linux/fs/gfs2
Bob Peterson d22f69a08d gfs2: Fix use-after-free in gfs2_logd after withdraw
When the gfs2_logd daemon withdrew, the withdraw sequence called
into make_fs_ro() to make the file system read-only. That caused the
journal descriptors to be freed. However, those journal descriptors
were used by gfs2_logd's call to gfs2_ail_flush_reqd(). This caused
a use-after free and NULL pointer dereference.

This patch changes function gfs2_logd() so that it stops all logd
work until the thread is told to stop. Once a withdraw is done,
it only does an interruptible sleep.

Signed-off-by: Bob Peterson <rpeterso@redhat.com>
Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com>
2020-05-08 15:15:12 +02:00
..
acl.c gfs2: Change inode qa_data to allow multiple users 2020-03-27 14:08:04 -05:00
acl.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 398 2019-06-05 17:37:12 +02:00
aops.c gfs2: don't allow releasepage to free bd still used for revokes 2020-02-27 07:53:18 -06:00
aops.h gfs2: mark stuffed_readpage static 2019-07-03 14:45:18 +02:00
bmap.c gfs2: Split gfs2_rsqa_delete into gfs2_rs_delete and gfs2_qa_put 2020-03-27 14:08:04 -05:00
bmap.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 398 2019-06-05 17:37:12 +02:00
dentry.c gfs2: untangle the logic in gfs2_drevalidate 2019-09-03 09:42:41 +02:00
dir.c gfs2: leaf_dealloc needs to allocate one more revoke 2020-02-27 07:53:18 -06:00
dir.h gfs2: Delete an unnecessary check before brelse() 2019-09-04 20:22:17 +02:00
export.c treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 398 2019-06-05 17:37:12 +02:00
file.c gfs2: Remove unnecessary gfs2_qa_{get,put} pairs 2020-03-27 14:08:05 -05:00
gfs2.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 398 2019-06-05 17:37:12 +02:00
glock.c gfs2: Fix error exit in do_xmote 2020-05-08 14:45:38 +02:00
glock.h gfs2: Use async glocks for rename 2019-09-04 20:22:17 +02:00
glops.c gfs2: Do proper error checking for go_sync family of glops functions 2020-02-27 07:53:18 -06:00
glops.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 398 2019-06-05 17:37:12 +02:00
incore.h gfs2: Change inode qa_data to allow multiple users 2020-03-27 14:08:04 -05:00
inode.c We've got a lot of patches (39) for this merge window. Most of these patches 2020-03-31 14:16:03 -07:00
inode.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 398 2019-06-05 17:37:12 +02:00
Kconfig treewide: Add SPDX license identifier - Makefile/Kconfig 2019-05-21 10:50:46 +02:00
lock_dlm.c gfs2: Force withdraw to replay journals and wait for it to finish 2020-02-27 07:53:12 -06:00
log.c gfs2: Fix use-after-free in gfs2_logd after withdraw 2020-05-08 15:15:12 +02:00
log.h gfs2: Do log_flush in gfs2_ail_empty_gl even if ail list is empty 2020-02-27 07:53:18 -06:00
lops.c gfs2: Switch to list_{first,last}_entry 2020-03-27 14:08:04 -05:00
lops.h gfs2: Remove active journal side effect from gfs2_write_log_header 2019-11-12 15:17:53 +01:00
main.c SPDX update for 5.2-rc4 2019-06-08 12:52:42 -07:00
Makefile License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
meta_io.c gfs2: fix withdraw sequence deadlock 2020-05-06 21:25:26 +02:00
meta_io.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 398 2019-06-05 17:37:12 +02:00
ops_fstype.c We've got a lot of patches (39) for this merge window. Most of these patches 2020-03-31 14:16:03 -07:00
quota.c gfs2: Change inode qa_data to allow multiple users 2020-03-27 14:08:04 -05:00
quota.h gfs2: Change inode qa_data to allow multiple users 2020-03-27 14:08:04 -05:00
recovery.c gfs2: change from write to read lock for sd_log_flush_lock in journal replay 2020-03-27 14:08:05 -05:00
recovery.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 398 2019-06-05 17:37:12 +02:00
rgrp.c gfs2: don't lock sd_log_flush_lock in try_rgrp_unlink 2020-03-27 14:08:05 -05:00
rgrp.h gfs2: Split gfs2_rsqa_delete into gfs2_rs_delete and gfs2_qa_put 2020-03-27 14:08:04 -05:00
super.c gfs2: Split gfs2_rsqa_delete into gfs2_rs_delete and gfs2_qa_put 2020-03-27 14:08:04 -05:00
super.h gfs2: Force withdraw to replay journals and wait for it to finish 2020-02-27 07:53:12 -06:00
sys.c gfs2: Force withdraw to replay journals and wait for it to finish 2020-02-27 07:53:12 -06:00
sys.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 398 2019-06-05 17:37:12 +02:00
trace_gfs2.h gfs2: eliminate rs_inum and reduce the size of gfs2 inodes 2018-06-21 07:39:31 -05:00
trans.c gfs2: drain the ail2 list after io errors 2020-02-27 07:53:18 -06:00
trans.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 398 2019-06-05 17:37:12 +02:00
util.c gfs2: Fix BUG during unmount after file system withdraw 2020-05-08 15:13:27 +02:00
util.h gfs2: flesh out delayed withdraw for gfs2_log_flush 2020-02-27 07:53:18 -06:00
xattr.c gfs2: Change inode qa_data to allow multiple users 2020-03-27 14:08:04 -05:00
xattr.h treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 398 2019-06-05 17:37:12 +02:00