Dave Wysochanski ad56882f0c cifs: Fix cifsInodeInfo lock_sem deadlock when reconnect occurs ... [ Upstream commit d46b0da7a33dd8c99d969834f682267a45444ab3 ] There's a deadlock that is possible and can easily be seen with a test where multiple readers open/read/close of the same file and a disruption occurs causing reconnect. The deadlock is due a reader thread inside cifs_strict_readv calling down_read and obtaining lock_sem, and then after reconnect inside cifs_reopen_file calling down_read a second time. If in between the two down_read calls, a down_write comes from another process, deadlock occurs. CPU0 CPU1 ---- ---- cifs_strict_readv() down_read(&cifsi->lock_sem); _cifsFileInfo_put OR cifs_new_fileinfo down_write(&cifsi->lock_sem); cifs_reopen_file() down_read(&cifsi->lock_sem); Fix the above by changing all down_write(lock_sem) calls to down_write_trylock(lock_sem)/msleep() loop, which in turn makes the second down_read call benign since it will never block behind the writer while holding lock_sem. Signed-off-by: Dave Wysochanski <dwysocha@redhat.com> Suggested-by: Ronnie Sahlberg <lsahlber@redhat.com> Reviewed--by: Ronnie Sahlberg <lsahlber@redhat.com> Reviewed-by: Pavel Shilovsky <pshilov@microsoft.com> Signed-off-by: Sasha Levin <sashal@kernel.org>		2019-11-10 11:21:10 +01:00
..
9p	9p: avoid attaching writeback_fid on mmap with type PRIVATE	2019-10-17 13:40:54 -07:00
adfs	fs/adfs: super: fix use-after-free bug	2019-08-06 18:28:26 +02:00
affs	affs_lookup(): close a race with affs_remove_link()	2018-05-30 07:48:51 +02:00
afs	afs: Fix afs_kill_pages()	2017-12-20 10:04:56 +01:00
autofs4	autofs: fix error return in autofs_fill_super()	2019-03-23 08:44:27 +01:00
befs
bfs	bfs: add sanity check at bfs_fill_super()	2018-12-01 09:46:33 +01:00
btrfs	btrfs: block-group: Fix a memory leak due to missing btrfs_put_block_group()	2019-10-29 09:13:30 +01:00
cachefiles	fscache, cachefiles: remove redundant variable 'cache'	2018-12-17 21:55:12 +01:00
ceph	ceph: fix directories inode i_blkbits initialization	2019-10-17 13:40:55 -07:00
cifs	cifs: Fix cifsInodeInfo lock_sem deadlock when reconnect occurs	2019-11-10 11:21:10 +01:00
coda	coda: add error handling for fget	2019-08-06 18:28:27 +02:00
configfs	configfs: Fix use-after-free when accessing sd->s_dentry	2019-06-22 08:18:26 +02:00
cramfs	Cramfs: fix abad comparison when wrap-arounds occur	2018-11-21 09:27:37 +01:00
debugfs	debugfs: fix use-after-free on symlink traversal	2019-05-16 19:45:01 +02:00
devpts
dlm	dlm: Don't swamp the CPU with callbacks queued during recovery	2019-02-20 10:13:04 +01:00
ecryptfs	eCryptfs: fix a couple type promotion bugs	2019-08-04 09:34:53 +02:00
efivarfs
efs
exofs	fs/exofs: fix potential memory leak in mount option parsing	2018-11-27 16:08:00 +01:00
exportfs	exportfs: do not read dentry after free	2018-12-17 21:55:10 +01:00
ext2	ext2: Fix underflow in ext2_max_size()	2019-03-23 08:44:36 +01:00
ext4	ext4: fix punch hole for inline_data file systems	2019-10-05 12:27:54 +02:00
f2fs	f2fs: fix to do sanity check on segment bitmap of LFS curseg	2019-10-05 12:27:40 +02:00
fat	fat: work around race with userspace's read via blockdev while mounting	2019-10-07 21:01:02 +02:00
freevxfs
fscache	fscache: fix race between enablement and dropping of object	2018-12-17 21:55:11 +01:00
fuse	fuse: truncate pending writes on O_TRUNC	2019-11-06 12:09:18 +01:00
gfs2	GFS2: don't set rgrp gl_object until it's inserted into rgrp tree	2019-09-06 10:18:11 +02:00
hfs	hfs: do not free node before using	2018-12-17 21:55:12 +01:00
hfsplus	hfsplus: do not free node before using	2018-12-17 21:55:12 +01:00
hostfs
hpfs
hugetlbfs	hugetlb: use same fault hash key for shared and private mappings	2019-06-11 12:23:52 +02:00
isofs	isofs: fix timestamps beyond 2027	2017-11-30 08:37:20 +00:00
jbd2	jbd2: fix compile warning when using JBUFFER_TRACE	2019-03-23 08:44:37 +01:00
jffs2	jffs2: fix use-after-free on symlink traversal	2019-05-16 19:45:01 +02:00
jfs	jfs: Fix inconsistency between memory allocation and ea_buf->max_size	2018-08-09 12:19:28 +02:00
kernfs	kernfs: Replace strncpy with memcpy	2018-12-13 09:21:29 +01:00
lockd	lockd: fix access beyond unterminated strings in prints	2018-11-21 09:27:36 +01:00
logfs
minix
ncpfs	ncpfs: fix build warning of strncpy	2019-03-23 08:44:21 +01:00
nfs	NFSv4: Fix leak of clp->cl_acceptor string	2019-11-06 12:09:16 +01:00
nfs_common	lockd: fix "list_add double add" caused by legacy signal interface	2018-02-03 17:04:28 +01:00
nfsd	nfsd: Fix overflow causing non-working mounts on 1 TB machines	2019-08-04 09:34:55 +02:00
nilfs2	do d_instantiate/unlock_new_inode combinations safely	2018-05-30 07:48:52 +02:00
nls
notify	fanotify: fix logic of events on child	2018-04-24 09:32:11 +02:00
ntfs
ocfs2	fs: ocfs2: fix a possible null-pointer dereference in ocfs2_info_scan_inode_alloc()	2019-11-06 12:09:15 +01:00
omfs
openpromfs
overlayfs	ovl: filter of trusted xattr results in audit	2019-10-05 12:27:56 +02:00
proc	coredump: fix race condition between mmget_not_zero()/get_task_mm() and core dumping	2019-06-22 08:18:27 +02:00
pstore	pstore/ram: Do not treat empty buffers as valid	2019-01-26 09:42:53 +01:00
qnx4
qnx6
quota	fs/quota: Fix spectre gadget in do_quotactl	2018-09-09 20:04:36 +02:00
ramfs
reiserfs	reiserfs: propagate errors from fill_with_dentries() properly	2018-11-27 16:08:00 +01:00
romfs	romfs: use different way to generate fsid for BLOCK or MTD	2017-06-17 06:39:38 +02:00
squashfs	squashfs: more metadata hardenings	2018-08-06 16:24:42 +02:00
sysfs	scsi: sysfs: Introduce sysfs_{un,}break_active_protection()	2018-09-05 09:18:40 +02:00
sysv	sysv: return 'err' instead of 0 in __sysv_write_inode	2018-12-17 21:55:09 +01:00
tracefs
ubifs	ubifs: Check for name being NULL while mounting	2018-10-13 09:11:34 +02:00
udf	udf: Fix incorrect final NOT_ALLOCATED (hole) extent length	2019-07-21 09:07:08 +02:00
ufs	ufs: fix braino in ufs_get_inode_gid() for solaris UFS flavour	2019-06-11 12:23:49 +02:00
xfs	xfs: Correctly invert xfs_buftarg LRU isolation logic	2019-11-06 12:09:25 +01:00
aio.c	aio: fix spectre gadget in lookup_ioctx	2018-12-21 14:09:50 +01:00
anon_inodes.c
attr.c
bad_inode.c
binfmt_aout.c
binfmt_elf.c	binfmt_elf: switch to new creds when switching to new mm	2019-04-27 09:33:53 +02:00
binfmt_elf_fdpic.c
binfmt_em86.c
binfmt_flat.c	fs/binfmt_flat.c: make load_flat_shared_library() work	2019-07-10 09:56:30 +02:00
binfmt_misc.c	fs/binfmt_misc.c: do not allow offset overflow	2018-07-03 11:21:26 +02:00
binfmt_script.c	exec: load_script: Do not exec truncated interpreter path	2019-11-06 12:09:12 +01:00
block_dev.c	fs/block_dev: always invalidate cleancache in invalidate_bdev()	2017-05-20 14:27:01 +02:00
buffer.c	fs: fix guard_bio_eod to check for real EOD errors	2019-04-27 09:33:49 +02:00
char_dev.c	chardev: add additional check for minor range overlap	2019-06-11 12:24:03 +02:00
compat.c
compat_binfmt_elf.c	binfmt_elf: compat: avoid unused function warning	2018-02-25 11:03:51 +01:00
compat_ioctl.c	compat_ioctl: pppoe: fix PPPOEIOCSFWD handling	2019-08-11 12:20:46 +02:00
coredump.c	coredump: Ensure proper size of sparse core files	2017-07-05 14:37:20 +02:00
dax.c
dcache.c	Hang/soft lockup in d_invalidate with simultaneous calls	2019-04-03 06:23:19 +02:00
dcookies.c
direct-io.c	direct-io: Prevent NULL pointer access in submit_page_section	2017-10-18 09:20:42 +02:00
drop_caches.c	fs/drop_caches.c: avoid softlockups in drop_pagecache_sb()	2019-03-23 08:44:26 +01:00
eventfd.c
eventpoll.c	fs/epoll: drop ovflist branch prediction	2019-02-20 10:13:14 +01:00
exec.c	sched/fair: Don't free p->numa_faults with concurrent readers	2019-08-04 09:35:02 +02:00
fcntl.c	fs/fcntl: f_setown, avoid undefined behaviour	2018-01-31 12:06:11 +01:00
fhandle.c
file.c	fs/file.c: initialize init_files.resize_wait	2019-04-27 09:33:49 +02:00
file_table.c
filesystems.c
fs-writeback.c	fs/writeback.c: use rcu_barrier() to wait for inflight wb switches going into workqueue when umount	2019-06-11 12:23:41 +02:00
fs_pin.c
fs_struct.c
inode.c	Abort file_remove_privs() for non-reg. files	2019-06-22 08:18:27 +02:00
internal.h
ioctl.c
Kconfig
Kconfig.binfmt
libfs.c
locks.c	locks: don't check for race with close when setting OFD lock	2018-01-17 09:35:27 +01:00
Makefile
mbcache.c
mount.h	mnt: In propgate_umount handle visiting mounts in any order	2017-07-21 07:44:57 +02:00
mpage.c	fs: add i_blocksize()	2017-06-14 13:16:24 +02:00
namei.c	namei: allow restricted O_CREAT of FIFOs and regular files	2018-12-01 09:46:41 +01:00
namespace.c	mount: Prevent MNT_DETACH from disconnecting locked mounts	2018-11-21 09:27:44 +01:00
no-block.c
nsfs.c	nsfs: mark dentry with DCACHE_RCUACCESS	2018-02-16 20:09:43 +01:00
open.c	access: avoid the RCU grace period for the temporary subjective credentials	2019-08-04 09:35:01 +02:00
pipe.c	pipe: cap initial pipe capacity according to pipe-max-size limit	2018-05-26 08:48:51 +02:00
pnode.c	mnt: Make propagate_umount less slow for overlapping mount propagation trees	2017-07-21 07:44:58 +02:00
pnode.h	mnt: Add a per mount namespace limit on the number of mounts	2017-04-30 05:49:28 +02:00
posix_acl.c	tmpfs: clear S_ISGID when setting posix ACLs	2017-01-26 08:23:47 +01:00
proc_namespace.c
read_write.c	fs: stream_open - opener for stream-like files so that read and write can run simultaneously without deadlock	2019-06-11 12:24:13 +02:00
readdir.c
select.c	fs/select: add vmalloc fallback for select(2)	2018-01-31 12:06:09 +01:00
seq_file.c	Make file credentials available to the seqfile interfaces	2017-08-06 19:19:42 -07:00
signalfd.c
splice.c	vfs: fix uninitialized flags in splice_to_pipe()	2017-02-23 17:43:09 +01:00
stack.c
stat.c	ufs: restore maintaining ->i_blocks	2017-06-14 13:16:24 +02:00
statfs.c
super.c	fs: don't scan the inode cache before SB_BORN is set	2019-02-06 19:43:08 +01:00
sync.c
timerfd.c	timerfd: Protect the might cancel mechanism proper	2017-05-08 07:46:01 +02:00
userfaultfd.c	userfaultfd_release: always remove uffd flags and clear vm_userfaultfd_ctx	2019-09-06 10:18:09 +02:00
utimes.c
xattr.c	getxattr: use correct xattr length	2018-09-09 20:04:36 +02:00