Received: by 2002:a05:6a10:16a7:0:0:0:0 with SMTP id gp39csp3847549pxb; Tue, 17 Nov 2020 05:18:14 -0800 (PST) X-Google-Smtp-Source: ABdhPJyVxDnenqHHGjiTYXMIpLANxBxKuiAUsZDTFhUH7RUZXxfH57pEvZh1Ipa5QspEPo5rddPX X-Received: by 2002:a17:906:3daa:: with SMTP id y10mr18844336ejh.23.1605619094052; Tue, 17 Nov 2020 05:18:14 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1605619094; cv=none; d=google.com; s=arc-20160816; b=X1Oz35mtsKzDFuCxHG8NfyUbawGfCR2XYyxAVz6Jf4r2DBCV/ij3Tach/zkunu9z6e 0Z8mF9ImdEitpqc7MdnX1AAXbS7yWBu4iewMGjzTrsH11B6ZmEA7liYci3huFqRqKxFf VZJGkya8YwIccZymeJNKniv5sjV9bSOPef50SM8veWT2N+RmPoraHxQ7kcbrmxrOWRiE 1+YAivczg6RGPe/FbWK7P5mlWdIP2rzF+B9ddkr2vKhaWvi2N6s6suIpWXo9Yh0bXZ4j vAO+dT6nQcj+V5rvRbyMQZorovipszKMNYmQiaG4h5jkZj0mSLLnFQZ7QVLbOclAUyY/ psgQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=75bLeX+UAZcTTB91iOgEnjUqK4VHtZrtujHaCEgUZfE=; b=twYJbA4iWV0zrQcSL4hqGh33fLpmXsGHLZt08vMMQd/OAe4IY6UiB/nTRPK0CQ7+QX 94BCivRs87n70c2Fu6+YuAbLynBZGLAPFGzL8O7jBRsT+4g25xj6cmuYo9jdLSIQeNcY RakmhJbM6LlGGceBLT/gPdIdtFAB5pYbVrU15pkw14CYc10+W0NLC4NvoypHFCaTedOF eRUg/d3GFwABdJtIMgsclcH3OErUFtDpnsQ3nG4/gWG5Iu3DUoMwbz9RmoKAs63WgCie vDf7WWpqfGIV89UAyqI6vrMw0ncv7DfkOnos4+qcv4ivzToEm4pySuuVLs3rRXJ+fBje 2FZA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=y0fM6Hzs; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id dm21si13670159edb.492.2020.11.17.05.17.50; Tue, 17 Nov 2020 05:18:14 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=y0fM6Hzs; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730008AbgKQNOH (ORCPT + 99 others); Tue, 17 Nov 2020 08:14:07 -0500 Received: from mail.kernel.org ([198.145.29.99]:44600 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729985AbgKQNOD (ORCPT ); Tue, 17 Nov 2020 08:14:03 -0500 Received: from localhost (83-86-74-64.cable.dynamic.v4.ziggo.nl [83.86.74.64]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 90BF22151B; Tue, 17 Nov 2020 13:14:00 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1605618841; bh=7QVeMpI2+iAP18908zHnxBg2IE3anftp/HX4JK2Uquo=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=y0fM6HzsmQP0QLhshjIT0gdx/2MhepngUXJYK63noWldYVOSRUXqK5pU1nuq/N+9K pzfi+MpGPNbU7haqmsEI4lQiUJWRLnXvlyQXpVVN5mgiOF9ryL+dFjnPMftypBY6U2 hBhN26jmasumGTpYYuwrCrf4sHIc2LPQJQlq+u1E= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Bob Peterson , Andreas Gruenbacher , Sasha Levin Subject: [PATCH 4.14 25/85] gfs2: Add missing truncate_inode_pages_final for sd_aspace Date: Tue, 17 Nov 2020 14:04:54 +0100 Message-Id: <20201117122112.266007903@linuxfoundation.org> X-Mailer: git-send-email 2.29.2 In-Reply-To: <20201117122111.018425544@linuxfoundation.org> References: <20201117122111.018425544@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Bob Peterson [ Upstream commit a9dd945ccef07a904e412f208f8de708a3d7159e ] Gfs2 creates an address space for its rgrps called sd_aspace, but it never called truncate_inode_pages_final on it. This confused vfs greatly which tried to reference the address space after gfs2 had freed the superblock that contained it. This patch adds a call to truncate_inode_pages_final for sd_aspace, thus avoiding the use-after-free. Signed-off-by: Bob Peterson Signed-off-by: Andreas Gruenbacher Signed-off-by: Sasha Levin --- fs/gfs2/super.c | 1 + 1 file changed, 1 insertion(+) diff --git a/fs/gfs2/super.c b/fs/gfs2/super.c index c3f3f1ae4e1b7..639e2c86758a4 100644 --- a/fs/gfs2/super.c +++ b/fs/gfs2/super.c @@ -924,6 +924,7 @@ restart: gfs2_jindex_free(sdp); /* Take apart glock structures and buffer lists */ gfs2_gl_hash_clear(sdp); + truncate_inode_pages_final(&sdp->sd_aspace); gfs2_delete_debugfs_file(sdp); /* Unmount the locking protocol */ gfs2_lm_unmount(sdp); -- 2.27.0