| To: | xfs@xxxxxxxxxxx, linux-fsdevel@xxxxxxxxxxxxxxx |
|---|---|
| Subject: | Re: [PATCH 6/5]: XFS: Prevent use-after-free caused by synchronous inode reclaim |
| From: | Christoph Hellwig <hch@xxxxxxxxxxxxx> |
| Date: | Thu, 9 Oct 2008 03:02:45 -0400 |
| In-reply-to: | <20081009042134.GD9597@disturbed> |
| References: | <1223416332-7026-1-git-send-email-david@fromorbit.com> <20081009042134.GD9597@disturbed> |
| Sender: | xfs-bounce@xxxxxxxxxxx |
| User-agent: | Mutt/1.5.18 (2008-05-17) |
On Thu, Oct 09, 2008 at 03:21:34PM +1100, Dave Chinner wrote:
> Folks,
>
> The following patch fixes a use after free I just found.
> It appears that switching between SLAB and SLUB seems to
> turn off slab/slub memory poisoning, so i d??dn't realise
> I'd be running for some time without poisoning turned on.
> Once I turned poisoning back on I found this use-after-free
> immediately on the first unmount trying to reclaim a clean
> realtime bitmap inode.
>
> With this patch, the netire patchset that I posted yesterday
> passes xfsqa with memory poisoning turned on.
Looks good.
> + XFS_STATS_INC(vn_reclaim);
> + if (xfs_reclaim(ip))
> + panic("%s: cannot reclaim 0x%p\n", __func__, inode);
Eventually we should kill the return value from xfs_reclaim and just put
an assert directly into it. In fact given that xfs_reclaim is quite
OS dependent we might just merge the content directly into
destroy_inode.
|
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | [PATCH 6/5]: XFS: Prevent use-after-free caused by synchronous inode reclaim, Dave Chinner |
|---|---|
| Next by Date: | Re: [PATCH 1/3] kill XFS_LITINO, Christoph Hellwig |
| Previous by Thread: | [PATCH 6/5]: XFS: Prevent use-after-free caused by synchronous inode reclaim, Dave Chinner |
| Next by Thread: | Re: [PATCH 6/5]: XFS: Prevent use-after-free caused by synchronous inode reclaim, Dave Chinner |
| Indexes: | [Date] [Thread] [Top] [All Lists] |