Drop "propagate_one(): mnt_set_mountpoint() needs mount_lock"
This commit is contained in:
parent
148d556059
commit
635674d4ea
|
@ -150,7 +150,6 @@ linux (4.19.120-1) UNRELEASED; urgency=medium
|
|||
- bpf, x86_32: Fix clobbering of dst for BPF_JSET
|
||||
- qed: Fix use after free in qed_chain_free
|
||||
- ext4: check for non-zero journal inum in ext4_calculate_overhead
|
||||
- propagate_one(): mnt_set_mountpoint() needs mount_lock
|
||||
|
||||
[ Salvatore Bonaccorso ]
|
||||
* ALSA: pcm: oss: Place the plugin buffer overflow checks correctly
|
||||
|
|
|
@ -1,45 +0,0 @@
|
|||
From: Al Viro <viro@zeniv.linux.org.uk>
|
||||
Date: Mon, 27 Apr 2020 10:26:22 -0400
|
||||
Subject: propagate_one(): mnt_set_mountpoint() needs mount_lock
|
||||
Origin: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit?id=fa87bf609aa173b5dce91d23cd3dcebd9e846124
|
||||
|
||||
commit b0d3869ce9eeacbb1bbd541909beeef4126426d5 upstream.
|
||||
|
||||
... to protect the modification of mp->m_count done by it. Most of
|
||||
the places that modify that thing also have namespace_lock held,
|
||||
but not all of them can do so, so we really need mount_lock here.
|
||||
Kudos to Piotr Krysiuk <piotras@gmail.com>, who'd spotted a related
|
||||
bug in pivot_root(2) (fixed unnoticed in 5.3); search for other
|
||||
similar turds has caught out this one.
|
||||
|
||||
Cc: stable@kernel.org
|
||||
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
|
||||
Signed-off-by: Piotr Krysiuk <piotras@gmail.com>
|
||||
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
|
||||
---
|
||||
fs/pnode.c | 9 ++++-----
|
||||
1 file changed, 4 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/fs/pnode.c b/fs/pnode.c
|
||||
index 53d411a371ce..7910ae91f17e 100644
|
||||
--- a/fs/pnode.c
|
||||
+++ b/fs/pnode.c
|
||||
@@ -266,14 +266,13 @@ static int propagate_one(struct mount *m)
|
||||
if (IS_ERR(child))
|
||||
return PTR_ERR(child);
|
||||
child->mnt.mnt_flags &= ~MNT_LOCKED;
|
||||
+ read_seqlock_excl(&mount_lock);
|
||||
mnt_set_mountpoint(m, mp, child);
|
||||
+ if (m->mnt_master != dest_master)
|
||||
+ SET_MNT_MARK(m->mnt_master);
|
||||
+ read_sequnlock_excl(&mount_lock);
|
||||
last_dest = m;
|
||||
last_source = child;
|
||||
- if (m->mnt_master != dest_master) {
|
||||
- read_seqlock_excl(&mount_lock);
|
||||
- SET_MNT_MARK(m->mnt_master);
|
||||
- read_sequnlock_excl(&mount_lock);
|
||||
- }
|
||||
hlist_add_head(&child->mnt_hash, list);
|
||||
return count_mounts(m->mnt_ns, child);
|
||||
}
|
|
@ -298,7 +298,6 @@ features/arm/staging-vc04_services-Use-correct-cache-line-size.patch
|
|||
debian/i386-686-pae-pci-set-pci-nobios-by-default.patch
|
||||
debian/ntfs-mark-it-as-broken.patch
|
||||
bugfix/all/selinux-properly-handle-multiple-messages-in-selinux.patch
|
||||
bugfix/all/propagate_one-mnt_set_mountpoint-needs-mount_lock.patch
|
||||
bugfix/x86/kvm-svm-fix-potential-memory-leak-in-svm_cpu_init.patch
|
||||
bugfix/all/scsi-sg-add-sg_remove_request-in-sg_write.patch
|
||||
bugfix/all/usb-gadget-fix-illegal-array-access-in-binding-with-.patch
|
||||
|
|
Loading…
Reference in New Issue