A fix for a potential use-after-free, a patch to close a (mostly benign)

race in the messenger and a licence clarification for quota.c.
 -----BEGIN PGP SIGNATURE-----
 
 iQFHBAABCAAxFiEEydHwtzie9C7TfviiSn/eOAIR84sFAlxJ3K8THGlkcnlvbW92
 QGdtYWlsLmNvbQAKCRBKf944AhHzi1lOB/0TBU39AKY7ivUXjv18v+0Yrb89lZF0
 i5G0ZiyY5Ho2TZlOiPeJ7C7e/WPwJYsnaeQbc9raALFi4Xz4RKpkazUGVbioI0CX
 5RS+6dXSf8YfENlxRF5N5UiTUPcs3PZMV82LxRwic4kMsX9TTkNnLQYfPmPDRd7z
 yJHVKHsLjnrnoEn+wOIbBd2/ehQ14DLnYpkiYvHhgK06fsCxTPYLUgBuF33nrgT1
 Xj8pbRzUrTt4vKQ4oOHcLpByYeQUhxM33KWuovuxT9A1dRWUvSjWpa955m896hWH
 +b9jqA+ENHQtDs9v7kbu8oprU3B2mk41gdQhGOVu9N33LHHJk7KVxPX+
 =JmE5
 -----END PGP SIGNATURE-----

Merge tag 'ceph-for-5.0-rc4' of git://github.com/ceph/ceph-client

Pull ceph fixes from Ilya Dryomov:
 "A fix for a potential use-after-free, a patch to close a (mostly
  benign) race in the messenger and a licence clarification for quota.c"

* tag 'ceph-for-5.0-rc4' of git://github.com/ceph/ceph-client:
  ceph: quota: cleanup license mess
  libceph: avoid KEEPALIVE_PENDING races in ceph_con_keepalive()
  ceph: clear inode pointer when snap realm gets dropped by its inode
This commit is contained in:
Linus Torvalds 2019-01-25 05:59:22 +13:00
commit 22a89a6b88
3 changed files with 5 additions and 15 deletions

View File

@ -1035,6 +1035,8 @@ static void drop_inode_snap_realm(struct ceph_inode_info *ci)
list_del_init(&ci->i_snap_realm_item);
ci->i_snap_realm_counter++;
ci->i_snap_realm = NULL;
if (realm->ino == ci->i_vino.ino)
realm->inode = NULL;
spin_unlock(&realm->inodes_with_caps_lock);
ceph_put_snap_realm(ceph_sb_to_client(ci->vfs_inode.i_sb)->mdsc,
realm);

View File

@ -3,19 +3,6 @@
* quota.c - CephFS quota
*
* Copyright (C) 2017-2018 SUSE
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, see <http://www.gnu.org/licenses/>.
*/
#include <linux/statfs.h>

View File

@ -3206,9 +3206,10 @@ void ceph_con_keepalive(struct ceph_connection *con)
dout("con_keepalive %p\n", con);
mutex_lock(&con->mutex);
clear_standby(con);
con_flag_set(con, CON_FLAG_KEEPALIVE_PENDING);
mutex_unlock(&con->mutex);
if (con_flag_test_and_set(con, CON_FLAG_KEEPALIVE_PENDING) == 0 &&
con_flag_test_and_set(con, CON_FLAG_WRITE_PENDING) == 0)
if (con_flag_test_and_set(con, CON_FLAG_WRITE_PENDING) == 0)
queue_con(con);
}
EXPORT_SYMBOL(ceph_con_keepalive);