invocations 
commit e5cafce3ad upstream.

A NULL pointer dereference may occur in __ceph_remove_cap with some of the
callbacks used in ceph_iterate_session_caps, namely trim_caps_cb and
remove_session_caps_cb. Those callers hold the session->s_mutex, so they
are prevented from concurrent execution, but ceph_evict_inode does not.

Since the callers of this function hold the i_ceph_lock, the fix is simply
a matter of returning immediately if caps->ci is NULL.

Cc: stable@vger.kernel.org
URL: https://tracker.ceph.com/issues/43272
Suggested-by: Jeff Layton <jlayton@kernel.org>
Signed-off-by: Luis Henriques <lhenriques@suse.de>
Reviewed-by: Jeff Layton <jlayton@kernel.org>
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 		2020-12-30 11:51:40 +01:00
..
Kconfig ceph: add selinux support 2019-07-08 14:01:42 +02:00
Makefile ceph: add buffered/direct exclusionary locking for reads and writes 2019-09-16 12:06:25 +02:00
acl.c ceph: rename struct ceph_acls_info to ceph_acl_sec_ctx 2019-07-08 14:01:42 +02:00
addr.c ceph: promote to unsigned long long before shifting 2020-11-05 11:43:34 +01:00
cache.c ceph: include ceph_debug.h in cache.c 2019-09-16 12:06:25 +02:00
cache.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 188 2019-05-30 11:29:21 -07:00
caps.c ceph: fix race in concurrent __ceph_remove_cap invocations 2020-12-30 11:51:40 +01:00
ceph_frag.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
debugfs.c ceph: don't return a value from void function 2019-09-16 12:06:25 +02:00
dir.c ceph: set sec_context xattr on symlink creation 2020-08-21 13:05:28 +02:00
export.c ceph: don't return -ESTALE if there's still an open file 2020-06-24 17:50:37 +02:00
file.c ceph: don't allow setlease on cephfs 2020-09-09 19:12:21 +02:00
inode.c ceph: ensure we have a new cap before continuing in fill_inode 2020-10-01 13:17:29 +02:00
io.c ceph: add buffered/direct exclusionary locking for reads and writes 2019-09-16 12:06:25 +02:00
io.h ceph: add buffered/direct exclusionary locking for reads and writes 2019-09-16 12:06:25 +02:00
ioctl.c libceph, ceph: move ceph_calc_file_object_mapping() to striper.c 2018-04-02 10:12:43 +02:00
ioctl.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
locks.c ceph: return -EIO if read/write against filp that lost file locks 2019-09-16 12:06:24 +02:00
mds_client.c ceph: fix potential mdsc use-after-free crash 2020-09-03 11:26:47 +02:00
mds_client.h ceph: eliminate session->s_trim_caps 2019-09-16 12:06:24 +02:00
mdsmap.c ceph: have MDS map decoding use entity_addr_t decoder 2019-07-08 14:01:43 +02:00
quota.c ceph: demote quotarealm lookup warning to a debug message 2020-05-14 07:58:27 +02:00
snap.c ceph: fix memory leak in ceph_cleanup_snapid_map() 2020-04-01 11:01:59 +02:00
strings.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
super.c ceph: canonicalize server path in place 2020-04-13 10:48:11 +02:00
super.h ceph: canonicalize server path in place 2020-04-13 10:48:11 +02:00
xattr.c ceph: allow arbitrary security.* xattrs 2019-09-16 12:06:25 +02:00