iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
linux/fs/ceph
History
Xiubo Li aaf67de788 ceph: fix potential use-after-free bug when trimming caps 
When trimming the caps and just after the 'session->s_cap_lock' is
released in ceph_iterate_session_caps() the cap maybe removed by
another thread, and when using the stale cap memory in the callbacks
it will trigger use-after-free crash.

We need to check the existence of the cap just after the 'ci->i_ceph_lock'
being acquired. And do nothing if it's already removed.

Cc: stable@vger.kernel.org
Link: https://tracker.ceph.com/issues/43272
Signed-off-by: Xiubo Li <xiubli@redhat.com>
Reviewed-by: Luís Henriques <lhenriques@suse.de>
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
2023-04-30 12:37:28 +02:00
..
acl.c
fs: port acl to mnt_idmap
2023-01-19 09:24:28 +01:00
addr.c
ceph: implement writeback livelock avoidance using page tagging
2023-04-30 12:37:28 +02:00
cache.c
netfs: Fix gcc-12 warning by embedding vfs inode in netfs_i_context
2022-06-09 13:55:00 -07:00
cache.h
netfs: Further cleanups after struct netfs_inode wrapper introduced
2022-06-10 20:55:21 +01:00
caps.c
ceph: fix potential use-after-free bug when trimming caps
2023-04-30 12:37:28 +02:00
ceph_frag.c
debugfs.c
ceph: fix potential use-after-free bug when trimming caps
2023-04-30 12:37:28 +02:00
dir.c
fs: port ->rename() to pass mnt_idmap
2023-01-19 09:24:26 +01:00
export.c
ceph: fail the open_by_handle_at() if the dentry is being unlinked
2022-10-04 19:18:08 +02:00
file.c
Two small fixes from Xiubo and myself, marked for stable.
2023-03-02 10:48:30 -08:00
inode.c
fs.idmapped.v6.3
2023-02-20 11:53:11 -08:00
io.c
ceph: fix kerneldoc copypasta over ceph_start_io_direct
2021-04-27 23:52:23 +02:00
io.h
ceph: add buffered/direct exclusionary locking for reads and writes
2019-09-16 12:06:25 +02:00
ioctl.c
ceph: remove useless session parameter for check_caps()
2022-12-12 19:15:39 +01:00
ioctl.h
Kconfig
ceph: conversion to new fscache API
2022-01-11 22:13:01 +00:00
locks.c
filelock: move file locking definitions to separate header file
2023-01-11 06:52:32 -05:00
Makefile
ceph: add dentry lease metric support
2020-06-01 13:22:51 +02:00
mds_client.c
ceph: fix potential use-after-free bug when trimming caps
2023-04-30 12:37:28 +02:00
mds_client.h
ceph: fix potential use-after-free bug when trimming caps
2023-04-30 12:37:28 +02:00
mdsmap.c
treewide: use get_random_u32_below() instead of deprecated function
2022-11-18 02:15:15 +01:00
metric.c
ceph: include average/stdev r/w/m latency in mds metrics
2022-03-21 13:35:16 +01:00
metric.h
ceph: include average/stdev r/w/m latency in mds metrics
2022-03-21 13:35:16 +01:00
quota.c
ceph: fix statfs for subdir mounts
2022-05-25 20:45:14 +02:00
snap.c
ceph: blocklist the kclient when receiving corrupted snap trace
2023-02-02 13:58:15 +01:00
strings.c
ceph: add getvxattr op
2022-03-01 18:26:37 +01:00
super.c
ceph: make f_bsize always equal to f_frsize
2022-08-03 00:54:13 +02:00
super.h
ceph: fix potential use-after-free bug when trimming caps
2023-04-30 12:37:28 +02:00
util.c
ceph: move net/ceph/ceph_fs.c to fs/ceph/util.c
2020-01-27 16:53:40 +01:00
xattr.c
ceph: do not print the whole xattr value if it's too long
2023-04-30 12:37:28 +02:00