From: Greg Kroah-Hartman Date: Wed, 8 Jul 2015 21:48:45 +0000 (-0700) Subject: 3.10-stable patches X-Git-Tag: v4.0.8~5 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=217d1be4396348cf6793c790eb8ddcecf7568f0a;p=thirdparty%2Fkernel%2Fstable-queue.git 3.10-stable patches added patches: ufs-fix-possible-deadlock-when-looking-up-directories.patch ufs-fix-warning-from-unlock_new_inode.patch --- diff --git a/queue-3.10/series b/queue-3.10/series index 80d6274bf27..12f82b574cd 100644 --- a/queue-3.10/series +++ b/queue-3.10/series @@ -12,3 +12,5 @@ x86-pci-use-host-bridge-_crs-info-on-foxconn-k8m890-8237a.patch mips-fix-kvm-guest-fixmap-address.patch kvm-x86-make-vapics_in_nmi_mode-atomic.patch fs-fix-s_nosec-handling.patch +ufs-fix-warning-from-unlock_new_inode.patch +ufs-fix-possible-deadlock-when-looking-up-directories.patch diff --git a/queue-3.10/ufs-fix-possible-deadlock-when-looking-up-directories.patch b/queue-3.10/ufs-fix-possible-deadlock-when-looking-up-directories.patch new file mode 100644 index 00000000000..3362d526aaf --- /dev/null +++ b/queue-3.10/ufs-fix-possible-deadlock-when-looking-up-directories.patch @@ -0,0 +1,41 @@ +From 514d748f69c97a51a2645eb198ac5c6218f22ff9 Mon Sep 17 00:00:00 2001 +From: Jan Kara +Date: Tue, 2 Jun 2015 11:26:34 +0200 +Subject: ufs: Fix possible deadlock when looking up directories + +From: Jan Kara + +commit 514d748f69c97a51a2645eb198ac5c6218f22ff9 upstream. + +Commit e4502c63f56aeca88 (ufs: deal with nfsd/iget races) made ufs +create inodes with I_NEW flag set. However ufs_mkdir() never cleared +this flag. Thus if someone ever tried to lookup the directory by inode +number, he would deadlock waiting for I_NEW to be cleared. Luckily this +mostly happens only if the filesystem is exported over NFS since +otherwise we have the inode attached to dentry and don't look it up by +inode number. In rare cases dentry can get freed without inode being +freed and then we'd hit the deadlock even without NFS export. + +Fix the problem by clearing I_NEW before instantiating new directory +inode. + +Fixes: e4502c63f56aeca887ced37f24e0def1ef11cec8 +Reported-by: Fabian Frederick +Signed-off-by: Jan Kara +Signed-off-by: Al Viro +Signed-off-by: Greg Kroah-Hartman + +--- + fs/ufs/namei.c | 1 + + 1 file changed, 1 insertion(+) + +--- a/fs/ufs/namei.c ++++ b/fs/ufs/namei.c +@@ -209,6 +209,7 @@ static int ufs_mkdir(struct inode * dir, + goto out_fail; + unlock_ufs(dir->i_sb); + ++ unlock_new_inode(inode); + d_instantiate(dentry, inode); + out: + return err; diff --git a/queue-3.10/ufs-fix-warning-from-unlock_new_inode.patch b/queue-3.10/ufs-fix-warning-from-unlock_new_inode.patch new file mode 100644 index 00000000000..f05f9b5dcd2 --- /dev/null +++ b/queue-3.10/ufs-fix-warning-from-unlock_new_inode.patch @@ -0,0 +1,42 @@ +From 12ecbb4b1d765a5076920999298d9625439dbe58 Mon Sep 17 00:00:00 2001 +From: Jan Kara +Date: Mon, 1 Jun 2015 14:52:04 +0200 +Subject: ufs: Fix warning from unlock_new_inode() + +From: Jan Kara + +commit 12ecbb4b1d765a5076920999298d9625439dbe58 upstream. + +Commit e4502c63f56aeca88 (ufs: deal with nfsd/iget races) introduced +unlock_new_inode() call into ufs_add_nondir(). However that function +gets called also from ufs_link() which hands it already initialized +inode and thus unlock_new_inode() complains. The problem is harmless but +annoying. + +Fix the problem by opencoding necessary stuff in ufs_link() + +Fixes: e4502c63f56aeca887ced37f24e0def1ef11cec8 +Signed-off-by: Jan Kara +Signed-off-by: Al Viro +Signed-off-by: Greg Kroah-Hartman + +--- + fs/ufs/namei.c | 7 ++++++- + 1 file changed, 6 insertions(+), 1 deletion(-) + +--- a/fs/ufs/namei.c ++++ b/fs/ufs/namei.c +@@ -171,7 +171,12 @@ static int ufs_link (struct dentry * old + inode_inc_link_count(inode); + ihold(inode); + +- error = ufs_add_nondir(dentry, inode); ++ error = ufs_add_link(dentry, inode); ++ if (error) { ++ inode_dec_link_count(inode); ++ iput(inode); ++ } else ++ d_instantiate(dentry, inode); + unlock_ufs(dir->i_sb); + return error; + }