diff options
| author | Bob Peterson <rpeterso@redhat.com> | 2019-11-14 17:49:11 +0300 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2019-12-17 22:40:01 +0300 |
| commit | cb9e778a29b803402ef7451451063d11f583c598 (patch) | |
| tree | 4638f7f61ddab97851b11af4c6044cc31b86ff83 /fs/gfs2/log.c | |
| parent | 6360d971e40fe56e6c945d17972d69c69194c4d8 (diff) | |
| download | linux-cb9e778a29b803402ef7451451063d11f583c598.tar.xz | |
gfs2: fix glock reference problem in gfs2_trans_remove_revoke
[ Upstream commit fe5e7ba11fcf1d75af8173836309e8562aefedef ]
Commit 9287c6452d2b fixed a situation in which gfs2 could use a glock
after it had been freed. To do that, it temporarily added a new glock
reference by calling gfs2_glock_hold in function gfs2_add_revoke.
However, if the bd element was removed by gfs2_trans_remove_revoke, it
failed to drop the additional reference.
This patch adds logic to gfs2_trans_remove_revoke to properly drop the
additional glock reference.
Fixes: 9287c6452d2b ("gfs2: Fix occasional glock use-after-free")
Cc: stable@vger.kernel.org # v5.2+
Signed-off-by: Bob Peterson <rpeterso@redhat.com>
Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Diffstat (limited to 'fs/gfs2/log.c')
| -rw-r--r-- | fs/gfs2/log.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/fs/gfs2/log.c b/fs/gfs2/log.c index 483b82e2be92..a3208511f35a 100644 --- a/fs/gfs2/log.c +++ b/fs/gfs2/log.c @@ -594,6 +594,14 @@ void gfs2_add_revoke(struct gfs2_sbd *sdp, struct gfs2_bufdata *bd) list_add(&bd->bd_list, &sdp->sd_log_le_revoke); } +void gfs2_glock_remove_revoke(struct gfs2_glock *gl) +{ + if (atomic_dec_return(&gl->gl_revokes) == 0) { + clear_bit(GLF_LFLUSH, &gl->gl_flags); + gfs2_glock_queue_put(gl); + } +} + void gfs2_write_revokes(struct gfs2_sbd *sdp) { struct gfs2_trans *tr; |