Rohith Surabattula
9687c85dfb
Fix KASAN identified use-after-free issue. ...
[ 612.157429] ==================================================================
[ 612.158275] BUG: KASAN: use-after-free in process_one_work+0x90/0x9b0
[ 612.158801] Read of size 8 at addr ffff88810a31ca60 by task kworker/2:9/2382
[ 612.159611] CPU: 2 PID: 2382 Comm: kworker/2:9 Tainted: G
OE 5.13.0-rc2+ #98
[ 612.159623] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996),
BIOS 1.14.0-1.fc33 04/01/2014
[ 612.159640] Workqueue: 0x0 (deferredclose)
[ 612.159669] Call Trace:
[ 612.159685] dump_stack+0xbb/0x107
[ 612.159711] print_address_description.constprop.0+0x18/0x140
[ 612.159733] ? process_one_work+0x90/0x9b0
[ 612.159743] ? process_one_work+0x90/0x9b0
[ 612.159754] kasan_report.cold+0x7c/0xd8
[ 612.159778] ? lock_is_held_type+0x80/0x130
[ 612.159789] ? process_one_work+0x90/0x9b0
[ 612.159812] kasan_check_range+0x145/0x1a0
[ 612.159834] process_one_work+0x90/0x9b0
[ 612.159877] ? pwq_dec_nr_in_flight+0x110/0x110
[ 612.159914] ? spin_bug+0x90/0x90
[ 612.159967] worker_thread+0x3b6/0x6c0
[ 612.160023] ? process_one_work+0x9b0/0x9b0
[ 612.160038] kthread+0x1dc/0x200
[ 612.160051] ? kthread_create_worker_on_cpu+0xd0/0xd0
[ 612.160092] ret_from_fork+0x1f/0x30
[ 612.160399] Allocated by task 2358:
[ 612.160757] kasan_save_stack+0x1b/0x40
[ 612.160768] __kasan_kmalloc+0x9b/0xd0
[ 612.160778] cifs_new_fileinfo+0xb0/0x960 [cifs]
[ 612.161170] cifs_open+0xadf/0xf20 [cifs]
[ 612.161421] do_dentry_open+0x2aa/0x6b0
[ 612.161432] path_openat+0xbd9/0xfa0
[ 612.161441] do_filp_open+0x11d/0x230
[ 612.161450] do_sys_openat2+0x115/0x240
[ 612.161460] __x64_sys_openat+0xce/0x140
When mod_delayed_work is called to modify the delay of pending work,
it might return false and queue a new work when pending work is
already scheduled or when try to grab pending work failed.
So, Increase the reference count when new work is scheduled to
avoid use-after-free.
Signed-off-by: Rohith Surabattula <rohiths@microsoft.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
2021-05-20 12:20:42 -05:00
2020-10-22 12:17:52 -05:00
2020-12-14 09:16:22 -06:00
2021-04-25 16:28:24 -05:00
2020-06-01 00:10:18 -05:00
2021-04-25 16:28:23 -05:00
2021-05-03 11:21:22 -05:00
2021-05-03 11:43:37 -05:00
2019-11-25 01:16:30 -06:00
2021-03-19 00:37:51 -05:00
2021-04-25 16:28:22 -05:00
2020-10-11 23:57:18 -05:00
2019-05-30 11:26:35 -07:00
2019-05-30 11:26:35 -07:00
2021-04-25 16:28:22 -05:00
2021-02-22 21:20:44 -06:00
2021-02-22 21:20:43 -06:00
2021-05-19 21:11:26 -05:00
2021-04-25 23:59:27 -05:00
2021-05-19 21:11:28 -05:00
2021-04-25 16:28:22 -05:00
2021-05-05 13:37:07 -07:00
2020-06-01 00:10:18 -05:00
2021-04-25 16:28:23 -05:00
2021-05-04 11:52:56 -05:00
2021-04-25 16:28:23 -05:00
2020-12-13 19:12:07 -06:00
2021-05-05 13:37:07 -07:00
2019-06-27 23:02:12 +01:00
2019-07-31 13:31:05 -06:00
2021-05-20 12:20:42 -05:00
2021-05-19 21:11:09 -05:00
2021-04-25 23:59:08 -05:00
2020-12-14 09:16:22 -06:00
2020-12-14 09:16:22 -06:00
2021-05-05 13:37:07 -07:00
2021-05-03 11:45:36 -05:00
2021-04-07 21:29:36 -05:00
2021-05-04 11:53:15 -05:00
2021-04-07 21:29:36 -05:00
2021-05-20 12:20:42 -05:00
2020-12-14 09:16:22 -06:00
2020-12-14 09:16:22 -06:00
2020-08-02 18:00:25 -05:00
2019-05-24 17:36:45 +02:00
2019-05-24 17:36:45 +02:00
2016-06-23 23:45:07 -05:00
2021-04-27 10:57:42 -07:00
2021-05-08 10:50:53 -05:00
2021-04-25 16:28:23 -05:00
2020-03-22 22:49:09 -05:00
2021-03-26 07:49:39 -05:00
2021-04-25 16:28:23 -05:00
2020-10-15 23:58:14 -05:00
2021-04-25 16:28:23 -05:00
2021-05-19 21:11:28 -05:00
2021-05-19 10:10:58 -05:00
2021-04-25 16:28:23 -05:00
2021-04-25 16:28:23 -05:00
2019-05-07 23:24:54 -05:00
2021-03-26 07:49:39 -05:00
2020-12-13 19:12:07 -06:00
2020-04-07 12:41:16 -05:00
2019-08-22 14:57:34 +10:00
2020-10-23 15:38:10 -05:00
2019-01-24 09:37:33 -06:00
2021-02-16 15:48:02 -06:00
2021-03-14 18:14:32 -05:00
2021-04-25 16:28:23 -05:00
2020-07-05 14:23:38 -06:00
2021-05-03 11:21:22 -05:00
9687c85dfb