From patchwork Wed Aug 6 20:32:13 2014 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Andrew Morton X-Patchwork-Id: 4688491 Return-Path: X-Original-To: patchwork-ocfs2-devel@patchwork.kernel.org Delivered-To: patchwork-parsemail@patchwork2.web.kernel.org Received: from mail.kernel.org (mail.kernel.org [198.145.19.201]) by patchwork2.web.kernel.org (Postfix) with ESMTP id 772E1C0338 for ; Wed, 6 Aug 2014 20:33:08 +0000 (UTC) Received: from mail.kernel.org (localhost [127.0.0.1]) by mail.kernel.org (Postfix) with ESMTP id 9700020145 for ; Wed, 6 Aug 2014 20:33:07 +0000 (UTC) Received: from userp1040.oracle.com (userp1040.oracle.com [156.151.31.81]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 9848220125 for ; Wed, 6 Aug 2014 20:33:06 +0000 (UTC) Received: from acsinet21.oracle.com (acsinet21.oracle.com [141.146.126.237]) by userp1040.oracle.com (Sentrion-MTA-4.3.2/Sentrion-MTA-4.3.2) with ESMTP id s76KWuRY015813 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Wed, 6 Aug 2014 20:32:57 GMT Received: from oss.oracle.com (oss-external.oracle.com [137.254.96.51]) by acsinet21.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id s76KWuQX002095 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 6 Aug 2014 20:32:56 GMT Received: from localhost ([127.0.0.1] helo=oss.oracle.com) by oss.oracle.com with esmtp (Exim 4.63) (envelope-from ) id 1XF7tI-0003sV-6S; Wed, 06 Aug 2014 13:32:56 -0700 Received: from ucsinet21.oracle.com ([156.151.31.93]) by oss.oracle.com with esmtp (Exim 4.63) (envelope-from ) id 1XF7tD-0003s0-4A for ocfs2-devel@oss.oracle.com; Wed, 06 Aug 2014 13:32:51 -0700 Received: from aserp1060.oracle.com (aserp1060.oracle.com [141.146.126.71]) by ucsinet21.oracle.com (8.14.4+Sun/8.14.4) with ESMTP id s76KWoM1017987 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for ; Wed, 6 Aug 2014 20:32:50 GMT Received: from aserp2040.oracle.com (aserp2040.oracle.com [141.146.126.75]) by aserp1060.oracle.com (Sentrion-MTA-4.3.2/Sentrion-MTA-4.3.2) with ESMTP id s76KWnS0023978 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Wed, 6 Aug 2014 20:32:50 GMT Received: from pps.filterd (aserp2040.oracle.com [127.0.0.1]) by aserp2040.oracle.com (8.14.7/8.14.7) with SMTP id s76KWgGR018085 for ; Wed, 6 Aug 2014 20:32:49 GMT Received: from mail-yk0-f201.google.com (mail-yk0-f201.google.com [209.85.160.201]) by aserp2040.oracle.com with ESMTP id 1nknw4kaeq-1 (version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT) for ; Wed, 06 Aug 2014 20:32:42 +0000 Received: by mail-yk0-f201.google.com with SMTP id 142so412955ykq.2 for ; Wed, 06 Aug 2014 13:32:14 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:date:from:to:subject:message-id:user-agent :mime-version:content-type:content-transfer-encoding; bh=3tatqOzb59bGpVy3L1/8Ln+ozvgCTvId0+86zKVAXuY=; b=VkrwiBYxBNNk9jNVBi9TgOsEry2xQ8eMezoph8w8+r74VkWxwUtoKlOVqxIASqI2w4 BDRhJxY8FoMPHkFM3zmIIer65pTmi+CECwkpKGKOD6lptPp8TAmSyirGRlFGf3ArBaHG w+IfGrm1tXxqYkePfob5l01ARl16qio7NYHSQ6n8AYsRqc8rr/gv2NJtFoDxAx0X680C fOKcQp6pSRK3A8c0bcvG7LjHNRreykxGWmvXqHeF9EyAc1tO9t/GS6sQWR6LT2d/wID9 wxDvsHiOnlymTDLeiTe2zd/zhd8naO/RUTxO3PfovPJeUaOCXUAvAtSpM7TVfyB9Qr/H 9O+Q== X-Gm-Message-State: ALoCoQlF8BbHNw5K7Sr7zBDqWHcaZh4t4g+xjVP6iirGLtTV9+WJY8XH7HIs4hBb9wyfkbdK+Jfu X-Received: by 10.236.112.6 with SMTP id x6mr6761880yhg.42.1407357134185; Wed, 06 Aug 2014 13:32:14 -0700 (PDT) Received: from corp2gmr1-2.hot.corp.google.com (corp2gmr1-2.hot.corp.google.com [172.24.189.93]) by gmr-mx.google.com with ESMTPS id y50si139548yhk.4.2014.08.06.13.32.14 for (version=TLSv1.1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Wed, 06 Aug 2014 13:32:14 -0700 (PDT) Received: from akpm3.mtv.corp.google.com (akpm3.mtv.corp.google.com [172.17.131.127]) by corp2gmr1-2.hot.corp.google.com (Postfix) with ESMTP id 0EAF05A45AB; Wed, 6 Aug 2014 13:32:14 -0700 (PDT) Received: by akpm3.mtv.corp.google.com (Postfix, from userid 25780) id C3BAD1A0536; Wed, 6 Aug 2014 13:32:13 -0700 (PDT) Date: Wed, 06 Aug 2014 13:32:13 -0700 From: akpm@linux-foundation.org To: jlbec@evilplan.org, mfasheh@suse.com, ocfs2-devel@oss.oracle.com, akpm@linux-foundation.org, jiangyiwen@huawei.com Message-ID: <53e290cd.x/GQNL+fsxwHoqzs%akpm@linux-foundation.org> User-Agent: Heirloom mailx 12.5 6/20/10 MIME-Version: 1.0 X-Proofpoint-Virus-Version: vendor=nai engine=5600 definitions=7522 signatures=670497 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 suspectscore=2 phishscore=0 adultscore=0 bulkscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=7.0.1-1402240000 definitions=main-1408060245 Subject: [Ocfs2-devel] [patch 07/10] ocfs2: avoid access invalid address when read o2dlm debug messages. X-BeenThere: ocfs2-devel@oss.oracle.com X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: ocfs2-devel-bounces@oss.oracle.com Errors-To: ocfs2-devel-bounces@oss.oracle.com X-Source-IP: acsinet21.oracle.com [141.146.126.237] X-Spam-Status: No, score=-4.9 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_MED, RP_MATCHES_RCVD, UNPARSEABLE_RELAY autolearn=unavailable version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP From: jiangyiwen Subject: ocfs2: avoid access invalid address when read o2dlm debug messages. The following case will lead to a lockres bieing freed while it is still in use. cat /sys/kernel/debug/o2dlm/locking_state dlm_thread lockres_seq_start -> lock dlm->track_lock -> get resA resA->refs decrease to 0, call dlm_lockres_release, and wait for "cat" unlock. Although resA->refs is already set to 0, increase resA->refs, and then unlock lock dlm->track_lock -> list_del_init() -> unlock -> free resA In such a race case, invalid address access may occurs. So we should delete list res->tracking before resA->refs decrease to 0. Signed-off-by: jiangyiwen Cc: Joel Becker Cc: Mark Fasheh Signed-off-by: Andrew Morton --- fs/ocfs2/dlm/dlmmaster.c | 10 ---------- fs/ocfs2/dlm/dlmthread.c | 10 ++++++++++ 2 files changed, 10 insertions(+), 10 deletions(-) diff -puN fs/ocfs2/dlm/dlmmaster.c~ocfs2-avoid-access-invalid-address-when-read-o2dlm-debug-messages fs/ocfs2/dlm/dlmmaster.c --- a/fs/ocfs2/dlm/dlmmaster.c~ocfs2-avoid-access-invalid-address-when-read-o2dlm-debug-messages +++ a/fs/ocfs2/dlm/dlmmaster.c @@ -498,16 +498,6 @@ static void dlm_lockres_release(struct k mlog(0, "destroying lockres %.*s\n", res->lockname.len, res->lockname.name); - spin_lock(&dlm->track_lock); - if (!list_empty(&res->tracking)) - list_del_init(&res->tracking); - else { - mlog(ML_ERROR, "Resource %.*s not on the Tracking list\n", - res->lockname.len, res->lockname.name); - dlm_print_one_lock_resource(res); - } - spin_unlock(&dlm->track_lock); - atomic_dec(&dlm->res_cur_count); if (!hlist_unhashed(&res->hash_node) || diff -puN fs/ocfs2/dlm/dlmthread.c~ocfs2-avoid-access-invalid-address-when-read-o2dlm-debug-messages fs/ocfs2/dlm/dlmthread.c --- a/fs/ocfs2/dlm/dlmthread.c~ocfs2-avoid-access-invalid-address-when-read-o2dlm-debug-messages +++ a/fs/ocfs2/dlm/dlmthread.c @@ -211,6 +211,16 @@ static void dlm_purge_lockres(struct dlm __dlm_unhash_lockres(dlm, res); + spin_lock(&dlm->track_lock); + if (!list_empty(&res->tracking)) + list_del_init(&res->tracking); + else { + mlog(ML_ERROR, "Resource %.*s not on the Tracking list\n", + res->lockname.len, res->lockname.name); + dlm_print_one_lock_resource(res); + } + spin_unlock(&dlm->track_lock); + /* lockres is not in the hash now. drop the flag and wake up * any processes waiting in dlm_get_lock_resource. */ if (!master) {