[Devel] [PATCH RHEL7 COMMIT] fuse kio: Stop self-abuse of rpc counter in rpc_queue_work()
Konstantin Khorenko
khorenko at virtuozzo.com
Thu Oct 18 15:01:35 MSK 2018
The commit is pushed to "branch-rh7-3.10.0-862.14.4.vz7.72.x-ovz" and will appear at https://src.openvz.org/scm/ovz/vzkernel.git
after rh7-3.10.0-862.14.4.vz7.72.11
------>
commit ccd016fb513cd6ec799953585da61ba53b42d075
Author: Kirill Tkhai <ktkhai at virtuozzo.com>
Date: Thu Oct 18 15:01:33 2018 +0300
fuse kio: Stop self-abuse of rpc counter in rpc_queue_work()
These useless get and put do not protect from anything,
since the work may become executing after last user put
counter in parallel. Remove them to avoid shooting of
BUG_ON() in pcs_rpc_get().
Signed-off-by: Kirill Tkhai <ktkhai at virtuozzo.com>
Reviewed-by: Pavel Butsykin <pbutsykin at virtuozzo.com>
=====================
Patchset description:
Order rpc destroy with rpc_queue_work()
Prevents use-after-free from work function.
https://pmc.acronis.com/browse/VSTOR-16236
Kirill Tkhai (3):
fuse kio: Stop self-abuse of rpc counter in rpc_queue_work()
fuse kio: Check for null ep in pcs_rpc_deaccount_msg()
fuse kio: Move abort & destroy block up in pcs_rpc_send()
Pavel Butsykin (1):
fs/fuse kio_pcs: flush rpc work inside pcs_rpc_destroy()
---
fs/fuse/kio/pcs/pcs_rpc.c | 3 ---
1 file changed, 3 deletions(-)
diff --git a/fs/fuse/kio/pcs/pcs_rpc.c b/fs/fuse/kio/pcs/pcs_rpc.c
index 7ef69a842ce8..27156a507a84 100644
--- a/fs/fuse/kio/pcs/pcs_rpc.c
+++ b/fs/fuse/kio/pcs/pcs_rpc.c
@@ -847,7 +847,6 @@ static void rpc_queue_work(struct work_struct *w)
struct pcs_rpc *ep = pcs_rpc_from_work(w);
int repeat;
- pcs_rpc_get(ep);
again:
spin_lock(&ep->q_lock);
list_splice_tail_init(&ep->input_queue, &input_q);
@@ -893,8 +892,6 @@ static void rpc_queue_work(struct work_struct *w)
mutex_unlock(&ep->mutex);
if (repeat)
goto again;
- pcs_rpc_put(ep);
-
}
struct pcs_rpc * pcs_rpc_alloc_ep(void)
More information about the Devel
mailing list