From: Greg Kroah-Hartman Date: Wed, 22 Nov 2017 08:39:03 +0000 (+0100) Subject: 3.18-stable patches X-Git-Tag: v3.18.84~16 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=2fb53897dff0c8b840a66c6d0c96ddf221a2cc9d;p=thirdparty%2Fkernel%2Fstable-queue.git 3.18-stable patches added patches: ipmi-fix-unsigned-long-underflow.patch ocfs2-should-wait-dio-before-inode-lock-in-ocfs2_setattr.patch --- diff --git a/queue-3.18/ipmi-fix-unsigned-long-underflow.patch b/queue-3.18/ipmi-fix-unsigned-long-underflow.patch new file mode 100644 index 00000000000..95e0736d1e2 --- /dev/null +++ b/queue-3.18/ipmi-fix-unsigned-long-underflow.patch @@ -0,0 +1,63 @@ +From 392a17b10ec4320d3c0e96e2a23ebaad1123b989 Mon Sep 17 00:00:00 2001 +From: Corey Minyard +Date: Sat, 29 Jul 2017 21:14:55 -0500 +Subject: ipmi: fix unsigned long underflow + +From: Corey Minyard + +commit 392a17b10ec4320d3c0e96e2a23ebaad1123b989 upstream. + +When I set the timeout to a specific value such as 500ms, the timeout +event will not happen in time due to the overflow in function +check_msg_timeout: +... + ent->timeout -= timeout_period; + if (ent->timeout > 0) + return; +... + +The type of timeout_period is long, but ent->timeout is unsigned long. +This patch makes the type consistent. + +Reported-by: Weilong Chen +Signed-off-by: Corey Minyard +Tested-by: Weilong Chen +Signed-off-by: Greg Kroah-Hartman + +--- + drivers/char/ipmi/ipmi_msghandler.c | 10 ++++++---- + 1 file changed, 6 insertions(+), 4 deletions(-) + +--- a/drivers/char/ipmi/ipmi_msghandler.c ++++ b/drivers/char/ipmi/ipmi_msghandler.c +@@ -4010,7 +4010,8 @@ smi_from_recv_msg(ipmi_smi_t intf, struc + } + + static void check_msg_timeout(ipmi_smi_t intf, struct seq_table *ent, +- struct list_head *timeouts, long timeout_period, ++ struct list_head *timeouts, ++ unsigned long timeout_period, + int slot, unsigned long *flags, + unsigned int *waiting_msgs) + { +@@ -4023,8 +4024,8 @@ static void check_msg_timeout(ipmi_smi_t + if (!ent->inuse) + return; + +- ent->timeout -= timeout_period; +- if (ent->timeout > 0) { ++ if (timeout_period < ent->timeout) { ++ ent->timeout -= timeout_period; + (*waiting_msgs)++; + return; + } +@@ -4091,7 +4092,8 @@ static void check_msg_timeout(ipmi_smi_t + } + } + +-static unsigned int ipmi_timeout_handler(ipmi_smi_t intf, long timeout_period) ++static unsigned int ipmi_timeout_handler(ipmi_smi_t intf, ++ unsigned long timeout_period) + { + struct list_head timeouts; + struct ipmi_recv_msg *msg, *msg2; diff --git a/queue-3.18/ocfs2-should-wait-dio-before-inode-lock-in-ocfs2_setattr.patch b/queue-3.18/ocfs2-should-wait-dio-before-inode-lock-in-ocfs2_setattr.patch new file mode 100644 index 00000000000..079b597e5ff --- /dev/null +++ b/queue-3.18/ocfs2-should-wait-dio-before-inode-lock-in-ocfs2_setattr.patch @@ -0,0 +1,82 @@ +From 28f5a8a7c033cbf3e32277f4cc9c6afd74f05300 Mon Sep 17 00:00:00 2001 +From: alex chen +Date: Wed, 15 Nov 2017 17:31:40 -0800 +Subject: ocfs2: should wait dio before inode lock in ocfs2_setattr() + +From: alex chen + +commit 28f5a8a7c033cbf3e32277f4cc9c6afd74f05300 upstream. + +we should wait dio requests to finish before inode lock in +ocfs2_setattr(), otherwise the following deadlock will happen: + +process 1 process 2 process 3 +truncate file 'A' end_io of writing file 'A' receiving the bast messages +ocfs2_setattr + ocfs2_inode_lock_tracker + ocfs2_inode_lock_full + inode_dio_wait + __inode_dio_wait + -->waiting for all dio + requests finish + dlm_proxy_ast_handler + dlm_do_local_bast + ocfs2_blocking_ast + ocfs2_generic_handle_bast + set OCFS2_LOCK_BLOCKED flag + dio_end_io + dio_bio_end_aio + dio_complete + ocfs2_dio_end_io + ocfs2_dio_end_io_write + ocfs2_inode_lock + __ocfs2_cluster_lock + ocfs2_wait_for_mask + -->waiting for OCFS2_LOCK_BLOCKED + flag to be cleared, that is waiting + for 'process 1' unlocking the inode lock + inode_dio_end + -->here dec the i_dio_count, but will never + be called, so a deadlock happened. + +Link: http://lkml.kernel.org/r/59F81636.70508@huawei.com +Signed-off-by: Alex Chen +Reviewed-by: Jun Piao +Reviewed-by: Joseph Qi +Acked-by: Changwei Ge +Cc: Mark Fasheh +Cc: Joel Becker +Cc: Junxiao Bi +Signed-off-by: Andrew Morton +Signed-off-by: Linus Torvalds +Signed-off-by: Greg Kroah-Hartman + +--- + fs/ocfs2/file.c | 9 +++++++-- + 1 file changed, 7 insertions(+), 2 deletions(-) + +--- a/fs/ocfs2/file.c ++++ b/fs/ocfs2/file.c +@@ -1151,6 +1151,13 @@ int ocfs2_setattr(struct dentry *dentry, + dquot_initialize(inode); + size_change = S_ISREG(inode->i_mode) && attr->ia_valid & ATTR_SIZE; + if (size_change) { ++ /* ++ * Here we should wait dio to finish before inode lock ++ * to avoid a deadlock between ocfs2_setattr() and ++ * ocfs2_dio_end_io_write() ++ */ ++ inode_dio_wait(inode); ++ + status = ocfs2_rw_lock(inode, 1); + if (status < 0) { + mlog_errno(status); +@@ -1170,8 +1177,6 @@ int ocfs2_setattr(struct dentry *dentry, + if (status) + goto bail_unlock; + +- inode_dio_wait(inode); +- + if (i_size_read(inode) >= attr->ia_size) { + if (ocfs2_should_order_data(inode)) { + status = ocfs2_begin_ordered_truncate(inode, diff --git a/queue-3.18/series b/queue-3.18/series index 40bd8a5c555..198c38672f0 100644 --- a/queue-3.18/series +++ b/queue-3.18/series @@ -7,3 +7,5 @@ fealnx-fix-building-error-on-mips.patch af_netlink-ensure-that-nlmsg_done-never-fails-in-dumps.patch vlan-fix-a-use-after-free-in-vlan_device_event.patch ima-do-not-update-security.ima-if-appraisal-status-is-not-integrity_pass.patch +ocfs2-should-wait-dio-before-inode-lock-in-ocfs2_setattr.patch +ipmi-fix-unsigned-long-underflow.patch