Tree - rpms/glusterfs - CentOS Git server

rpms / glusterfs

Blame SOURCES/0454-features-locks-avoid-use-after-freed-of-frame-for-bl.patch

Blob History Raw

		14f8ab	`From cddd253c5e3f0a7c3b91c35cea8ad1921cb43b98 Mon Sep 17 00:00:00 2001`
		14f8ab	`From: Kinglong Mee <kinglongmee@gmail.com>`
		14f8ab	`Date: Thu, 18 Jul 2019 11:43:01 +0800`
		14f8ab	`Subject: [PATCH 454/456] features/locks: avoid use after freed of frame for`
		14f8ab	`blocked lock`
		14f8ab
		14f8ab	`The fop contains blocked lock may use freed frame info when other`
		14f8ab	`unlock fop has unwind the blocked lock.`
		14f8ab
		14f8ab	`Because the blocked lock is added to block list in inode lock(or`
		14f8ab	`other lock), after that, when out of the inode lock, the fop`
		14f8ab	`contains the blocked lock should not use it.`
		14f8ab
		14f8ab	`Upstream Patch - https://review.gluster.org/#/c/glusterfs/+/23155/`
		14f8ab
		14f8ab	`>Change-Id: Icb309a1cc78380dc982b26d50c18d67e4f2c8915`
		14f8ab	`>fixes: bz#1737291`
		14f8ab	`>Signed-off-by: Kinglong Mee <mijinlong@horiscale.com>`
		14f8ab
		14f8ab	`Change-Id: Icb309a1cc78380dc982b26d50c18d67e4f2c8915`
		14f8ab	`BUG: 1812789`
		14f8ab	`Reviewed-on: https://code.engineering.redhat.com/gerrit/206465`
		14f8ab	`Tested-by: RHGS Build Bot <nigelb@redhat.com>`
		14f8ab	`Reviewed-by: Xavi Hernandez Juan <xhernandez@redhat.com>`
		14f8ab	`---`
		14f8ab	`xlators/features/locks/src/common.c \| 4 ++++`
		14f8ab	`xlators/features/locks/src/entrylk.c \| 4 ++--`
		14f8ab	`xlators/features/locks/src/inodelk.c \| 7 +++++--`
		14f8ab	`xlators/features/locks/src/posix.c \| 5 +++--`
		14f8ab	`xlators/features/locks/src/reservelk.c \| 2 --`
		14f8ab	`5 files changed, 14 insertions(+), 8 deletions(-)`
		14f8ab
		14f8ab	`diff --git a/xlators/features/locks/src/common.c b/xlators/features/locks/src/common.c`
		14f8ab	`index 6e7fb4b..1406e70 100644`
		14f8ab	`--- a/xlators/features/locks/src/common.c`
		14f8ab	`+++ b/xlators/features/locks/src/common.c`
		14f8ab	`@@ -1080,6 +1080,10 @@ pl_setlk(xlator_t this, pl_inode_t pl_inode, posix_lock_t *lock,`
		14f8ab	`lock->fl_type == F_UNLCK ? "Unlock" : "Lock",`
		14f8ab	`lock->client_pid, lkowner_utoa(&lock->owner),`
		14f8ab	`lock->user_flock.l_start, lock->user_flock.l_len);`
		14f8ab	`+`
		14f8ab	`+ pl_trace_block(this, lock->frame, NULL, NULL, F_SETLKW,`
		14f8ab	`+ &lock->user_flock, NULL);`
		14f8ab	`+`
		14f8ab	`lock->blocked = 1;`
		14f8ab	`__insert_lock(pl_inode, lock);`
		14f8ab	`ret = -1;`
		14f8ab	`diff --git a/xlators/features/locks/src/entrylk.c b/xlators/features/locks/src/entrylk.c`
		14f8ab	`index ced5eca..93c649c 100644`
		14f8ab	`--- a/xlators/features/locks/src/entrylk.c`
		14f8ab	`+++ b/xlators/features/locks/src/entrylk.c`
		14f8ab	`@@ -552,6 +552,8 @@ __lock_blocked_add(xlator_t this, pl_inode_t pinode, pl_dom_list_t *dom,`
		14f8ab	`gf_msg_trace(this->name, 0, "Blocking lock: {pinode=%p, basename=%s}",`
		14f8ab	`pinode, lock->basename);`
		14f8ab
		14f8ab	`+ entrylk_trace_block(this, lock->frame, NULL, NULL, NULL, lock->basename,`
		14f8ab	`+ ENTRYLK_LOCK, lock->type);`
		14f8ab	`out:`
		14f8ab	`return -EAGAIN;`
		14f8ab	`}`
		14f8ab	`@@ -932,8 +934,6 @@ out:`
		14f8ab	`op_ret, op_errno);`
		14f8ab	`unwind:`
		14f8ab	`STACK_UNWIND_STRICT(entrylk, frame, op_ret, op_errno, NULL);`
		14f8ab	`- } else {`
		14f8ab	`- entrylk_trace_block(this, frame, volume, fd, loc, basename, cmd, type);`
		14f8ab	`}`
		14f8ab
		14f8ab	`if (pcontend != NULL) {`
		14f8ab	`diff --git a/xlators/features/locks/src/inodelk.c b/xlators/features/locks/src/inodelk.c`
		14f8ab	`index a9c42f1..24dee49 100644`
		14f8ab	`--- a/xlators/features/locks/src/inodelk.c`
		14f8ab	`+++ b/xlators/features/locks/src/inodelk.c`
		14f8ab	`@@ -420,6 +420,8 @@ __lock_blocked_add(xlator_t this, pl_dom_list_t dom, pl_inode_lock_t *lock,`
		14f8ab	`lkowner_utoa(&lock->owner), lock->user_flock.l_start,`
		14f8ab	`lock->user_flock.l_len);`
		14f8ab
		14f8ab	`+ pl_trace_block(this, lock->frame, NULL, NULL, F_SETLKW, &lock->user_flock,`
		14f8ab	`+ lock->volume);`
		14f8ab	`out:`
		14f8ab	`return -EAGAIN;`
		14f8ab	`}`
		14f8ab	`@@ -959,6 +961,7 @@ pl_common_inodelk(call_frame_t frame, xlator_t this, const char *volume,`
		14f8ab	`int ret = -1;`
		14f8ab	`GF_UNUSED int dict_ret = -1;`
		14f8ab	`int can_block = 0;`
		14f8ab	`+ short lock_type = 0;`
		14f8ab	`pl_inode_t *pinode = NULL;`
		14f8ab	`pl_inode_lock_t *reqlock = NULL;`
		14f8ab	`pl_dom_list_t *dom = NULL;`
		14f8ab	`@@ -1024,13 +1027,13 @@ pl_common_inodelk(call_frame_t frame, xlator_t this, const char *volume,`
		14f8ab	`/* fall through */`
		14f8ab
		14f8ab	`case F_SETLK:`
		14f8ab	`+ lock_type = flock->l_type;`
		14f8ab	`memcpy(&reqlock->user_flock, flock, sizeof(struct gf_flock));`
		14f8ab	`ret = pl_inode_setlk(this, ctx, pinode, reqlock, can_block, dom,`
		14f8ab	`inode);`
		14f8ab
		14f8ab	`if (ret < 0) {`
		14f8ab	`- if ((can_block) && (F_UNLCK != flock->l_type)) {`
		14f8ab	`- pl_trace_block(this, frame, fd, loc, cmd, flock, volume);`
		14f8ab	`+ if ((can_block) && (F_UNLCK != lock_type)) {`
		14f8ab	`goto out;`
		14f8ab	`}`
		14f8ab	`gf_log(this->name, GF_LOG_TRACE, "returning EAGAIN");`
		14f8ab	`diff --git a/xlators/features/locks/src/posix.c b/xlators/features/locks/src/posix.c`
		14f8ab	`index 50f1265..7887b82 100644`
		14f8ab	`--- a/xlators/features/locks/src/posix.c`
		14f8ab	`+++ b/xlators/features/locks/src/posix.c`
		14f8ab	`@@ -2557,6 +2557,7 @@ pl_lk(call_frame_t frame, xlator_t this, fd_t *fd, int32_t cmd,`
		14f8ab	`uint32_t lk_flags = 0;`
		14f8ab	`posix_locks_private_t *priv = this->private;`
		14f8ab	`pl_local_t *local = NULL;`
		14f8ab	`+ short lock_type = 0;`
		14f8ab
		14f8ab	`int ret = dict_get_uint32(xdata, GF_LOCK_MODE, &lk_flags);`
		14f8ab	`if (ret == 0) {`
		14f8ab	`@@ -2701,6 +2702,7 @@ pl_lk(call_frame_t frame, xlator_t this, fd_t *fd, int32_t cmd,`
		14f8ab	`case F_SETLK:`
		14f8ab	`reqlock->frame = frame;`
		14f8ab	`reqlock->this = this;`
		14f8ab	`+ lock_type = flock->l_type;`
		14f8ab
		14f8ab	`pthread_mutex_lock(&pl_inode->mutex);`
		14f8ab	`{`
		14f8ab	`@@ -2738,8 +2740,7 @@ pl_lk(call_frame_t frame, xlator_t this, fd_t *fd, int32_t cmd,`
		14f8ab
		14f8ab	`ret = pl_setlk(this, pl_inode, reqlock, can_block);`
		14f8ab	`if (ret == -1) {`
		14f8ab	`- if ((can_block) && (F_UNLCK != flock->l_type)) {`
		14f8ab	`- pl_trace_block(this, frame, fd, NULL, cmd, flock, NULL);`
		14f8ab	`+ if ((can_block) && (F_UNLCK != lock_type)) {`
		14f8ab	`goto out;`
		14f8ab	`}`
		14f8ab	`gf_log(this->name, GF_LOG_DEBUG, "returning EAGAIN");`
		14f8ab	`diff --git a/xlators/features/locks/src/reservelk.c b/xlators/features/locks/src/reservelk.c`
		14f8ab	`index 51076d7..604691f 100644`
		14f8ab	`--- a/xlators/features/locks/src/reservelk.c`
		14f8ab	`+++ b/xlators/features/locks/src/reservelk.c`
		14f8ab	`@@ -312,8 +312,6 @@ grant_blocked_lock_calls(xlator_t this, pl_inode_t pl_inode)`
		14f8ab	`ret = pl_setlk(this, pl_inode, lock, can_block);`
		14f8ab	`if (ret == -1) {`
		14f8ab	`if (can_block) {`
		14f8ab	`- pl_trace_block(this, lock->frame, fd, NULL, cmd,`
		14f8ab	`- &lock->user_flock, NULL);`
		14f8ab	`continue;`
		14f8ab	`} else {`
		14f8ab	`gf_log(this->name, GF_LOG_DEBUG, "returning EAGAIN");`
		14f8ab	`--`
		14f8ab	`1.8.3.1`
		14f8ab

rpms / glusterfs

Source Code

Blame SOURCES/0454-features-locks-avoid-use-after-freed-of-frame-for-bl.patch