mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-27 21:03:32 +00:00
Code Issues Releases Wiki Activity
linux-stable/fs/btrfs
History
ChenXiaoSong 3c98e91be6 btrfs: qgroup: fix sleep from invalid context bug in btrfs_qgroup_inherit() 
[ Upstream commit f7e942b5bb ]

Syzkaller reported BUG as follows:

  BUG: sleeping function called from invalid context at
       include/linux/sched/mm.h:274
  Call Trace:
   <TASK>
   dump_stack_lvl+0xcd/0x134
   __might_resched.cold+0x222/0x26b
   kmem_cache_alloc+0x2e7/0x3c0
   update_qgroup_limit_item+0xe1/0x390
   btrfs_qgroup_inherit+0x147b/0x1ee0
   create_subvol+0x4eb/0x1710
   btrfs_mksubvol+0xfe5/0x13f0
   __btrfs_ioctl_snap_create+0x2b0/0x430
   btrfs_ioctl_snap_create_v2+0x25a/0x520
   btrfs_ioctl+0x2a1c/0x5ce0
   __x64_sys_ioctl+0x193/0x200
   do_syscall_64+0x35/0x80

Fix this by calling qgroup_dirty() on @dstqgroup, and update limit item in
btrfs_run_qgroups() later outside of the spinlock context.

CC: stable@vger.kernel.org # 4.9+
Reviewed-by: Qu Wenruo <wqu@suse.com>
Signed-off-by: ChenXiaoSong <chenxiaosong2@huawei.com>
Reviewed-by: David Sterba <dsterba@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2022-12-08 11:16:32 +01:00
..
tests btrfs: selftests: fix wrong error check in btrfs_free_dummy_root() 2022-11-25 17:36:47 +01:00
acl.c Btrfs: setup a nofs context for memory allocation at __btrfs_set_acl 2019-03-23 14:35:21 +01:00
async-thread.c btrfs: fix memory ordering between normal and ordered work functions 2021-11-26 11:40:40 +01:00
async-thread.h Btrfs: fix crash during unmount due to race with delayed inode workers 2020-04-24 08:00:48 +02:00
backref.c btrfs: fix inode list leak during backref walking at resolve_indirect_refs() 2022-11-10 15:47:21 +01:00
backref.h
btrfs_inode.h Btrfs: fix fsync of files with multiple hard links in new directories 2019-01-09 17:14:50 +01:00
check-integrity.c btrfs: fix possible NULL-pointer dereference in integrity checks 2020-02-28 16:36:05 +01:00
check-integrity.h
compression.c btrfs: mark compressed range uptodate only if all bio succeed 2021-08-08 08:53:29 +02:00
compression.h btrfs: correctly validate compression type 2019-09-19 09:08:03 +02:00
ctree.c btrfs: fix race when picking most recent mod log operation for an old root 2021-05-22 10:57:20 +02:00
ctree.h Btrfs: fix unexpected failure of nocow buffered writes after snapshotting when low on space 2020-10-14 09:51:11 +02:00
dedupe.h
delayed-inode.c btrfs: abort transaction if we fail to update the delayed inode 2021-07-20 16:17:32 +02:00
delayed-inode.h
delayed-ref.c Btrfs: fix race between adding and putting tree mod seq elements and nodes 2020-02-14 16:32:19 -05:00
delayed-ref.h
dev-replace.c btrfs: Ensure replaced device doesn't have pending chunk allocation 2019-07-10 09:54:41 +02:00
dev-replace.h
dir-item.c
disk-io.c btrfs: reject log replay if there is unsupported RO compat flag 2022-08-25 11:11:29 +02:00
disk-io.h
export.c btrfs: fix type of parameter generation in btrfs_get_dentry 2022-11-10 15:47:22 +01:00
export.h btrfs: fix type of parameter generation in btrfs_get_dentry 2022-11-10 15:47:22 +01:00
extent-tree.c btrfs: unlock newly allocated extent buffer after error 2022-03-16 12:57:09 +01:00
extent_io.c Btrfs: fix missing error return if writeback for extent buffer never started 2020-11-18 18:27:54 +01:00
extent_io.h btrfs: fix qgroup reserve overflow the qgroup limit 2022-04-20 09:08:30 +02:00
extent_map.c Btrfs: fix race between using extent maps and merging them 2020-02-28 16:35:53 +01:00
extent_map.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
file-item.c btrfs: fix error handling in btrfs_del_csums 2021-06-10 12:43:51 +02:00
file.c btrfs: always wait on ordered extents at fsync time 2021-10-27 09:51:39 +02:00
free-space-cache.c btrfs: clarify error returns values in __load_free_space_cache 2021-03-03 18:22:43 +01:00
free-space-cache.h
free-space-tree.c
free-space-tree.h
hash.c
hash.h
inode-item.c
inode-map.c Btrfs: fix inode cache waiters hanging on path allocation failure 2020-01-27 14:46:46 +01:00
inode-map.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
inode.c Revert "btrfs: compression: don't try to compress if we don't have enough pages" 2021-09-22 11:45:16 +02:00
ioctl.c btrfs: fix metadata extent leak after failure to create subvolume 2021-05-22 10:57:15 +02:00
Kconfig btrfs: disable build on platforms having page size 256K 2021-07-20 16:17:32 +02:00
locking.c
locking.h
lzo.c
Makefile btrfs: Move leaf and node validation checker to tree-checker.c 2018-12-05 19:41:12 +01:00
math.h
ordered-data.c Btrfs: fix btrfs_wait_ordered_range() so that it waits for all ordered extents 2020-02-28 16:36:14 +01:00
ordered-data.h
orphan.c
print-tree.c btrfs: require only sector size alignment for parent eb bytenr 2020-09-23 10:46:30 +02:00
print-tree.h
props.c btrfs: correctly validate compression type 2019-09-19 09:08:03 +02:00
props.h
qgroup.c btrfs: qgroup: fix sleep from invalid context bug in btrfs_qgroup_inherit() 2022-12-08 11:16:32 +01:00
qgroup.h btrfs: qgroup: Avoid calling qgroup functions if qgroup is not enabled 2018-11-13 11:15:13 -08:00
raid56.c btrfs: raid56: don't trust any cached sector in __raid56_parity_recover() 2022-08-25 11:11:35 +02:00
raid56.h
rcu-string.h
reada.c btrfs: fix use-after-free on readahead extent after failure to create it 2020-11-05 11:07:00 +01:00
relocation.c btrfs: convert logic BUG_ON()'s in replace_path to ASSERT()'s 2021-05-22 10:57:17 +02:00
root-tree.c btrfs: Don't panic when we can't find a root key 2019-05-31 06:47:20 -07:00
scrub.c btrfs: don't prematurely free work in scrub_missing_raid56_worker() 2019-12-31 12:37:53 +01:00
send.c btrfs: send: in case of IO error log it 2022-02-23 11:57:33 +01:00
send.h
struct-funcs.c
super.c btrfs: fix transaction leak and crash after RO remount caused by qgroup rescan 2021-01-23 15:48:42 +01:00
sysfs.c btrfs: sysfs: use NOFS for device creation 2020-08-26 10:29:54 +02:00
sysfs.h License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
transaction.c btrfs: clear defrag status of a root if starting transaction fails 2021-07-20 16:17:28 +02:00
transaction.h
tree-checker.c btrfs: tree-checker: Don't check max block group size as current max chunk size limit is unreliable 2018-12-08 13:03:39 +01:00
tree-checker.h btrfs: tree-checker: Fix false panic for sanity test 2018-12-05 19:41:12 +01:00
tree-defrag.c
tree-log.c btrfs: fix lost error handling when looking up extended ref on log replay 2022-08-25 11:11:31 +02:00
tree-log.h
ulist.c
ulist.h
uuid-tree.c btrfs: handle ENOENT in btrfs_uuid_tree_iterate 2019-12-31 12:36:44 +01:00
volumes.c btrfs: repair super block num_devices automatically 2022-06-14 16:53:43 +02:00
volumes.h btrfs: Remove btrfs_bio::flags member 2019-12-17 20:39:16 +01:00
xattr.c btrfs: check if root is readonly while setting security xattr 2022-09-05 10:25:04 +02:00
xattr.h
zlib.c
zstd.c