Bob Peterson fd5f446f0b gfs2: check gl_object in rgrp glops ... Function gfs2_clear_rgrpd() is called during unmount to free all rgrps and their sub-objects. If the rgrp glock is held (e.g. in SH) it calls gfs2_glock_cb() to unlock, then calls flush_delayed_work() to make sure any glock work is finished. However, there is a race with other cluster nodes who may request the rgrp glock in another mode (say, EX). Func gfs2_clear_rgrpd() calls glock_clear_object() which sets gl_object to NULL but that's done without holding the gl_lockref spin_lock. While the lock is not held Another node's demote request can cause the state machine to run again, and since the gl_lockref is released in do_xmote, the second process's call to do_xmote can call go_inval (rgrp_go_inval) after the gl_object has been cleared, which results in NULL pointer reference of the rgrp glock's gl_object. Other go_inval glops functions don't require the gl_object to exist, as evidenced by function inode_go_inval() which explicitly checks for if (ip) before referencing gl_object. This patch does the same thing for rgrp glocks. Both the go_inval and go_sync ops are patched to check the existence of gl_object (rgd) before trying to dereference it. Signed-off-by: Bob Peterson <rpeterso@redhat.com> Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com>		2023-01-31 22:40:24 +01:00
..
acl.c	fs: pass dentry to set acl method	2022-10-19 12:55:42 +02:00
acl.h	fs: pass dentry to set acl method	2022-10-19 12:55:42 +02:00
aops.c	gfs2: Always check inode size of inline inodes	2022-12-06 16:06:31 +01:00
aops.h
bmap.c	iomap: Rename page_ops to folio_ops	2023-01-18 10:44:05 -08:00
bmap.h
dentry.c
dir.c	gfs2 fixes	2022-08-06 14:44:49 -07:00
dir.h
export.c	Change calling conventions for filldir_t	2022-08-17 17:25:04 -04:00
file.c	gfs2: Make gfs2_glock_hold return its glock argument	2022-12-06 16:06:31 +01:00
gfs2.h
glock.c	gfs2: Split the two kinds of glock "delete" work	2023-01-31 22:40:24 +01:00
glock.h	gfs2: Split the two kinds of glock "delete" work	2023-01-31 22:40:24 +01:00
glops.c	gfs2: check gl_object in rgrp glops	2023-01-31 22:40:24 +01:00
glops.h
incore.h	gfs2: Split the two kinds of glock "delete" work	2023-01-31 22:40:24 +01:00
inode.c	gfs2: gl_object races fix	2023-01-27 15:55:48 +01:00
inode.h	gfs2: Convert to release_folio	2022-05-09 23:12:33 -04:00
Kconfig
lock_dlm.c	fs: dlm: remove DLM_LSFL_FS from uapi	2022-08-23 14:54:54 -05:00
log.c	Revert "gfs2: stop using generic_writepages in gfs2_ail1_start_one"	2023-01-22 09:46:14 +01:00
log.h	fs/gfs2: Use the enum req_op and blk_opf_t types	2022-07-14 12:14:32 -06:00
lops.c	Folio changes for 6.0	2022-08-03 10:35:43 -07:00
lops.h	fs/gfs2: Use the enum req_op and blk_opf_t types	2022-07-14 12:14:32 -06:00
main.c	gfs2: Register fs after creating workqueues	2022-09-20 17:53:54 +02:00
Makefile
meta_io.c	gfs2: Fix and clean up create / evict interaction	2022-12-02 15:58:00 +01:00
meta_io.h	gfs2: Use container_of() for gfs2_glock(aspace)	2022-05-24 21:29:14 +02:00
ops_fstype.c	gfs2: Move delete workqueue into super block	2023-01-31 22:40:24 +01:00
quota.c	gfs2: replace ll_rw_block()	2022-09-11 20:26:06 -07:00
quota.h
recovery.c	gfs2: replace 'found' with dedicated list iterator variable	2022-05-14 03:05:55 +02:00
recovery.h
rgrp.c	gfs2: Split the two kinds of glock "delete" work	2023-01-31 22:40:24 +01:00
rgrp.h	Merge part of branch 'for-next.instantiate' into for-next	2022-08-05 18:37:03 +02:00
super.c	gfs2: Split the two kinds of glock "delete" work	2023-01-31 22:40:24 +01:00
super.h	gfs2: Don't release and reacquire local statfs bh	2021-08-20 09:03:46 -05:00
sys.c	block: remove genhd.h	2022-02-02 07:49:59 -07:00
sys.h
trace_gfs2.h	gfs2: Remove 'first' trace_gfs2_promote argument	2021-10-25 08:42:19 +02:00
trans.c
trans.h
util.c	gfs2: Merge branch 'for-next.nopid' into for-next	2022-10-09 22:56:28 +02:00
util.h	gfs2: don't stop reads while withdraw in progress	2021-08-20 09:03:46 -05:00
xattr.c	gfs2: Fix and clean up create / evict interaction	2022-12-02 15:58:00 +01:00
xattr.h