Apply queued fixes for crasher reported by Alex Larsson
This commit is contained in:
parent
2d9377349e
commit
fe955c19df
|
@ -0,0 +1,54 @@
|
|||
From: "Eric W. Biederman" <ebiederm@xmission.com>
|
||||
Date: Thu, 2 Apr 2015 16:35:48 -0500
|
||||
Subject: [PATCH] fs_pin: Allow for the possibility that m_list or s_list go
|
||||
unused.
|
||||
|
||||
commit 820f9f147dcce2602eefd9b575bbbd9ea14f0953 upstream.
|
||||
|
||||
This is needed to support lazily umounting locked mounts. Because the
|
||||
entire unmounted subtree needs to stay together until there are no
|
||||
users with references to any part of the subtree.
|
||||
|
||||
To support this guarantee that the fs_pin m_list and s_list nodes
|
||||
are initialized by initializing them in init_fs_pin allowing
|
||||
for the possibility that pin_insert_group does not touch them.
|
||||
|
||||
Further use hlist_del_init in pin_remove so that there is
|
||||
a hlist_unhashed test before the list we attempt to update
|
||||
the previous list item.
|
||||
|
||||
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
|
||||
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||||
---
|
||||
fs/fs_pin.c | 4 ++--
|
||||
include/linux/fs_pin.h | 2 ++
|
||||
2 files changed, 4 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/fs/fs_pin.c b/fs/fs_pin.c
|
||||
index b06c98796afb..611b5408f6ec 100644
|
||||
--- a/fs/fs_pin.c
|
||||
+++ b/fs/fs_pin.c
|
||||
@@ -9,8 +9,8 @@ static DEFINE_SPINLOCK(pin_lock);
|
||||
void pin_remove(struct fs_pin *pin)
|
||||
{
|
||||
spin_lock(&pin_lock);
|
||||
- hlist_del(&pin->m_list);
|
||||
- hlist_del(&pin->s_list);
|
||||
+ hlist_del_init(&pin->m_list);
|
||||
+ hlist_del_init(&pin->s_list);
|
||||
spin_unlock(&pin_lock);
|
||||
spin_lock_irq(&pin->wait.lock);
|
||||
pin->done = 1;
|
||||
diff --git a/include/linux/fs_pin.h b/include/linux/fs_pin.h
|
||||
index 9dc4e0384bfb..3886b3bffd7f 100644
|
||||
--- a/include/linux/fs_pin.h
|
||||
+++ b/include/linux/fs_pin.h
|
||||
@@ -13,6 +13,8 @@ struct vfsmount;
|
||||
static inline void init_fs_pin(struct fs_pin *p, void (*kill)(struct fs_pin *))
|
||||
{
|
||||
init_waitqueue_head(&p->wait);
|
||||
+ INIT_HLIST_NODE(&p->s_list);
|
||||
+ INIT_HLIST_NODE(&p->m_list);
|
||||
p->kill = kill;
|
||||
}
|
||||
|
11
kernel.spec
11
kernel.spec
|
@ -789,6 +789,10 @@ Patch26208: sched-always-use-blk_schedule_flush_plug-in-io_sched.patch
|
|||
#rhbz 1200353
|
||||
Patch26209: 0001-ktime-Fix-ktime_divns-to-do-signed-division.patch
|
||||
|
||||
# Apply queued fixes for crasher reported by Alex Larsson
|
||||
Patch26211: mnt-Fail-collect_mounts-when-applied-to-unmounted-mo.patch
|
||||
Patch26212: fs_pin-Allow-for-the-possibility-that-m_list-or-s_li.patch
|
||||
|
||||
# END OF PATCH DEFINITIONS
|
||||
|
||||
%endif
|
||||
|
@ -1547,6 +1551,10 @@ ApplyPatch sched-always-use-blk_schedule_flush_plug-in-io_sched.patch
|
|||
#rhbz 1200353
|
||||
ApplyPatch 0001-ktime-Fix-ktime_divns-to-do-signed-division.patch
|
||||
|
||||
# Apply queued fixes for crasher reported by Alex Larsson
|
||||
ApplyPatch mnt-Fail-collect_mounts-when-applied-to-unmounted-mo.patch
|
||||
ApplyPatch fs_pin-Allow-for-the-possibility-that-m_list-or-s_li.patch
|
||||
|
||||
# END OF PATCH APPLICATIONS
|
||||
|
||||
%endif
|
||||
|
@ -2358,6 +2366,9 @@ fi
|
|||
# ||----w |
|
||||
# || ||
|
||||
%changelog
|
||||
* Wed May 27 2015 Josh Boyer <jwboyer@fedoraproject.org>
|
||||
- Apply queued fixes for crasher reported by Alex Larsson
|
||||
|
||||
* Tue May 26 2015 Laura Abbott <labbott@fedoraproject.org>
|
||||
- Fix signed division error (rhbz 1200353)
|
||||
|
||||
|
|
|
@ -0,0 +1,48 @@
|
|||
From: "Eric W. Biederman" <ebiederm@xmission.com>
|
||||
Date: Wed, 7 Jan 2015 14:28:26 -0600
|
||||
Subject: [PATCH] mnt: Fail collect_mounts when applied to unmounted mounts
|
||||
|
||||
commit cd4a40174b71acd021877341684d8bb1dc8ea4ae upstream.
|
||||
|
||||
The only users of collect_mounts are in audit_tree.c
|
||||
|
||||
In audit_trim_trees and audit_add_tree_rule the path passed into
|
||||
collect_mounts is generated from kern_path passed an audit_tree
|
||||
pathname which is guaranteed to be an absolute path. In those cases
|
||||
collect_mounts is obviously intended to work on mounted paths and
|
||||
if a race results in paths that are unmounted when collect_mounts
|
||||
it is reasonable to fail early.
|
||||
|
||||
The paths passed into audit_tag_tree don't have the absolute path
|
||||
check. But are used to play with fsnotify and otherwise interact with
|
||||
the audit_trees, so again operating only on mounted paths appears
|
||||
reasonable.
|
||||
|
||||
Avoid having to worry about what happens when we try and audit
|
||||
unmounted filesystems by restricting collect_mounts to mounts
|
||||
that appear in the mount tree.
|
||||
|
||||
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
|
||||
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||||
---
|
||||
fs/namespace.c | 7 +++++--
|
||||
1 file changed, 5 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/fs/namespace.c b/fs/namespace.c
|
||||
index 38ed1e1bed41..13b0f7bfc096 100644
|
||||
--- a/fs/namespace.c
|
||||
+++ b/fs/namespace.c
|
||||
@@ -1709,8 +1709,11 @@ struct vfsmount *collect_mounts(struct path *path)
|
||||
{
|
||||
struct mount *tree;
|
||||
namespace_lock();
|
||||
- tree = copy_tree(real_mount(path->mnt), path->dentry,
|
||||
- CL_COPY_ALL | CL_PRIVATE);
|
||||
+ if (!check_mnt(real_mount(path->mnt)))
|
||||
+ tree = ERR_PTR(-EINVAL);
|
||||
+ else
|
||||
+ tree = copy_tree(real_mount(path->mnt), path->dentry,
|
||||
+ CL_COPY_ALL | CL_PRIVATE);
|
||||
namespace_unlock();
|
||||
if (IS_ERR(tree))
|
||||
return ERR_CAST(tree);
|
Loading…
Reference in New Issue