torvalds/linux
3
0
Fork 0
mirror of git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git synced 2026-04-11 08:50:20 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
fa2f9906a7b333ba757a7dbae0713d8a5396186e
linux/fs
History
Paulo Alcantara fa2f9906a7 smb: client: fix double free of TCP_Server_Info::hostname 
When shutting down the server in cifs_put_tcp_session(), cifsd thread
might be reconnecting to multiple DFS targets before it realizes it
should exit the loop, so @server->hostname can't be freed as long as
cifsd thread isn't done.  Otherwise the following can happen:

  RIP: 0010:__slab_free+0x223/0x3c0
  Code: 5e 41 5f c3 cc cc cc cc 4c 89 de 4c 89 cf 44 89 44 24 08 4c 89
  1c 24 e8 fb cf 8e 00 44 8b 44 24 08 4c 8b 1c 24 e9 5f fe ff ff <0f>
  0b 41 f7 45 08 00 0d 21 00 0f 85 2d ff ff ff e9 1f ff ff ff 80
  RSP: 0018:ffffb26180dbfd08 EFLAGS: 00010246
  RAX: ffff8ea34728e510 RBX: ffff8ea34728e500 RCX: 0000000000800068
  RDX: 0000000000800068 RSI: 0000000000000000 RDI: ffff8ea340042400
  RBP: ffffe112041ca380 R08: 0000000000000001 R09: 0000000000000000
  R10: 6170732e31303000 R11: 70726f632e786563 R12: ffff8ea34728e500
  R13: ffff8ea340042400 R14: ffff8ea34728e500 R15: 0000000000800068
  FS: 0000000000000000(0000) GS:ffff8ea66fd80000(0000)
  000000
  CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
  CR2: 00007ffc25376080 CR3: 000000012a2ba001 CR4:
  PKRU: 55555554
  Call Trace:
   <TASK>
   ? show_trace_log_lvl+0x1c4/0x2df
   ? show_trace_log_lvl+0x1c4/0x2df
   ? __reconnect_target_unlocked+0x3e/0x160 [cifs]
   ? __die_body.cold+0x8/0xd
   ? die+0x2b/0x50
   ? do_trap+0xce/0x120
   ? __slab_free+0x223/0x3c0
   ? do_error_trap+0x65/0x80
   ? __slab_free+0x223/0x3c0
   ? exc_invalid_op+0x4e/0x70
   ? __slab_free+0x223/0x3c0
   ? asm_exc_invalid_op+0x16/0x20
   ? __slab_free+0x223/0x3c0
   ? extract_hostname+0x5c/0xa0 [cifs]
   ? extract_hostname+0x5c/0xa0 [cifs]
   ? __kmalloc+0x4b/0x140
   __reconnect_target_unlocked+0x3e/0x160 [cifs]
   reconnect_dfs_server+0x145/0x430 [cifs]
   cifs_handle_standard+0x1ad/0x1d0 [cifs]
   cifs_demultiplex_thread+0x592/0x730 [cifs]
   ? __pfx_cifs_demultiplex_thread+0x10/0x10 [cifs]
   kthread+0xdd/0x100
   ? __pfx_kthread+0x10/0x10
   ret_from_fork+0x29/0x50
   </TASK>

Fixes: 7be3248f31 ("cifs: To match file servers, make sure the server hostname matches")
Reported-by: Jay Shin <jaeshin@redhat.com>
Signed-off-by: Paulo Alcantara (Red Hat) <pc@manguebit.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
2025-01-15 16:56:06 -06:00
..
9p
netfs: Work around recursion by abandoning retry if nothing read
2024-12-20 22:07:57 +01:00
adfs
Merge patch series "adfs, affs, befs, hfs, hfsplus: convert to new mount api"
2024-10-08 14:41:53 +02:00
affs
Merge patch series "adfs, affs, befs, hfs, hfsplus: convert to new mount api"
2024-10-08 14:41:53 +02:00
afs
afs: Fix merge preference rule failure condition
2025-01-09 17:21:41 +01:00
autofs
autofs: fix thinko in validate_dev_ioctl()
2024-10-28 13:16:56 +01:00
bcachefs
Merge tag 'mm-nonmm-stable-2024-11-24-02-05' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
2024-11-25 16:09:48 -08:00
befs
befs: convert befs to use the new mount api
2024-09-18 11:44:43 +02:00
bfs
fs: Convert aops->write_begin to take a folio
2024-08-07 11:33:21 +02:00
btrfs
Merge tag 'for-6.13-rc6-tag' of git://git.kernel.org/pub/scm/linux/kernel/git/kdave/linux
2025-01-09 10:16:45 -08:00
cachefiles
cachefiles: Parse the "secctx" immediately
2024-12-20 22:07:56 +01:00
ceph
ceph: allocate sparse_ext map only for sparse reads
2024-12-16 23:25:44 +01:00
coda
coda: use param->file for FSCONFIG_SET_FD
2024-08-19 13:45:03 +02:00
configfs
configfs: improve item creation performance
2024-11-14 07:45:20 +01:00
cramfs
Merge tag 'vfs-6.11.module.description' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs
2024-07-15 11:14:59 -07:00
crypto
Merge tag 'random-6.13-rc1-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/crng/random
2024-11-19 10:43:44 -08:00
debugfs
fs: debugfs: fix open proxy for unsafe files
2025-01-10 09:41:53 +01:00
devpts
dlm
dlm: fix dlm_recover_members refcount on error
2024-11-18 10:05:57 -06:00
ecryptfs
Merge tag 'vfs-6.13.ecryptfs.mount.api' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs
2024-11-26 13:39:02 -08:00
efivarfs
Merge tag 'efi-fixes-for-v6.13-1' of git://git.kernel.org/pub/scm/linux/kernel/git/efi/efi
2024-12-15 15:33:41 -08:00
efs
efs: fix the efs new mount api implementation
2024-10-15 15:58:36 +02:00
erofs
erofs: use buffered I/O for file-backed mounts by default
2024-12-16 21:02:07 +08:00
exfat
exfat: fix the infinite loop in __exfat_free_cluster()
2024-12-31 17:51:21 +09:00
exportfs
fs: prepare for "explicit connectable" file handles
2024-11-15 11:34:57 +01:00
ext2
Merge tag 'vfs-6.12.file' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs
2024-09-16 09:14:02 +02:00
ext4
Merge tag 'ext4_for_linus-6.13-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4
2024-11-18 16:32:58 -08:00
f2fs
Merge tag 'f2fs-for-6.13-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/jaegeuk/f2fs
2024-11-26 12:50:58 -08:00
fat
fat: fix uninitialized variable
2024-10-17 00:28:06 -07:00
freevxfs
freevxfs: Replace one-element array with flexible array member
2024-11-06 10:42:06 +01:00
fuse
Merge tag 'fuse-fixes-6.13-rc7' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/mszeredi/fuse
2025-01-07 15:43:07 +01:00
gfs2
Merge tag 'gfs2-for-6.13' of git://git.kernel.org/pub/scm/linux/kernel/git/gfs2/linux-gfs2
2024-11-26 12:34:50 -08:00
hfs
hfs: Sanity check the root record
2024-12-02 15:32:19 +01:00
hfsplus
Merge tag 'vfs-6.13.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs
2024-11-18 09:35:30 -08:00
hostfs
hostfs: Fix the NULL vs IS_ERR() bug for __filemap_get_folio()
2024-11-15 20:55:32 +01:00
hpfs
hpfs: convert hpfs to use the new mount api
2024-10-08 14:41:53 +02:00
hugetlbfs
mm: use aligned address in clear_gigantic_page()
2024-12-18 19:04:42 -08:00
iomap
iomap: avoid avoid truncating 64-bit offset to 32 bits
2025-01-09 16:09:20 +01:00
isofs
isofs: avoid memory leak in iocharset
2024-11-06 20:24:41 +01:00
jbd2
jbd2: flush filesystem device before updating tail sequence
2024-12-04 12:00:05 +01:00
jffs2
jffs2: Fix rtime decompressor
2024-12-05 12:31:40 +01:00
jfs
Merge tag 'jfs-6.13' of github.com:kleikamp/linux-shaggy
2024-11-21 09:59:59 -08:00
kernfs
lockd
Merge tag 'nfsd-6.13' of git://git.kernel.org/pub/scm/linux/kernel/git/cel/linux
2024-11-26 12:59:30 -08:00
minix
buffer: Convert __block_write_begin() to take a folio
2024-08-07 11:33:36 +02:00
netfs
netfs: Fix read-retry for fs with no ->prepare_read()
2025-01-09 17:20:04 +01:00
nfs
Merge tag 'vfs-6.13-rc7.fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs
2025-01-06 10:26:39 -08:00
nfs_common
nfs_common: must not hold RCU while calling nfsd_file_put_local
2024-11-18 20:23:12 -05:00
nfsd
Merge tag 'nfsd-6.13-1' of git://git.kernel.org/pub/scm/linux/kernel/git/cel/linux
2024-12-23 12:16:15 -08:00
nilfs2
nilfs2: fix buffer head leaks in calls to truncate_inode_pages()
2024-12-18 19:04:45 -08:00
nls
move asm/unaligned.h to linux/unaligned.h
2024-10-02 17:23:23 -04:00
notify
fs: relax assertions on failure to encode file handles
2024-12-19 15:18:27 +01:00
ntfs3
fs/ntfs3: Accumulated refactoring changes
2024-11-01 11:19:53 +03:00
ocfs2
ocfs2: fix slab-use-after-free due to dangling pointer dqi_priv
2024-12-30 17:59:09 -08:00
omfs
fs: Convert aops->write_begin to take a folio
2024-08-07 11:33:21 +02:00
openpromfs
openpromfs: add missing MODULE_DESCRIPTION() macro
2024-06-20 09:46:01 +02:00
orangefs
move asm/unaligned.h to linux/unaligned.h
2024-10-02 17:23:23 -04:00
overlayfs
ovl: support encoding fid from inode with no alias
2025-01-06 15:43:55 +01:00
proc
fs/proc/task_mmu: fix pagemap flags with PMD THP entries on 32bit
2024-12-30 17:59:08 -08:00
pstore
Get rid of 'remove_new' relic from platform driver struct
2024-12-01 15:12:43 -08:00
qnx4
qnx6
fs/qnx6: Fix building with GCC 15
2024-12-03 10:40:36 +01:00
quota
quota: flush quota_release_work upon quota writeback
2024-11-26 22:54:00 +01:00
ramfs
romfs
romfs: fix romfs_read_folio()
2024-08-21 22:32:58 +02:00
smb
smb: client: fix double free of TCP_Server_Info::hostname
2025-01-15 16:56:06 -06:00
squashfs
Squashfs: fix variable overflow in squashfs_readpage_block
2024-10-30 20:14:12 -07:00
sysfs
sysfs: bin_attribute: add const read/write callback variants
2024-11-05 14:00:28 +01:00
sysv
buffer: Convert __block_write_begin() to take a folio
2024-08-07 11:33:36 +02:00
tests
execve: Move KUnit tests to tests/ subdirectory
2024-07-22 18:25:47 -07:00
tracefs
tracing: Fix tracefs mount options
2024-11-01 08:38:14 -04:00
ubifs
Merge tag 'ubifs-for-linus-6.13-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/rw/ubifs
2024-11-30 10:32:47 -08:00
udf
udf: Verify inode link counts before performing rename
2024-11-26 22:54:24 +01:00
ufs
ufs: ufs_sb_private_info: remove unused s_{2,3}apb fields
2024-11-12 19:02:12 -05:00
unicode
Revert "unicode: Don't special case ignorable code points"
2024-12-11 14:11:23 -08:00
vboxsf
fs: Convert aops->write_end to take a folio
2024-08-07 11:32:02 +02:00
verity
fsverity: expose verified fsverity built-in signatures to LSMs
2024-08-20 14:03:18 -04:00
xfs
xfs: lock dquot buffer before detaching dquot from b_li_list
2025-01-10 10:12:48 +01:00
zonefs
Merge tag 'zonefs-6.12-rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/dlemoal/zonefs
2024-10-02 12:02:15 -07:00
aio.c
Merge tag 'timers-core-2024-11-18' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
2024-11-19 16:35:06 -08:00
anon_inodes.c
attr.c
fs: handle delegated timestamps in setattr_copy_mgtime
2024-10-10 10:20:51 +02:00
backing-file.c
fs/backing_file: fix wrong argument in callback
2024-11-26 18:13:29 +01:00
bad_inode.c
binfmt_elf_fdpic.c
Revert "fs: don't block i_writecount during exec"
2024-11-27 12:51:30 +01:00
binfmt_elf.c
Revert "fs: don't block i_writecount during exec"
2024-11-27 12:51:30 +01:00
binfmt_flat.c
move asm/unaligned.h to linux/unaligned.h
2024-10-02 17:23:23 -04:00
binfmt_misc.c
Revert "fs: don't block i_writecount during exec"
2024-11-27 12:51:30 +01:00
binfmt_script.c
bpf_fs_kfuncs.c
bpf: Add kfunc bpf_get_dentry_xattr() to read xattr from dentry
2024-08-07 11:26:54 -07:00
buffer.c
Merge tag 'mm-stable-2024-11-18-19-27' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
2024-11-23 09:58:07 -08:00
char_dev.c
fs: Reorganize kerneldoc parameter names
2024-10-22 11:16:57 +02:00
compat_binfmt_elf.c
binfmt_elf: Wire up AT_HWCAP3 at AT_HWCAP4
2024-10-17 18:38:49 +01:00
coredump.c
coredump: add cond_resched() to dump_user_range
2024-10-22 11:16:58 +02:00
d_path.c
dax.c
fsdax: dax_unshare_iter needs to copy entire blocks
2024-10-07 13:51:47 +02:00
dcache.c
Merge tag 'mm-stable-2024-11-18-19-27' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
2024-11-23 09:58:07 -08:00
direct-io.c
fs/direct-io: Remove linux/prefetch.h include
2024-08-19 13:45:02 +02:00
drop_caches.c
sysctl: treewide: constify the ctl_table argument of proc_handlers
2024-07-24 20:59:29 +02:00
eventfd.c
fdget(), trivial conversions
2024-11-03 01:28:06 -05:00
eventpoll.c
Merge tag 'net-next-6.13' of git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next
2024-11-21 08:28:08 -08:00
exec.c
Revert "fs: don't block i_writecount during exec"
2024-11-27 12:51:30 +01:00
fcntl.c
fs: require inode_owner_or_capable for F_SET_RW_HINT
2024-11-25 15:16:49 +01:00
fhandle.c
Merge tag 'vfs-6.13.exportfs' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs
2024-11-26 13:26:15 -08:00
file_table.c
Merge branch 'work.fdtable' into vfs.file
2024-10-30 09:58:02 +01:00
file.c
fs: fix missing declaration of init_files
2024-12-17 13:38:46 +01:00
filesystems.c
fs_context.c
fs_parser.c
Merge tag 'vfs-6.13.ovl' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs
2024-11-18 10:45:06 -08:00
fs_pin.c
fs_struct.c
fs_types.c
fs-writeback.c
Merge patch series "two little writeback cleanups v2"
2024-11-13 14:08:34 +01:00
fsopen.c
fdget(), more trivial conversions
2024-11-03 01:28:06 -05:00
init.c
inode.c
Merge tag 'mm-stable-2024-11-18-19-27' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
2024-11-23 09:58:07 -08:00
internal.h
Merge tag 'pull-statx' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2024-11-18 14:54:10 -08:00
ioctl.c
fdget(), trivial conversions
2024-11-03 01:28:06 -05:00
Kconfig
reiserfs: The last commit
2024-10-21 16:29:38 +02:00
Kconfig.binfmt
exec: Add KUnit test for bprm_stack_limits()
2024-06-19 13:13:55 -07:00
kernel_read_file.c
fdget(), trivial conversions
2024-11-03 01:28:06 -05:00
libfs.c
Merge tag 'pull-statx' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2024-11-18 14:54:10 -08:00
locks.c
fdget(), more trivial conversions
2024-11-03 01:28:06 -05:00
Makefile
reiserfs: The last commit
2024-10-21 16:29:38 +02:00
mbcache.c
mnt_idmapping.c
Merge tag 'fuse-update-6.12' of git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/fuse
2024-09-24 15:29:42 -07:00
mount.h
fs: kill MNT_ONRB
2025-01-09 16:58:50 +01:00
mpage.c
fs/writeback: convert wbc_account_cgroup_owner to take a folio
2024-10-28 13:26:54 +01:00
namei.c
Merge tag 'pull-xattr' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2024-11-18 12:44:25 -08:00
namespace.c
Merge tag 'vfs-6.14-rc7.mount.fixes'
2025-01-09 17:03:21 +01:00
nsfs.c
[tree-wide] finally take no_llseek out
2024-09-27 08:18:43 -07:00
open.c
Merge tag 'fsnotify_for_v6.13-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/jack/linux-fs
2024-11-21 09:55:45 -08:00
pidfs.c
pidfd: add ioctl to retrieve pid info
2024-10-24 13:54:51 +02:00
pipe.c
[tree-wide] finally take no_llseek out
2024-09-27 08:18:43 -07:00
pnode.c
pnode.h
posix_acl.c
acl: Annotate struct posix_acl with __counted_by()
2024-10-22 11:16:59 +02:00
proc_namespace.c
fs: rename show_mnt_opts -> show_vfsmnt_opts
2024-06-28 14:36:43 +02:00
read_write.c
Merge tag 'pull-fd' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2024-11-18 12:24:06 -08:00
readdir.c
introduce "fd_pos" class, convert fdget_pos() users to it.
2024-11-03 01:28:06 -05:00
remap_range.c
convert vfs_dedupe_file_range().
2024-11-03 01:28:07 -05:00
select.c
do_pollfd(): convert to CLASS(fd)
2024-11-03 01:28:07 -05:00
seq_file.c
fs: Reorganize kerneldoc parameter names
2024-10-22 11:16:57 +02:00
signalfd.c
fdget(), trivial conversions
2024-11-03 01:28:06 -05:00
splice.c
fdget(), more trivial conversions
2024-11-03 01:28:06 -05:00
stack.c
stat.c
Merge tag 'pull-statx' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2024-11-18 14:54:10 -08:00
statfs.c
fdget_raw() users: switch to CLASS(fd_raw)
2024-11-03 01:28:06 -05:00
super.c
fs/super.c: introduce get_tree_bdev_flags()
2024-10-21 14:30:26 +02:00
sync.c
fdget(), trivial conversions
2024-11-03 01:28:06 -05:00
sysctls.c
timerfd.c
Merge tag 'timers-core-2024-11-18' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
2024-11-19 16:35:06 -08:00
userfaultfd.c
fork: do not invoke uffd on fork if error occurs
2024-10-28 21:40:38 -07:00
utimes.c
fdget(), more trivial conversions
2024-11-03 01:28:06 -05:00
xattr.c
xattr: remove redundant check on variable err
2024-11-06 13:00:01 -05:00