mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-09-28 13:22:57 +00:00
Code Issues Releases Wiki Activity
linux-stable/fs
History
Al Viro 59199c04b7 make sure that __dentry_kill() always invalidates d_seq, unhashed or not 
commit 4c0d7cd5c8 upstream.

RCU pathwalk relies upon the assumption that anything that changes
->d_inode of a dentry will invalidate its ->d_seq.  That's almost
true - the one exception is that the final dput() of already unhashed
dentry does *not* touch ->d_seq at all.  Unhashing does, though,
so for anything we'd found by RCU dcache lookup we are fine.
Unfortunately, we can *start* with an unhashed dentry or jump into
it.

We could try and be careful in the (few) places where that could
happen.  Or we could just make the final dput() invalidate the damn
thing, unhashed or not.  The latter is much simpler and easier to
backport, so let's do it that way.

Reported-by: "Dae R. Jeong" <threeearcat@gmail.com>
Cc: stable@vger.kernel.org
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2018-08-15 18:14:42 +02:00
..
9p fs/9p: Compare qid.path in v9fs_test_inode 2017-11-30 08:39:05 +00:00
adfs Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2016-10-10 20:16:43 -07:00
affs affs_lookup(): close a race with affs_remove_link() 2018-05-30 07:50:16 +02:00
afs afs: Fix abort on signal while waiting for call completion 2017-12-20 10:07:25 +01:00
autofs4 autofs: mount point create should honour passed in mode 2018-04-24 09:34:18 +02:00
befs befs fixes for 4.9-rc1 2016-10-15 12:09:13 -07:00
bfs Merge remote-tracking branch 'ovl/rename2' into for-linus 2016-10-10 23:02:51 -04:00
btrfs Btrfs: fix file data corruption after cloning a range and fsync 2018-08-09 12:18:00 +02:00
cachefiles Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2016-10-10 20:16:43 -07:00
ceph ceph: fix dentry leak when failing to init debugfs 2018-05-30 07:50:32 +02:00
cifs cifs: Fix infinite loop when using hard mount option 2018-07-11 16:26:43 +02:00
coda coda: fix 'kernel memory exposure attempt' in fsync 2017-11-24 08:33:42 +01:00
configfs configfs: Fix race between create_link and configfs_rmdir 2017-06-24 07:11:12 +02:00
cramfs
crypto fscrypt: use unbound workqueue for decryption 2018-08-03 07:55:20 +02:00
debugfs dentry name snapshots 2017-08-06 18:59:43 -07:00
devpts Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2016-10-10 20:16:43 -07:00
dlm dlm: avoid double-free on error path in dlm_device_{register,unregister} 2017-09-09 17:39:40 +02:00
ecryptfs do d_instantiate/unlock_new_inode combinations safely 2018-05-30 07:50:16 +02:00
efivarfs Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2016-10-10 20:16:43 -07:00
efs
exofs fs: exofs: print a hex number after a 0x prefix 2016-10-27 18:43:43 -07:00
exportfs exportfs: be careful to only return expected errors. 2016-10-06 09:07:44 -04:00
ext2 do d_instantiate/unlock_new_inode combinations safely 2018-05-30 07:50:16 +02:00
ext4 ext4: fix check to prevent initializing reserved inodes 2018-08-15 18:14:41 +02:00
f2fs f2fs: fix race in between GC and atomic open 2018-08-03 07:55:15 +02:00
fat fat: fix memory allocation failure handling of match_strdup() 2018-07-25 11:23:58 +02:00
freevxfs
fscache fscache: Fix hanging wait on page discarded by writeback 2018-05-30 07:50:41 +02:00
fuse fuse: fix control dir setup and teardown 2018-07-03 11:23:07 +02:00
gfs2 gfs2: Fix fallocate chunk size 2018-05-30 07:50:47 +02:00
hfs Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2016-10-10 20:16:43 -07:00
hfsplus hfsplus: stop workqueue when fill_super() failed 2018-05-25 16:12:59 +02:00
hostfs Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2016-10-10 20:16:43 -07:00
hpfs Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2016-10-10 20:16:43 -07:00
hugetlbfs hugetlbfs: initialize shared policy as part of inode allocation 2017-10-08 10:26:09 +02:00
isofs isofs: fix timestamps beyond 2027 2017-11-30 08:39:04 +00:00
jbd2 jbd2: don't mark block as modified if the handle is out of credits 2018-07-11 16:26:44 +02:00
jffs2 jffs2: Fix use-after-free bug in jffs2_iget()'s error handling path 2018-05-30 07:50:22 +02:00
jfs jfs: Fix inconsistency between memory allocation and ea_buf->max_size 2018-08-09 12:18:00 +02:00
kernfs kernfs: fix regression in kernfs_fop_write caused by wrong type 2018-02-17 13:21:15 +01:00
lockd lockd: lost rollback of set_grace_period() in lockd_down_net() 2018-05-19 10:27:00 +02:00
logfs Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2016-10-10 20:16:43 -07:00
minix Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2016-10-10 20:16:43 -07:00
ncpfs staging: ncpfs: memory corruption in ncp_read_kernel() 2018-03-28 18:39:23 +02:00
nfs pnfs: Don't release the sequence slot until we've processed layoutget on open 2018-08-03 07:55:14 +02:00
nfs_common lockd: fix "list_add double add" caused by legacy signal interface 2018-02-03 17:05:38 +01:00
nfsd nfsd: fix potential use-after-free in nfsd4_decode_getdeviceinfo 2018-08-03 07:55:13 +02:00
nilfs2 do d_instantiate/unlock_new_inode combinations safely 2018-05-30 07:50:16 +02:00
nls
notify fanotify: fix logic of events on child 2018-04-24 09:34:18 +02:00
ntfs fs: remove the never implemented aio_fsync file operation 2016-10-30 13:09:42 -04:00
ocfs2 ocfs2: ip_alloc_sem should be taken in ocfs2_get_block() 2018-07-22 14:27:35 +02:00
omfs Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2016-10-10 20:16:43 -07:00
openpromfs fs: Replace CURRENT_TIME with current_time() for inode timestamps 2016-09-27 21:06:21 -04:00
orangefs orangefs: set i_size on new symlink 2018-06-26 08:08:08 +08:00
overlayfs ovl: filter trusted xattr for non-admin 2018-04-13 19:48:12 +02:00
proc fs/proc/proc_sysctl.c: fix potential page fault while unregistering sysctl table 2018-05-30 07:50:40 +02:00
pstore pstore: Use dynamic spinlock initializer 2017-08-06 18:59:43 -07:00
qnx4
qnx6
quota quota: Check for register_shrinker() failure. 2018-02-03 17:05:39 +01:00
ramfs Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2016-10-10 20:16:43 -07:00
reiserfs reiserfs: fix buffer overflow with long warning messages 2018-07-22 14:27:39 +02:00
romfs romfs: use different way to generate fsid for BLOCK or MTD 2017-06-17 06:41:56 +02:00
squashfs squashfs: more metadata hardenings 2018-08-06 16:23:03 +02:00
sysfs sysfs: be careful of error returns from ops->show() 2017-04-12 12:41:11 +02:00
sysv Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2016-10-10 20:16:43 -07:00
tracefs fs: Replace CURRENT_TIME with current_time() for inode timestamps 2016-09-27 21:06:21 -04:00
ubifs UBIFS: Fix potential integer overflow in allocation 2018-07-03 11:23:14 +02:00
udf udf: Detect incorrect directory size 2018-07-03 11:23:17 +02:00
ufs do d_instantiate/unlock_new_inode combinations safely 2018-05-30 07:50:16 +02:00
xfs xfs: detect agfl count corruption and reset agfl 2018-06-06 16:44:32 +02:00
aio.c fix io_destroy()/aio_complete() race 2018-06-06 16:44:38 +02:00
anon_inodes.c
attr.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs 2016-10-10 20:16:43 -07:00
bad_inode.c bad_inode: add missing i_op initializers 2017-01-09 08:32:24 +01:00
binfmt_aout.c
binfmt_elf.c fs, elf: make sure to page align bss in load_elf_library 2018-07-17 11:37:53 +02:00
binfmt_elf_fdpic.c
binfmt_em86.c
binfmt_flat.c
binfmt_misc.c fs/binfmt_misc.c: do not allow offset overflow 2018-06-26 08:08:09 +08:00
binfmt_script.c
block_dev.c fs/mpage.c: fix mpage_writepage() for pages with buffers 2017-10-18 09:35:39 +02:00
buffer.c fs: add i_blocksize() 2017-06-14 15:06:00 +02:00
char_dev.c dax: define a unified inode/address_space for device-dax mappings 2016-08-23 22:58:51 -07:00
compat.c compat: remove compat_printk() 2016-09-27 21:20:53 -04:00
compat_binfmt_elf.c binfmt_elf: compat: avoid unused function warning 2018-02-25 11:05:55 +01:00
compat_ioctl.c fs: compat: Remove warning from COMPATIBLE_IOCTL 2018-04-08 12:12:44 +02:00
coredump.c coredump: Ensure proper size of sparse core files 2017-07-05 14:40:26 +02:00
dax.c fs/dax.c: fix inefficiency in dax_writeback_mapping_range() 2018-02-28 10:18:33 +01:00
dcache.c make sure that __dentry_kill() always invalidates d_seq, unhashed or not 2018-08-15 18:14:42 +02:00
dcookies.c
direct-io.c direct-io: Prevent NULL pointer access in submit_page_section 2017-10-18 09:35:41 +02:00
drop_caches.c
eventfd.c
eventpoll.c epoll: fix race between ep_poll_callback(POLLFREE) and ep_free()/ep_remove() 2017-09-07 08:35:41 +02:00
exec.c exec: avoid gcc-8 warning for get_task_comm 2018-07-28 07:49:14 +02:00
fcntl.c fs/fcntl: f_setown, avoid undefined behaviour 2018-01-31 12:55:52 +01:00
fhandle.c
file.c fs/file: more unsigned file descriptors 2016-09-27 18:47:38 -04:00
file_table.c
filesystems.c
fs-writeback.c bdi: Fix oops in wb_workfn() 2018-05-16 10:08:42 +02:00
fs_pin.c
fs_struct.c
inode.c Fix up non-directory creation in SGID directories 2018-07-17 11:37:53 +02:00
internal.h xfs: evict all inodes involved with log redo item 2017-09-20 08:20:01 +02:00
ioctl.c vfs: cap dedupe request structure size at PAGE_SIZE 2016-09-15 13:29:52 -07:00
iomap.c iomap: fix integer truncation issues in the zeroing and dirtying helpers 2017-09-20 08:19:59 +02:00
Kconfig mm/hugetlb: introduce ARCH_HAS_GIGANTIC_PAGE 2016-10-07 18:46:29 -07:00
Kconfig.binfmt ARM: 8594/1: enable binfmt_flat on systems with an MMU 2016-08-12 16:47:05 +01:00
libfs.c libfs: Modify mount_pseudo_xattr to be clear it is not a userspace mount 2017-12-09 22:01:51 +01:00
locks.c locking, fs/locks: Add missing file_sem locks 2016-10-18 12:21:28 +02:00
Makefile
mbcache.c mbcache: initialize entry->e_referenced in mb_cache_entry_create() 2018-02-22 15:43:48 +01:00
mount.h mnt: In propgate_umount handle visiting mounts in any order 2017-07-21 07:42:22 +02:00
mpage.c fs/mpage.c: fix mpage_writepage() for pages with buffers 2017-10-18 09:35:39 +02:00
namei.c getname_kernel() needs to make sure that ->name != ->iname in long case 2018-04-20 08:21:07 +02:00
namespace.c Don't leak MNT_INTERNAL away from internal mounts 2018-04-24 09:34:18 +02:00
no-block.c
nsfs.c nsfs: mark dentry with DCACHE_RCUACCESS 2018-02-17 13:21:15 +01:00
open.c fs: completely ignore unknown open flags 2017-07-12 15:01:02 +02:00
pipe.c pipe: fix off-by-one error when checking buffer limits 2018-02-17 13:21:18 +01:00
pnode.c mnt: Make propagate_umount less slow for overlapping mount propagation trees 2017-07-21 07:42:22 +02:00
pnode.h mnt: Tuck mounts under others instead of creating shadow/side mounts. 2017-03-15 10:02:43 +08:00
posix_acl.c tmpfs: clear S_ISGID when setting posix ACLs 2017-01-26 08:24:37 +01:00
proc_namespace.c
read_write.c vfs: deny copy_file_range() for non regular files 2017-10-12 11:51:26 +02:00
readdir.c
select.c fs/select: add vmalloc fallback for select(2) 2016-10-11 15:06:30 -07:00
seq_file.c seq/proc: modify seq_put_decimal_[u]ll to take a const char *, not char 2016-10-07 18:46:30 -07:00
signalfd.c
splice.c vfs: fix uninitialized flags in splice_to_pipe() 2017-02-23 17:44:35 +01:00
stack.c
stat.c ufs: restore maintaining ->i_blocks 2017-06-14 15:06:01 +02:00
statfs.c
super.c sget(): handle failures of register_shrinker() 2018-03-03 10:23:21 +01:00
sync.c
timerfd.c timerfd: Protect the might cancel mechanism proper 2017-05-08 07:47:54 +02:00
userfaultfd.c userfaultfd: shmem: __do_fault requires VM_FAULT_NOPAGE 2017-12-20 10:07:18 +01:00
utimes.c Merge remote-tracking branch 'jk/vfs' into work.misc 2016-10-08 11:06:08 -04:00
xattr.c lsm: fix smack_inode_removexattr and xattr_getsecurity memleak 2017-10-12 11:51:19 +02:00