From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
stable@vger.kernel.org, Jeff Mahoney <jeffm@suse.com>,
Jan Kara <jack@suse.cz>
Subject: [PATCH 3.4 29/43] reiserfs: fix race in readdir
Date: Sun, 4 May 2014 11:42:23 -0400 [thread overview]
Message-ID: <20140504154228.222208999@linuxfoundation.org> (raw)
In-Reply-To: <20140504154224.211508175@linuxfoundation.org>
3.4-stable review patch. If anyone has any objections, please let me know.
------------------
From: Jeff Mahoney <jeffm@suse.com>
commit 01d8885785a60ae8f4c37b0ed75bdc96d0fc6a44 upstream.
jdm-20004 reiserfs_delete_xattrs: Couldn't delete all xattrs (-2)
The -ENOENT is due to readdir calling dir_emit on the same entry twice.
If the dir_emit callback sleeps and the tree is changed underneath us,
we won't be able to trust deh_offset(deh) anymore. We need to save
next_pos before we might sleep so we can find the next entry.
Signed-off-by: Jeff Mahoney <jeffm@suse.com>
Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
fs/reiserfs/dir.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
--- a/fs/reiserfs/dir.c
+++ b/fs/reiserfs/dir.c
@@ -128,6 +128,7 @@ int reiserfs_readdir_dentry(struct dentr
char *d_name;
off_t d_off;
ino_t d_ino;
+ loff_t cur_pos = deh_offset(deh);
if (!de_visible(deh))
/* it is hidden entry */
@@ -200,8 +201,9 @@ int reiserfs_readdir_dentry(struct dentr
if (local_buf != small_buf) {
kfree(local_buf);
}
- // next entry should be looked for with such offset
- next_pos = deh_offset(deh) + 1;
+
+ /* deh_offset(deh) may be invalid now. */
+ next_pos = cur_pos + 1;
if (item_moved(&tmp_ih, &path_to_entry)) {
goto research;
next prev parent reply other threads:[~2014-05-04 15:47 UTC|newest]
Thread overview: 48+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-05-04 15:41 [PATCH 3.4 00/43] 3.4.89-stable review Greg Kroah-Hartman
2014-05-04 15:41 ` [PATCH 3.4 01/43] ASoC: cs42l73: Fix mask bits for SOC_VALUE_ENUM_SINGLE Greg Kroah-Hartman
2014-05-04 15:41 ` [PATCH 3.4 02/43] ARM: OMAP2+: INTC: Acknowledge stuck active interrupts Greg Kroah-Hartman
2014-05-04 15:41 ` [PATCH 3.4 03/43] ARM: OMAP3: hwmod data: Correct clock domains for USB modules Greg Kroah-Hartman
2014-05-04 15:41 ` [PATCH 3.4 04/43] ARM: 8027/1: fix do_div() bug in big-endian systems Greg Kroah-Hartman
2014-05-04 15:41 ` [PATCH 3.4 05/43] ARM: 8030/1: ARM : kdump : add arch_crash_save_vmcoreinfo Greg Kroah-Hartman
2014-05-04 15:42 ` [PATCH 3.4 06/43] ALSA: hda - Enable beep for ASUS 1015E Greg Kroah-Hartman
2014-05-04 15:42 ` [PATCH 3.4 07/43] ALSA: ice1712: Fix boundary checks in PCM pointer ops Greg Kroah-Hartman
2014-05-04 15:42 ` [PATCH 3.4 08/43] mfd: max8925: Fix possible NULL pointer dereference on i2c_new_dummy error Greg Kroah-Hartman
2014-05-04 15:42 ` [PATCH 3.4 09/43] mfd: max8998: " Greg Kroah-Hartman
2014-05-04 15:42 ` [PATCH 3.4 10/43] mfd: max8997: " Greg Kroah-Hartman
2014-05-04 15:42 ` [PATCH 3.4 11/43] w1: fix w1_send_slave dropping a slave id Greg Kroah-Hartman
2014-05-04 15:42 ` [PATCH 3.4 12/43] staging:serqt_usb2: Fix sparse warning restricted __le16 degrades to integer Greg Kroah-Hartman
2014-05-04 15:42 ` [PATCH 3.4 13/43] staging: r8712u: Fix case where ethtype was never obtained and always be checked against 0 Greg Kroah-Hartman
2014-05-04 15:42 ` [PATCH 3.4 14/43] x86-64, modify_ldt: Ban 16-bit segments on 64-bit kernels Greg Kroah-Hartman
2014-05-04 15:42 ` [PATCH 3.4 15/43] USB: fix crash during hotplug of PCI USB controller card Greg Kroah-Hartman
2014-05-04 15:42 ` [PATCH 3.4 16/43] nfsd4: session needs room for following op to error out Greg Kroah-Hartman
2014-05-04 15:42 ` [PATCH 3.4 17/43] nfsd4: buffer-length check for SUPPATTR_EXCLCREAT Greg Kroah-Hartman
2014-05-04 15:42 ` [PATCH 3.4 18/43] nfsd4: fix test_stateid error reply encoding Greg Kroah-Hartman
2014-05-04 15:42 ` [PATCH 3.4 19/43] nfsd: notify_change needs elevated write count Greg Kroah-Hartman
2014-05-04 15:42 ` [PATCH 3.4 20/43] nfsd4: fix setclientid encode size Greg Kroah-Hartman
2014-05-04 15:42 ` [PATCH 3.4 21/43] IB/ipath: Fix potential buffer overrun in sending diag packet routine Greg Kroah-Hartman
2014-05-04 15:42 ` [PATCH 3.4 22/43] IB/nes: Return an error on ib_copy_from_udata() failure instead of NULL Greg Kroah-Hartman
2014-05-04 15:42 ` [PATCH 3.4 23/43] IB/mthca: Return an error on ib_copy_to_udata() failure Greg Kroah-Hartman
2014-05-04 15:42 ` [PATCH 3.4 24/43] IB/ehca: Returns " Greg Kroah-Hartman
2014-05-04 15:42 ` [PATCH 3.4 25/43] ib_srpt: Use correct ib_sg_dma primitives Greg Kroah-Hartman
2014-05-04 15:42 ` [PATCH 3.4 26/43] SCSI: arcmsr: upper 32 of dma address lost Greg Kroah-Hartman
2014-05-04 15:42 ` [PATCH 3.4 27/43] iscsi-target: Fix ERL=2 ASYNC_EVENT connection pointer bug Greg Kroah-Hartman
2014-05-04 15:42 ` [PATCH 3.4 28/43] target/tcm_fc: Fix use-after-free of ft_tpg Greg Kroah-Hartman
2014-05-04 15:42 ` Greg Kroah-Hartman [this message]
2014-05-04 15:42 ` [PATCH 3.4 30/43] usb: musb: set TXMAXP and AUTOSET for full speed bulk in device mode Greg Kroah-Hartman
2014-05-04 15:42 ` [PATCH 3.4 31/43] xhci: extend quirk for Renesas cards Greg Kroah-Hartman
2014-05-04 15:42 ` [PATCH 3.4 32/43] usb/xhci: fix compilation warning when !CONFIG_PCI && !CONFIG_PM Greg Kroah-Hartman
2014-05-04 15:42 ` [PATCH 3.4 33/43] usb: dwc3: fix wrong bit mask in dwc3_event_devt Greg Kroah-Hartman
2014-05-04 15:42 ` [PATCH 3.4 34/43] hvc: ensure hvc_init is only ever called once in hvc_console.c Greg Kroah-Hartman
2014-05-04 15:42 ` [PATCH 3.4 35/43] USB: unbind all interfaces before rebinding any Greg Kroah-Hartman
2014-05-04 15:42 ` [PATCH 3.4 36/43] sh: fix format string bug in stack tracer Greg Kroah-Hartman
2014-05-04 15:42 ` [PATCH 3.4 37/43] mm: hugetlb: fix softlockup when a large number of hugepages are freed Greg Kroah-Hartman
2014-05-04 15:42 ` [PATCH 3.4 38/43] hung_task: check the value of "sysctl_hung_task_timeout_sec" Greg Kroah-Hartman
2014-05-04 15:42 ` [PATCH 3.4 39/43] ocfs2: dlm: fix lock migration crash Greg Kroah-Hartman
2014-05-04 15:42 ` [PATCH 3.4 40/43] ocfs2: dlm: fix recovery hung Greg Kroah-Hartman
2014-05-04 15:42 ` [PATCH 3.4 41/43] ocfs2: do not put bh when buffer_uptodate failed Greg Kroah-Hartman
2014-05-04 15:42 ` [PATCH 3.4 42/43] ext4: use i_size_read in ext4_unaligned_aio() Greg Kroah-Hartman
2014-05-04 15:42 ` [PATCH 3.4 43/43] USB: pl2303: add ids for Hewlett-Packard HP POS pole displays Greg Kroah-Hartman
2014-05-04 15:55 ` [PATCH 3.4 00/43] 3.4.89-stable review Guenter Roeck
2014-05-04 16:09 ` Greg Kroah-Hartman
2014-05-06 14:00 ` Shuah Khan
2014-05-06 14:50 ` Greg Kroah-Hartman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140504154228.222208999@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=jack@suse.cz \
--cc=jeffm@suse.com \
--cc=linux-kernel@vger.kernel.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.