* [PATCH] locks: pass correct "before" pointer to locks_unlink_lock in generic_add_lease
@ 2014-08-23 10:36 Jeff Layton
2014-08-23 11:48 ` Christoph Hellwig
0 siblings, 1 reply; 3+ messages in thread
From: Jeff Layton @ 2014-08-23 10:36 UTC (permalink / raw)
To: linux-fsdevel; +Cc: bfields
The argument to locks_unlink_lock can't be just any pointer to a
pointer. It must be a pointer to the fl_next field in the previous
lock in the list.
Cc: <stable@vger.kernel.org> # v3.15+
Signed-off-by: Jeff Layton <jlayton@primarydata.com>
---
fs/locks.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/locks.c b/fs/locks.c
index cb66fb05ad4a..bb08857f90b5 100644
--- a/fs/locks.c
+++ b/fs/locks.c
@@ -1619,7 +1619,7 @@ static int generic_add_lease(struct file *filp, long arg, struct file_lock **flp
smp_mb();
error = check_conflicting_open(dentry, arg);
if (error)
- locks_unlink_lock(flp);
+ locks_unlink_lock(before);
out:
if (is_deleg)
mutex_unlock(&inode->i_mutex);
--
1.9.3
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH] locks: pass correct "before" pointer to locks_unlink_lock in generic_add_lease
2014-08-23 10:36 [PATCH] locks: pass correct "before" pointer to locks_unlink_lock in generic_add_lease Jeff Layton
@ 2014-08-23 11:48 ` Christoph Hellwig
2014-08-23 12:09 ` Jeff Layton
0 siblings, 1 reply; 3+ messages in thread
From: Christoph Hellwig @ 2014-08-23 11:48 UTC (permalink / raw)
To: Jeff Layton; +Cc: linux-fsdevel, bfields
On Sat, Aug 23, 2014 at 06:36:19AM -0400, Jeff Layton wrote:
> The argument to locks_unlink_lock can't be just any pointer to a
> pointer. It must be a pointer to the fl_next field in the previous
> lock in the list.
Looks good,
Reviewed-by: Christoph Hellwig <hch@lst.de>
This might explain some memory corruption I saw in the lease code while
trying out a new creative (ab-)user of the lease code..
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] locks: pass correct "before" pointer to locks_unlink_lock in generic_add_lease
2014-08-23 11:48 ` Christoph Hellwig
@ 2014-08-23 12:09 ` Jeff Layton
0 siblings, 0 replies; 3+ messages in thread
From: Jeff Layton @ 2014-08-23 12:09 UTC (permalink / raw)
To: Christoph Hellwig; +Cc: linux-fsdevel, bfields
On Sat, 23 Aug 2014 04:48:18 -0700
Christoph Hellwig <hch@infradead.org> wrote:
> On Sat, Aug 23, 2014 at 06:36:19AM -0400, Jeff Layton wrote:
> > The argument to locks_unlink_lock can't be just any pointer to a
> > pointer. It must be a pointer to the fl_next field in the previous
> > lock in the list.
>
> Looks good,
>
> Reviewed-by: Christoph Hellwig <hch@lst.de>
>
> This might explain some memory corruption I saw in the lease code while
> trying out a new creative (ab-)user of the lease code..
>
Hmmm maybe. I'd certainly test it out if you have a reproducer...
That locks_unlink_lock should only get called under some very strange
(and rare) circumstances. It was added in commit 24cbe7845ea5
which describes the potential race there. I suppose it's possible but I
had always considered that race to be more in the theoretical category
than anything likely to happen under normal circumstances.
--
Jeff Layton <jlayton@primarydata.com>
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2014-08-23 12:09 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2014-08-23 10:36 [PATCH] locks: pass correct "before" pointer to locks_unlink_lock in generic_add_lease Jeff Layton
2014-08-23 11:48 ` Christoph Hellwig
2014-08-23 12:09 ` Jeff Layton
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.