lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 8 May 2009 00:20:06 -0500
From:	Felix Blyakher <felixb@....com>
To:	Eric Sandeen <sandeen@...deen.net>
Cc:	xfs@....sgi.com, kernel-testers@...r.kernel.org,
	linux-kernel@...r.kernel.org, a.beregalov@...il.com
Subject: Re: [PATCH] xfs: fix double unlock in xfs_swap_extents()


On May 7, 2009, at 9:57 PM, Eric Sandeen wrote:

> Felix Blyakher wrote:
>> Regreesion from commit ef8f7fc, which rearranged the code in
>> xfs_swap_extents() leading to double unlock of xfs inode iolock.
>> That resulted in xfs_fsr deadlocking itself on platforms, which
>> don't handle double unlock of rw_semaphore nicely. It caused the
>> count go negative, which represents the write holder, without
>> really having one. ia64 is one of the platforms where deadlock
>> was easily reproduced and the fix was tested.
>>
>> Signed-off-by: Felix Blyakher <felixb@....com>
>
> Also-written-by: Eric Sandeen <sandeen@...deen.net>
> Independently-arrived-at-by: Eric Sandeen <sandeen@...deen.net>

That would make it: Signed-off-by: Eric Sandeen <sandeen@...deen.net> :)

> ;)
>
> But seriously ...

Seriously.

Felix

>
>
> Reviewed-by: Eric Sandeen <sandeen@...deen.net>
>
>> ---
>> fs/xfs/xfs_dfrag.c |    8 +++++---
>> 1 files changed, 5 insertions(+), 3 deletions(-)
>>
>> diff --git a/fs/xfs/xfs_dfrag.c b/fs/xfs/xfs_dfrag.c
>> index e6d839b..7465f9e 100644
>> --- a/fs/xfs/xfs_dfrag.c
>> +++ b/fs/xfs/xfs_dfrag.c
>> @@ -347,13 +347,15 @@ xfs_swap_extents(
>>
>> 	error = xfs_trans_commit(tp, XFS_TRANS_SWAPEXT);
>>
>> -out_unlock:
>> -	xfs_iunlock(ip,  XFS_ILOCK_EXCL | XFS_IOLOCK_EXCL);
>> -	xfs_iunlock(tip, XFS_ILOCK_EXCL | XFS_IOLOCK_EXCL);
>> out:
>> 	kmem_free(tempifp);
>> 	return error;
>>
>> +out_unlock:
>> +	xfs_iunlock(ip,  XFS_ILOCK_EXCL | XFS_IOLOCK_EXCL);
>> +	xfs_iunlock(tip, XFS_ILOCK_EXCL | XFS_IOLOCK_EXCL);
>> +	goto out;
>> +
>> out_trans_cancel:
>> 	xfs_trans_cancel(tp, 0);
>> 	goto out_unlock;
>
> --
> To unsubscribe from this list: send the line "unsubscribe linux- 
> kernel" in
> the body of a message to majordomo@...r.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at  http://www.tux.org/lkml/

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ