www.infradead.org Git - users/jedix/linux-maple.git/commit

author	jiangyiwen <jiangyiwen@huawei.com>
	Fri, 30 Jan 2015 02:11:19 +0000 (13:11 +1100)
committer	Santosh Shilimkar <santosh.shilimkar@oracle.com>
	Tue, 30 Jun 2015 02:56:22 +0000 (19:56 -0700)
commit	61c1edf1e2e8bae673ab933f0e39af8477e1b52e
tree	0493be585845d79aa13eb726665c20786ca84bd4	tree
parent	9d6f7b388a677472ca33ab303394b30730cb1ef5	commit \| diff

ocfs2: avoid access invalid address when read o2dlm debug messages

The following case will lead to a lockres is freed but is still in use.

cat /sys/kernel/debug/o2dlm/locking_state dlm_thread
lockres_seq_start
    -> lock dlm->track_lock
    -> get resA
                                                resA->refs decrease to 0,
                                                call dlm_lockres_release,
                                                and wait for "cat" unlock.
Although resA->refs is already set to 0,
increase resA->refs, and then unlock
                                                lock dlm->track_lock
                                                    -> list_del_init()
                                                    -> unlock
                                                    -> free resA

In such a race case, invalid address access may occurs.  So we should
delete list res->tracking before resA->refs decrease to 0.

Signed-off-by: jiangyiwen <jiangyiwen@huawei.com>
Cc: Joel Becker <jlbec@evilplan.org>
Cc: Mark Fasheh <mfasheh@suse.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
(cherry picked from commit e87e805fe4a1cf38031ae0669e3a91c8a8251279)

fs/ocfs2/dlm/dlmmaster.c		diff \| blob \| history
fs/ocfs2/dlm/dlmthread.c		diff \| blob \| history