mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-13 06:08:07 +00:00
Code Issues Releases Wiki Activity
linux-stable/fs/xfs
History
Dave Chinner 2ad01f53dc xfs: use reference counts to free clean buffer items 
When a transaction is cancelled and the buffer log item is clean in
the transaction, the buffer log item is unconditionally freed. If
the log item is in the AIL, however, this leads to a use after free
condition as the item still has other users.

In this case, xfs_buf_item_relse() should only be called on clean
buffer items if the reference count has dropped to zero. This
ensures only the last user frees the item.

Signed-off-by: Dave Chinner <dchinner@redhat.com>
Reviewed-by: Mark Tinguely <tinguely@sgi.com>
Signed-off-by: Ben Myers <bpm@sgi.com>
2013-08-15 16:42:29 -05:00
..
Kconfig xfs: introduce CONFIG_XFS_WARN 2013-05-07 18:45:36 -05:00
kmem.c
kmem.h
Makefile xfs: Add xfs_log_rlimit.c 2013-08-12 17:49:38 -05:00
mrlock.h xfs: introduce CONFIG_XFS_WARN 2013-05-07 18:45:36 -05:00
time.h
uuid.c
uuid.h
xfs.h xfs: introduce CONFIG_XFS_WARN 2013-05-07 18:45:36 -05:00
xfs_acl.c xfs: convert kuid_t to/from uid_t in ACLs 2013-08-15 14:18:31 -05:00
xfs_acl.h xfs: increase number of ACL entries for V5 superblocks 2013-06-06 10:52:15 -05:00
xfs_ag.h xfs: make struct xfs_perag kernel only 2013-08-12 17:44:36 -05:00
xfs_alloc.c xfs: kill __KERNEL__ check for debug code in allocation code 2013-08-12 16:57:51 -05:00
xfs_alloc.h
xfs_alloc_btree.c xfs: introduce CONFIG_XFS_WARN 2013-05-07 18:45:36 -05:00
xfs_alloc_btree.h xfs: add support for large btree blocks 2013-04-21 14:53:46 -05:00
xfs_aops.c xfs: refactor xfs_trans_reserve() interface 2013-08-12 17:47:34 -05:00
xfs_aops.h
xfs_attr.c xfs: avoid double-free in xfs_attr_node_addname 2013-08-13 15:48:01 -05:00
xfs_attr.h xfs: kill xfs_vnodeops.[ch] 2013-08-12 16:53:39 -05:00
xfs_attr_inactive.c xfs: refactor xfs_trans_reserve() interface 2013-08-12 17:47:34 -05:00
xfs_attr_leaf.c xfs: minor cleanups 2013-08-12 16:46:08 -05:00
xfs_attr_leaf.h xfs: sync minor header differences needed by userspace. 2013-08-12 16:35:41 -05:00
xfs_attr_list.c xfs: split out attribute listing code into separate file 2013-08-12 16:41:29 -05:00
xfs_attr_remote.c xfs: fix issues that cause userspace warnings 2013-08-12 16:52:54 -05:00
xfs_attr_remote.h xfs: rework remote attr CRCs 2013-05-30 17:26:31 -05:00
xfs_attr_sf.h
xfs_bit.c
xfs_bit.h
xfs_bmap.c xfs: refactor xfs_trans_reserve() interface 2013-08-12 17:47:34 -05:00
xfs_bmap.h xfs: remove __KERNEL__ from debug code 2013-08-12 16:58:37 -05:00
xfs_bmap_btree.c xfs: minor cleanups 2013-08-12 16:46:08 -05:00
xfs_bmap_btree.h xfs: check on-disk (not incore) btree root size in dfrag.c 2013-06-20 13:26:09 -05:00
xfs_bmap_util.c xfs: refactor xfs_trans_reserve() interface 2013-08-12 17:47:34 -05:00
xfs_bmap_util.h xfs: consolidate extent swap code 2013-08-12 16:56:06 -05:00
xfs_btree.c xfs: ensure btree root split sets blkno correctly 2013-06-14 15:59:31 -05:00
xfs_btree.h xfs: sync minor header differences needed by userspace. 2013-08-12 16:35:41 -05:00
xfs_buf.c xfs: split out transaction reservation code 2013-08-12 16:36:16 -05:00
xfs_buf.h xfs: use b_maps[] for discontiguous buffers 2013-01-16 16:07:11 -06:00
xfs_buf_item.c xfs: use reference counts to free clean buffer items 2013-08-15 16:42:29 -05:00
xfs_buf_item.h xfs: split out buf log item format definitions 2013-08-12 16:06:37 -05:00
xfs_cksum.h
xfs_da_btree.c xfs: fix issues that cause userspace warnings 2013-08-12 16:52:54 -05:00
xfs_da_btree.h xfs: add buffer types to directory and attribute buffers 2013-04-27 13:01:06 -05:00
xfs_dinode.h xfs: di_flushiter considered harmful 2013-07-24 12:15:23 -05:00
xfs_dir2.c xfs: kill xfs_vnodeops.[ch] 2013-08-12 16:53:39 -05:00
xfs_dir2.h xfs: kill xfs_vnodeops.[ch] 2013-08-12 16:53:39 -05:00
xfs_dir2_block.c xfs: reshuffle dir2 definitions around for userspace 2013-08-12 16:40:57 -05:00
xfs_dir2_data.c xfs: remove __KERNEL__ from debug code 2013-08-12 16:58:37 -05:00
xfs_dir2_format.h xfs: sync minor header differences needed by userspace. 2013-08-12 16:35:41 -05:00
xfs_dir2_leaf.c xfs: remove __KERNEL__ check from xfs_dir2_leaf.c 2013-08-12 16:59:14 -05:00
xfs_dir2_node.c xfs: fix issues that cause userspace warnings 2013-08-12 16:52:54 -05:00
xfs_dir2_priv.h xfs: kill xfs_vnodeops.[ch] 2013-08-12 16:53:39 -05:00
xfs_dir2_readdir.c xfs: reshuffle dir2 definitions around for userspace 2013-08-12 16:40:57 -05:00
xfs_dir2_sf.c xfs: reshuffle dir2 definitions around for userspace 2013-08-12 16:40:57 -05:00
xfs_discard.c xfs: split out transaction reservation code 2013-08-12 16:36:16 -05:00
xfs_discard.h
xfs_dquot.c xfs: refactor xfs_trans_reserve() interface 2013-08-12 17:47:34 -05:00
xfs_dquot.h xfs: Add pquota fields where gquota is used. 2013-07-11 10:35:32 -05:00
xfs_dquot_item.c xfs: return log item size in IOP_SIZE 2013-08-13 16:10:21 -05:00
xfs_dquot_item.h
xfs_error.c xfs: consolidate xfs_utils.c 2013-08-12 16:55:17 -05:00
xfs_error.h
xfs_export.c xfs: kill xfs_vnodeops.[ch] 2013-08-12 16:53:39 -05:00
xfs_export.h
xfs_extent_busy.c
xfs_extent_busy.h
xfs_extfree_item.c xfs: return log item size in IOP_SIZE 2013-08-13 16:10:21 -05:00
xfs_extfree_item.h xfs: split out EFI/EFD log item format definition 2013-08-12 16:07:13 -05:00
xfs_file.c xfs: kill xfs_vnodeops.[ch] 2013-08-12 16:53:39 -05:00
xfs_filestream.c xfs: consolidate xfs_utils.c 2013-08-12 16:55:17 -05:00
xfs_filestream.h xfs: xfs_filestreams.h doesn't need __KERNEL__ 2013-08-12 17:00:11 -05:00
xfs_format.h xfs: split out the remote symlink handling 2013-08-12 16:43:38 -05:00
xfs_fs.h xfs: create internal eofblocks structure with kuid_t types 2013-08-15 14:24:10 -05:00
xfs_fsops.c xfs: refactor xfs_trans_reserve() interface 2013-08-12 17:47:34 -05:00
xfs_fsops.h
xfs_globals.c
xfs_ialloc.c xfs: fix issues that cause userspace warnings 2013-08-12 16:52:54 -05:00
xfs_ialloc.h xfs: Inode create item recovery 2013-06-27 14:26:21 -05:00
xfs_ialloc_btree.c xfs: introduce CONFIG_XFS_WARN 2013-05-07 18:45:36 -05:00
xfs_ialloc_btree.h xfs: add support for large btree blocks 2013-04-21 14:53:46 -05:00
xfs_icache.c xfs: create internal eofblocks structure with kuid_t types 2013-08-15 14:24:10 -05:00
xfs_icache.h xfs: create internal eofblocks structure with kuid_t types 2013-08-15 14:24:10 -05:00
xfs_icreate_item.c xfs: return log item size in IOP_SIZE 2013-08-13 16:10:21 -05:00
xfs_icreate_item.h xfs: separate icreate log format definitions from xfs_icreate_item.h 2013-08-12 16:10:35 -05:00
xfs_inode.c xfs: convert kuid_t to/from uid_t for internal structures 2013-08-15 14:22:40 -05:00
xfs_inode.h xfs: consolidate xfs_utils.c 2013-08-12 16:55:17 -05:00
xfs_inode_buf.c xfs: introduce xfs_inode_buf.c for inode buffer operations 2013-08-12 16:39:05 -05:00
xfs_inode_buf.h xfs: kill xfs_vnodeops.[ch] 2013-08-12 16:53:39 -05:00
xfs_inode_fork.c xfs: consolidate xfs_utils.c 2013-08-12 16:55:17 -05:00
xfs_inode_fork.h xfs: move inode fork definitions to a new header file 2013-08-12 16:37:32 -05:00
xfs_inode_item.c xfs: return log item size in IOP_SIZE 2013-08-13 16:10:21 -05:00
xfs_inode_item.h xfs: split out inode log item format definition 2013-08-12 16:05:19 -05:00
xfs_inum.h
xfs_ioctl.c xfs: add capability check to free eofblocks ioctl 2013-08-15 14:25:01 -05:00
xfs_ioctl.h xfs: consolidate extent swap code 2013-08-12 16:56:06 -05:00
xfs_ioctl32.c xfs: consolidate extent swap code 2013-08-12 16:56:06 -05:00
xfs_ioctl32.h
xfs_iomap.c xfs: refactor xfs_trans_reserve() interface 2013-08-12 17:47:34 -05:00
xfs_iomap.h
xfs_iops.c xfs: convert kuid_t to/from uid_t for internal structures 2013-08-15 14:22:40 -05:00
xfs_iops.h xfs: kill xfs_vnodeops.[ch] 2013-08-12 16:53:39 -05:00
xfs_itable.c xfs: clean up unused codes at xfs_bulkstat() 2013-07-09 15:36:21 -05:00
xfs_itable.h
xfs_linux.h xfs: create wrappers for converting kuid_t to/from uid_t 2013-08-15 14:17:34 -05:00
xfs_log.c xfs: Validate log space at mount time 2013-08-12 17:50:35 -05:00
xfs_log.h xfs: Reduce allocations during CIL insertion 2013-08-13 16:12:30 -05:00
xfs_log_cil.c xfs: split the CIL lock 2013-08-13 16:21:21 -05:00
xfs_log_format.h xfs: Add xfs_log_rlimit.c 2013-08-12 17:49:38 -05:00
xfs_log_priv.h xfs: split the CIL lock 2013-08-13 16:21:21 -05:00
xfs_log_recover.c xfs:free bp in xlog_find_tail() error path 2013-08-13 15:49:51 -05:00
xfs_log_recover.h
xfs_log_rlimit.c xfs: call roundup_64() to calculate the min_logblks 2013-08-13 14:19:11 -05:00
xfs_message.c xfs: introduce CONFIG_XFS_WARN 2013-05-07 18:45:36 -05:00
xfs_message.h xfs: introduce CONFIG_XFS_WARN 2013-05-07 18:45:36 -05:00
xfs_mount.c xfs: refactor xfs_trans_reserve() interface 2013-08-12 17:47:34 -05:00
xfs_mount.h xfs: Introduce a new structure to hold transaction reservation items 2013-08-12 17:45:49 -05:00
xfs_mru_cache.c
xfs_mru_cache.h
xfs_qm.c xfs: convert kuid_t to/from uid_t for internal structures 2013-08-15 14:22:40 -05:00
xfs_qm.h xfs: Add pquota fields where gquota is used. 2013-07-11 10:35:32 -05:00
xfs_qm_bhv.c xfs: separate dquot on disk format definitions out of xfs_quota.h 2013-08-12 16:09:52 -05:00
xfs_qm_syscalls.c xfs: refactor xfs_trans_reserve() interface 2013-08-12 17:47:34 -05:00
xfs_quota.h xfs: convert kuid_t to/from uid_t for internal structures 2013-08-15 14:22:40 -05:00
xfs_quota_defs.h xfs: introduce xfs_quota_defs.h 2013-08-12 16:20:18 -05:00
xfs_quota_priv.h
xfs_quotaops.c xfs: split out transaction reservation code 2013-08-12 16:36:16 -05:00
xfs_rtalloc.c xfs: refactor xfs_trans_reserve() interface 2013-08-12 17:47:34 -05:00
xfs_rtalloc.h xfs: introduce xfs_rtalloc_defs.h 2013-08-12 16:13:10 -05:00
xfs_sb.c xfs: introduce xfs_sb.c for sharing with libxfs 2013-08-12 16:44:11 -05:00
xfs_sb.h xfs: don't special case shared superblock mounts 2013-08-12 16:57:16 -05:00
xfs_stats.c
xfs_stats.h
xfs_super.c xfs: consolidate xfs_utils.c 2013-08-12 16:55:17 -05:00
xfs_super.h
xfs_symlink.c xfs: convert kuid_t to/from uid_t for internal structures 2013-08-15 14:22:40 -05:00
xfs_symlink.h xfs: split out the remote symlink handling 2013-08-12 16:43:38 -05:00
xfs_symlink_remote.c xfs: make struct xfs_perag kernel only 2013-08-12 17:44:36 -05:00
xfs_sysctl.c xfs: Convert use of typedef ctl_table to struct ctl_table 2013-06-17 17:42:25 -05:00
xfs_sysctl.h
xfs_trace.c xfs: separate dquot on disk format definitions out of xfs_quota.h 2013-08-12 16:09:52 -05:00
xfs_trace.h xfs: update for 3.11-rc1 2013-07-09 12:29:12 -07:00
xfs_trans.c xfs: refactor xfs_trans_reserve() interface 2013-08-12 17:47:34 -05:00
xfs_trans.h xfs: avoid CIL allocation during insert 2013-08-13 16:19:03 -05:00
xfs_trans_ail.c xfs remove the XFS_TRANS_DEBUG routines 2012-12-17 16:29:00 -06:00
xfs_trans_buf.c xfs: Introduce an ordered buffer item 2013-06-27 13:33:11 -05:00
xfs_trans_dquot.c xfs: separate dquot on disk format definitions out of xfs_quota.h 2013-08-12 16:09:52 -05:00
xfs_trans_extfree.c
xfs_trans_inode.c xfs: implement inode change count 2013-06-28 13:00:05 -05:00
xfs_trans_priv.h xfs: sync minor header differences needed by userspace. 2013-08-12 16:35:41 -05:00
xfs_trans_resv.c xfs: refactor xfs_trans_reserve() interface 2013-08-12 17:47:34 -05:00
xfs_trans_resv.h xfs: Get rid of all XFS_XXX_LOG_RES() macro 2013-08-12 17:48:08 -05:00
xfs_trans_space.h
xfs_types.h xfs: move kernel specific type definitions to xfs.h 2013-08-12 17:04:08 -05:00
xfs_vnode.h
xfs_xattr.c xfs: kill xfs_vnodeops.[ch] 2013-08-12 16:53:39 -05:00