xfs_buf_rele(): xfs: fix use-after-free race in xfs_buf_rele

xfs_buf_rele(): xfs: fix use-after-free race in xfs_buf_rele

[Alex Lyakas]

Hi Dave,

This commit
[37fd1678245f7a5898c1b05128bc481fb403c290 xfs: fix use-after-free race in 
xfs_buf_rele]
fixes a use-after-free issue.

We are looking at XFS buffer cache + LRU code in kernel 4.14, while the 
above fix arrived in kernel 4.19. Do you think this fix should be backported 
to stable kernels?

Thanks,
Alex.

Re: xfs_buf_rele(): xfs: fix use-after-free race in xfs_buf_rele

[Dave Chinner]

On Sun, Nov 03, 2019 at 08:24:21PM +0200, Alex Lyakas wrote:
> Hi Dave,
> 
> This commit
> [37fd1678245f7a5898c1b05128bc481fb403c290 xfs: fix use-after-free race in
> xfs_buf_rele]
> fixes a use-after-free issue.
> 
> We are looking at XFS buffer cache + LRU code in kernel 4.14, while the
> above fix arrived in kernel 4.19. Do you think this fix should be backported
> to stable kernels?

IIRC it was pretty difficult to exercise the bug in the first place,
and it was hit because of another bug that was fixed (referenced in
the above commit). There's no real point in fixing this without
fixing the referenced bug, as the referenced bug was the one that
caused all the actual problems...

Cheers,

Dave.
-- 
Dave Chinner
david@fromorbit.com