iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
linux/fs
History
Linus Torvalds 559214eb4e epoll: be better about file lifetimes 
[ Upstream commit 4efaa5acf0a1d2b5947f98abb3acf8bfd966422b ]

epoll can call out to vfs_poll() with a file pointer that may race with
the last 'fput()'. That would make f_count go down to zero, and while
the ep->mtx locking means that the resulting file pointer tear-down will
be blocked until the poll returns, it means that f_count is already
dead, and any use of it won't actually get a reference to the file any
more: it's dead regardless.

Make sure we have a valid ref on the file pointer before we call down to
vfs_poll() from the epoll routines.

Link: https://lore.kernel.org/lkml/0000000000002d631f0615918f1e@google.com/
Reported-by: syzbot+045b454ab35fd82a35fb@syzkaller.appspotmail.com
Reviewed-by: Jens Axboe <axboe@kernel.dk>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
2024-06-12 11:03:03 +02:00
..
9p
fs/9p: drop inodes immediately on non-.L too
2024-05-17 11:56:09 +02:00
adfs
affs
affs: initialize fsdata in affs_truncate()
2023-02-01 08:34:08 +01:00
afs
afs: Revert "afs: Hide silly-rename files from userspace"
2024-03-26 18:20:57 -04:00
autofs
autofs: fix memory leak of waitqueues in autofs_catatonic_mode
2023-09-23 11:10:59 +02:00
befs
bfs
btrfs
btrfs: do not wait for short bulk allocation
2024-05-17 11:56:23 +02:00
cachefiles
cachefiles: fix memory leak in cachefiles_add_cache()
2024-03-01 13:26:32 +01:00
ceph
ceph: switch to corrected encoding of max_xattr_size in mdsmap
2024-03-15 10:48:13 -04:00
coda
coda: Avoid partial allocation of sig_inputArgs
2023-03-10 09:33:52 +01:00
configfs
configfs: fix possible memory leak in configfs_create_dir()
2022-12-31 13:32:22 +01:00
cramfs
fs/cramfs/inode.c: initialize file_ra_state
2023-03-10 09:34:09 +01:00
crypto
blk-crypto: add a blk_crypto_config_supported_natively helper
2023-05-11 23:03:00 +09:00
debugfs
debugfs: fix automount d_fsdata usage
2024-01-20 11:50:04 +01:00
devpts
dlm
fs: dlm: don't put dlm_local_addrs on heap
2024-02-16 19:06:29 +01:00
ecryptfs
ecryptfs: Reject casefold directory inodes
2024-02-05 20:12:49 +00:00
efivarfs
efivarfs: Request at most 512 bytes for variable names
2024-03-06 14:45:11 +00:00
efs
erofs
erofs: apply proper VMA alignment for memory mapped files on THP
2024-03-15 10:48:16 -04:00
exfat
exfat: support handle zero-size directory
2023-11-28 17:07:00 +00:00
exportfs
exportfs: use pr_debug for unreachable debug statements
2024-03-06 14:45:15 +00:00
ext2
ext2: fix datatype of block number in ext2_xattr_set2()
2023-09-23 11:11:05 +02:00
ext4
ext4: forbid commit inconsistent quota data when errors=remount-ro
2024-04-13 13:05:09 +02:00
f2fs
f2fs: truncate page cache before clearing flags when aborting atomic write
2024-04-03 15:19:37 +02:00
fat
fat: fix uninitialized field in nostale filehandles
2024-04-03 15:19:27 +02:00
freevxfs
fscache
netfs, fscache: Prevent Oops in fscache_put_cache()
2024-01-31 16:17:04 -08:00
fuse
fuse: don't unhash root
2024-04-03 15:19:30 +02:00
gfs2
gfs2: Fix invalid metadata access in punch_hole
2024-05-17 11:56:04 +02:00
hfs
hfs: fix missing hfs_bnode_get() in __hfs_bnode_create
2023-03-10 09:34:07 +01:00
hfsplus
fs: hfsplus: remove WARN_ON() from hfsplus_cat_{read,write}_inode()
2023-05-24 17:32:34 +01:00
hostfs
hostfs: move from strlcpy with unused retval to strscpy
2022-09-19 22:46:25 +02:00
hpfs
hugetlbfs
mm/hugetlb: add hugetlb_folio_subpool() helpers
2024-05-17 11:55:51 +02:00
iomap
iomap: write iomap validity checks
2024-05-25 16:21:31 +02:00
isofs
isofs: handle CDs with bad root inode but good Joliet root directory
2024-04-13 13:05:06 +02:00
jbd2
jbd2: fix soft lockup in journal_finish_inode_data_buffers()
2024-01-20 11:50:07 +01:00
jffs2
jffs2: reduce stack usage in jffs2_build_xattr_subsystem()
2023-07-19 16:22:11 +02:00
jfs
jfs: fix array-index-out-of-bounds in diNewExt
2024-02-05 20:12:48 +00:00
kernfs
fs/kernfs/dir: obey S_ISGID
2024-02-05 20:12:58 +00:00
lockd
lockd: fix file selection in nlmsvc_cancel_blocked
2024-03-06 14:45:16 +00:00
minix
vfs: open inside ->tmpfile()
2022-09-24 07:00:00 +02:00
netfs
netfs: Only call folio_start_fscache() one time for each folio
2023-10-06 14:56:32 +02:00
nfs
nfsd: don't allow nfsd threads to be signalled.
2024-05-25 16:21:30 +02:00
nfs_common
nfsd
nfsd: don't allow nfsd threads to be signalled.
2024-05-25 16:21:30 +02:00
nilfs2
nilfs2: fix potential hang in nilfs_detach_log_writer()
2024-06-12 11:02:56 +02:00
nls
fs/nls: make load_nls() take a const parameter
2023-09-13 09:42:22 +02:00
notify
fanotify: disallow mount/sb marks on kernel internal pseudo fs
2023-07-19 16:22:05 +02:00
ntfs
- hfs and hfsplus kmap API modernization from Fabio Francesco
2022-10-12 11:00:22 -07:00
ntfs3
fs/ntfs3: Break dir enumeration if directory contents error
2024-06-12 11:02:57 +02:00
ocfs2
fs: ocfs2: namei: check return value of ocfs2_add_entry()
2023-09-13 09:42:33 +02:00
omfs
openpromfs
orangefs
Julia Lawall reported this null pointer dereference, this should fix it.
2024-04-13 13:05:08 +02:00
overlayfs
ima: detect changes to the backing overlay file
2023-11-28 17:07:12 +00:00
proc
fs/proc: do_task_stat: use sig->stats_lock to gather the threads/children stats
2024-03-15 10:48:22 -04:00
pstore
pstore/zone: Add a null pointer check to the psz_kmsg_read
2024-04-13 13:04:57 +02:00
qnx4
qnx6
fs/qnx6: delete unnecessary checks before brelse()
2022-09-11 21:55:07 -07:00
quota
quota: Fix rcu annotations of inode dquot pointers
2024-03-26 18:20:47 -04:00
ramfs
shmem: use ramfs_kill_sb() for kill_sb method of ramfs-based tmpfs
2023-07-19 16:22:11 +02:00
reiserfs
reiserfs: Check the return value from __getblk()
2023-09-13 09:42:27 +02:00
romfs
smb
ksmbd: ignore trailing slashes in share paths
2024-06-12 11:02:57 +02:00
squashfs
revert "squashfs: harden sanity check in squashfs_read_xattr_id_table"
2023-02-22 12:59:50 +01:00
sysfs
fs: sysfs: Fix reference leak in sysfs_break_active_protection()
2024-04-27 17:07:16 +02:00
sysv
sysv: don't call sb_bread() with pointers_lock held
2024-04-13 13:05:05 +02:00
tracefs
tracefs: Add missing lockdown check to tracefs_create_dir()
2023-09-23 11:11:12 +02:00
ubifs
ubifs: Set page uptodate in the correct place
2024-04-03 15:19:27 +02:00
udf
udf: initialize newblock to 0
2023-09-13 09:43:05 +02:00
ufs
ufs: replace ll_rw_block()
2022-09-11 20:26:07 -07:00
unicode
vboxsf
vboxsf: Avoid an spurious warning if load_nls_xxx() fails
2024-04-10 16:28:25 +02:00
verity
fsverity: skip PKCS#7 parser when keyring is empty
2023-09-13 09:43:03 +02:00
xfs
xfs: short circuit xfs_growfs_data_private() if delta is zero
2024-05-25 16:21:34 +02:00
zonefs
zonefs: Improve error handling
2024-02-23 09:12:45 +01:00
aio.c
fs/aio: Check IOCB_AIO_RW before the struct aio_kiocb conversion
2024-04-03 15:19:42 +02:00
anon_inodes.c
attr.c
attr: block mode changes of symlinks
2023-09-23 11:11:10 +02:00
bad_inode.c
vfs: open inside ->tmpfile()
2022-09-24 07:00:00 +02:00
binfmt_elf_fdpic.c
fs: binfmt_elf_efpic: fix personality for ELF-FDPIC
2023-10-06 14:57:06 +02:00
binfmt_elf_test.c
binfmt_elf.c
mm: always expand the stack with the mmap write lock held
2023-07-01 13:16:25 +02:00
binfmt_flat.c
binfmt_misc.c
binfmt_misc: fix shift-out-of-bounds in check_special_flags
2022-12-31 13:32:57 +01:00
binfmt_script.c
buffer.c
- hfs and hfsplus kmap API modernization from Fabio Francesco
2022-10-12 11:00:22 -07:00
char_dev.c
chardev: fix error handling in cdev_device_add()
2022-12-31 13:32:41 +01:00
compat_binfmt_elf.c
coredump.c
coredump: Move dump_emit_page() to kill unused warning
2023-02-22 12:59:50 +01:00
d_path.c
dax.c
Merge branch 'for-6.0/dax' into libnvdimm-fixes
2022-09-24 18:14:12 -07:00
dcache.c
fast_dput(): handle underflows gracefully
2024-02-05 20:12:54 +00:00
direct-io.c
block: remove PSI accounting from the bio layer
2022-09-20 08:24:38 -06:00
drop_caches.c
eventfd.c
eventfd: prevent underflow for eventfd semaphores
2023-09-13 09:42:27 +02:00
eventpoll.c
epoll: be better about file lifetimes
2024-06-12 11:03:03 +02:00
exec.c
exec: Fix NOMMU linux_binprm::exec in transfer_args_to_stack()
2024-04-03 15:19:48 +02:00
fcntl.c
fs: Fix rw_hint validation
2024-03-26 18:20:28 -04:00
fhandle.c
do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak
2024-03-26 18:20:27 -04:00
file_table.c
file.c
file: reinstate f_pos locking optimization for regular files
2023-08-11 12:08:23 +02:00
filesystems.c
fs_context.c
vfs, security: Fix automount superblock LSM init problem, preventing NFS sb sharing
2023-09-13 09:42:28 +02:00
fs_parser.c
ext4: journal_path mount options should follow links
2023-01-07 11:11:59 +01:00
fs_pin.c
fs_struct.c
fs_types.c
fs-writeback.c
writeback, cgroup: switch inodes with dirty timestamps to release dying cgwbs
2023-11-20 11:51:50 +01:00
fsopen.c
init.c
inode.c
filemap: add a per-mapping stable writes flag
2024-01-10 17:10:32 +01:00
internal.h
nfs: use vfs setgid helper
2023-08-30 16:11:10 +02:00
ioctl.c
lsm: new security_file_ioctl_compat() hook
2024-01-31 16:17:00 -08:00
Kconfig
smb: move client and server files to common directory fs/smb
2023-06-28 11:12:40 +02:00
Kconfig.binfmt
Xtensa updates for v6.1
2022-10-10 14:21:11 -07:00
kernel_read_file.c
libfs.c
libfs: add DEFINE_SIMPLE_ATTRIBUTE_SIGNED for signed value
2022-12-31 13:31:58 +01:00
locks.c
filelock: add a new locks_inode_context accessor function
2024-03-06 14:45:16 +00:00
Makefile
smb: move client and server files to common directory fs/smb
2023-06-28 11:12:40 +02:00
mbcache.c
ext4: fix deadlock due to mbcache entry corruption
2023-01-07 11:12:02 +01:00
mount.h
mpage.c
namei.c
rename(): fix the locking of subdirectories
2024-01-31 16:17:02 -08:00
namespace.c
fs: relax mount_setattr() permission checks
2024-02-23 09:12:46 +01:00
no-block.c
nsfs.c
open.c
open: make RESOLVE_CACHED correctly test for O_TMPFILE
2023-08-11 12:08:22 +02:00
pipe.c
fs/pipe: Fix lockdep false-positive in watchqueue pipe_write()
2024-04-10 16:28:30 +02:00
pnode.c
pnode: terminate at peers of source
2023-01-04 11:29:01 +01:00
pnode.h
posix_acl.c
- Yu Zhao's Multi-Gen LRU patches are here. They've been under test in
2022-10-10 17:53:04 -07:00
proc_namespace.c
read_write.c
use less confusing names for iov_iter direction initializers
2023-02-09 11:28:04 +01:00
readdir.c
remap_range.c
select.c
fs/select: rework stack allocation hack for clang
2024-03-26 18:20:28 -04:00
seq_file.c
use less confusing names for iov_iter direction initializers
2023-02-09 11:28:04 +01:00
signalfd.c
splice.c
mm: merge folio_has_private()/filemap_release_folio() call pairs
2024-01-10 17:10:31 +01:00
stack.c
stat.c
vfs: support STATX_DIOALIGN on block devices
2022-09-11 19:47:12 -05:00
statfs.c
statfs: enforce statfs[64] structure initialization
2023-05-24 17:32:51 +01:00
super.c
fs: Protect reconfiguration of sb read-write from racing writes
2023-08-11 12:08:24 +02:00
sync.c
sysctls.c
timerfd.c
userfaultfd.c
Revert "userfaultfd: don't fail on unrecognized features"
2023-04-26 14:28:37 +02:00
utimes.c
xattr.c
fs: don't audit the capability check in simple_xattr_list()
2022-12-31 13:31:55 +01:00