Skip to content

GitLab

Switch branch/tag
History Find file
Clone
blk-mq: grab rq->refcount before calling ->fn in blk_mq_tagset_busy_iter
Ming Lei authored 
[ Upstream commit 2e315dc0

 ]

Grab rq->refcount before calling ->fn in blk_mq_tagset_busy_iter(), and
this way will prevent the request from being re-used when ->fn is
running. The approach is same as what we do during handling timeout.

Fix request use-after-free(UAF) related with completion race or queue
releasing:

- If one rq is referred before rq->q is frozen, then queue won't be
frozen before the request is released during iteration.

- If one rq is referred after rq->q is frozen, refcount_inc_not_zero()
will return false, and we won't iterate over this request.

However, still one request UAF not covered: refcount_inc_not_zero() may
read one freed request, and it will be handled in next patch.
Tested-by: default avatarJohn Garry <john.garry@huawei.com>
Reviewed-by: default avatarChristoph Hellwig <hch@lst.de>
Reviewed-by: default avatarBart Van Assche <bvanassche@acm.org>
Signed-off-by: default avatarMing Lei <ming.lei@redhat.com>
Link: https://lore...
0c0e6cd5
Name Last commit Last update
Documentation seccomp: Support atomic "addfd + send reply"
LICENSES LICENSES: Add the CC-BY-4.0 license
arch KVM: s390: get rid of register asm usage
block blk-mq: grab rq->refcount before calling ->fn in blk_mq_tagset_busy_iter
certs Merge tag 'kbuild-v5.13-2' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild
crypto crypto: shash - avoid comparing pointers to exported functions under CFI
drivers ACPI: EC: Make more Asus laptops use ECDT _GPE
fs block_dump: remove block_dump feature in mark_inode_dirty()
include seccomp: Support atomic "addfd + send reply"
init sched/core: Initialize the idle task with preemption disabled
ipc ipc/mqueue, msg, sem: avoid relying on a stack reference past its expiry
kernel seccomp: Support atomic "addfd + send reply"
lib lib: vsprintf: Fix handling of number field widths in vsscanf
mm mm/gup: fix try_grab_compound_head() race with split_huge_page()
net SUNRPC: Should wake up the privileged task firstly.
samples Merge tag 'vfio-v5.13-rc5' of git://github.com/awilliam/linux-vfio
scripts Makefile: fix GDB warning with CONFIG_RELR
security ima: Don't remove security.ima if file must not be appraised
sound ALSA: hda/realtek: fix mute led of the HP Pavilion 15-eh1xxx series
tools selftests/resctrl: Fix incorrect parsing of option "-t"
usr .gitignore: prefix local generated files with a slash
virt KVM: do not allow mapping valid but non-reference-counted pages
.clang-format clang-format: Update with the latest for_each macro list
.cocciconfig scripts: add Linux .cocciconfig for coccinelle
.get_maintainer.ignore Opt out of scripts/get_maintainer.pl
.gitattributes .gitattributes: use 'dts' diff driver for dts files
.gitignore .gitignore: ignore only top-level modules.builtin
.mailmap mailmap: add Marek's other e-mail address and identity without diacritics
COPYING COPYING: state that all contributions really are covered by this file
CREDITS MAINTAINERS: move Murali Karicheri to credits
Kbuild kbuild: rename hostprogs-y/always to hostprogs/always-y
Kconfig kbuild: ensure full rebuild when the compiler is updated
MAINTAINERS Merge branch 'akpm' (patches from Andrew)
Makefile Makefile: fix GDB warning with CONFIG_RELR
README Drop all 00-INDEX files from Documentation/
README
Linux kernel
============

There are several guides for kernel developers and users. These guides can
be rendered in a number of formats, like HTML and PDF. Please read
Documentation/admin-guide/README.rst first.

In order to build the documentation, use ``make htmldocs`` or
``make pdfdocs``.  The formatted documentation can also be read online at:

    https://www.kernel.org/doc/html/latest/

There are various text files in the Documentation/ subdirectory,
several of them using the Restructured Text markup notation.

Please read the Documentation/process/changes.rst file, as it contains the
requirements for building and running the kernel, and information about
the problems which may result by upgrading your kernel.