Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp4557701imu; Tue, 29 Jan 2019 03:46:10 -0800 (PST) X-Google-Smtp-Source: ALg8bN7HiBcX3HnwovZd39cCf8R9dGqOx9Lq+Ghyq5px8h+NfTd87lYuxP6ezVY6XcpeJ4vPKwY7 X-Received: by 2002:a63:b94c:: with SMTP id v12mr23323888pgo.221.1548762370890; Tue, 29 Jan 2019 03:46:10 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1548762370; cv=none; d=google.com; s=arc-20160816; b=ViE4N9JAdme3ZqFiuUvMF67jPge90v6FMxdM3Co+YnMlH4tR6xovs0gbPGsVIpZ0Ml QUbBB+B/OU+Eyoh5uy1OabMP3iOyCUZN03p2kYGY0O6ByNp1+zKxeqTo7SBjZQ2it66q hp7VpXnu1YIj8kiWXy4CN+XWIfE368Q2xc62E6OOZSw0yZ8nVFeRl34qQN+RO4mE9BPj XhQUDptbkn+/NyHh9jBNT08Tqdjg/fUjrhV+F6FHuD+KV7ayi1b1xZV+eB7OPdg/m4zM CgrjtQbaFS9Yrn2927HXLbwqPVGJthY18Uea5GkijJO81kfcRkIcPDuTRuOLBPUgJ1ub 6ctw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=Y6vkB35/ERDJDVFwTsAGZhmWJBcxSED6zmIY31QIdqY=; b=hCA6a9BQVvZM/hJD20ilUNCiXAPvVg0VQFJBzHWXCjLk7GO+/sQRy8oiG/CYUsmKvS u/JaMw4Jq7qhiqykM//KGl+OlFfYohvBQby7wJ7rhiMQClR5L+XD46W2RlUFjlXSH/VX UNiklIvMX3qHk3bGPz76rnBKPlbLTBwH0J4pveptjKMKp5rdoKypFQ/9CCapIi9Yn7eP Aw811pu7FFE/47yP8gR44+hSGu2cot60o4gCkPqSO7hBpRb/MJJDukulcDZoCfaOdMAs 6OV7O6l4C0fh0xVjRBNt6TnYL544UROoGI8U2m+E4o/yb2ocR6kzboEYihaVd9TBx5O4 bHFw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=i33xtBOs; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id s2si35978672pgr.285.2019.01.29.03.45.55; Tue, 29 Jan 2019 03:46:10 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=i33xtBOs; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729567AbfA2LpK (ORCPT + 99 others); Tue, 29 Jan 2019 06:45:10 -0500 Received: from mail.kernel.org ([198.145.29.99]:35496 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729530AbfA2LpD (ORCPT ); Tue, 29 Jan 2019 06:45:03 -0500 Received: from localhost (5356596B.cm-6-7b.dynamic.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 3C3C220882; Tue, 29 Jan 2019 11:45:02 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1548762302; bh=khrKJE3QI547w6xfLR8ci5KPXaUt/pOpkWFmDJPI9yo=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=i33xtBOsZ4guO3SC7G4i4GHCYJCtJ/moC14TTE4oFFXzXjSKQ3/ta41rmJEfCVUZA 7ruHPKOq2oD0EWttPMrnT5RxoRDoiPc6MPXfHSSGyLpqC5cRcxkJTB+ujdJxG/66Jp AWl34JHgZiIYSZmCB3ZkHR8O7th1YUos28eOB4Ho= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, "Yan, Zheng" , Luis Henriques , Ilya Dryomov Subject: [PATCH 4.19 027/103] ceph: clear inode pointer when snap realm gets dropped by its inode Date: Tue, 29 Jan 2019 12:35:04 +0100 Message-Id: <20190129113201.216709806@linuxfoundation.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20190129113159.567154026@linuxfoundation.org> References: <20190129113159.567154026@linuxfoundation.org> User-Agent: quilt/0.65 X-stable: review X-Patchwork-Hint: ignore MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org 4.19-stable review patch. If anyone has any objections, please let me know. ------------------ From: Yan, Zheng commit d95e674c01cfb5461e8b9fdeebf6d878c9b80b2f upstream. snap realm and corresponding inode have pointers to each other. The two pointer should get clear at the same time. Otherwise, snap realm's pointer may reference freed inode. Cc: stable@vger.kernel.org # 4.17+ Signed-off-by: "Yan, Zheng" Reviewed-by: Luis Henriques Signed-off-by: Ilya Dryomov Signed-off-by: Greg Kroah-Hartman --- fs/ceph/caps.c | 2 ++ 1 file changed, 2 insertions(+) --- a/fs/ceph/caps.c +++ b/fs/ceph/caps.c @@ -1030,6 +1030,8 @@ static void drop_inode_snap_realm(struct list_del_init(&ci->i_snap_realm_item); ci->i_snap_realm_counter++; ci->i_snap_realm = NULL; + if (realm->ino == ci->i_vino.ino) + realm->inode = NULL; spin_unlock(&realm->inodes_with_caps_lock); ceph_put_snap_realm(ceph_sb_to_client(ci->vfs_inode.i_sb)->mdsc, realm);