Kernel/linux-next
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git synced 2025-01-16 05:26:07 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
linux-next/fs/nfs
History
Trond Myklebust e911b8158e NFSv4: Fix a use-after-free problem in open() 
If we interrupt the nfs4_wait_for_completion_rpc_task() call in
nfs4_run_open_task(), then we don't prevent the RPC call from
completing. So freeing up the opendata->f_attr.mdsthreshold
in the error path in _nfs4_do_open() leads to a use-after-free
when the XDR decoder tries to decode the mdsthreshold information
from the server.

Fixes: 82be417aa37c0 (NFSv4.1 cache mdsthreshold values on OPEN)
Tested-by: Steve Dickson <SteveD@redhat.com>
Cc: stable@vger.kernel.org # 3.5+
Signed-off-by: Trond Myklebust <trond.myklebust@primarydata.com>
2014-03-28 20:12:10 -04:00
..
blocklayout
Linux 3.13-rc6
2013-12-31 09:51:02 -07:00
objlayout
NFSv4.1 use pnfs_device maxcount for the objectlayout gdia_maxcount
2013-06-28 15:34:45 -04:00
cache_lib.c
NFS: simplify and clean cache library
2013-02-15 10:43:36 -05:00
cache_lib.h
NFS: simplify and clean cache library
2013-02-15 10:43:36 -05:00
callback_proc.c
NFSv4.1: Minor optimisation in get_layout_by_fh_locked()
2014-02-19 21:21:06 -05:00
callback_xdr.c
Merge branch 'labeled-nfs' into linux-next
2013-06-28 16:29:51 -04:00
callback.c
nfs: Use PTR_ERR_OR_ZERO in 'nfs41_callback_up' function
2013-10-28 18:16:55 -04:00
callback.h
NFS: Add in v4.2 callback operation
2013-06-08 16:20:18 -04:00
client.c
NFS: cache parsed auth_info in nfs_server
2013-10-28 15:37:43 -04:00
delegation.c
NFS: Fix a delegation callback race
2014-03-02 22:03:12 -05:00
delegation.h
NFSv4: Fix CB_RECALL_ANY to only return delegations that are not in use
2013-04-05 17:03:57 -04:00
dir.c
nfs: convert nfs_rename to use async_rename infrastructure
2014-03-17 15:14:17 -04:00
direct.c
nfs: page cache invalidation for dio
2014-01-13 17:29:50 -05:00
dns_resolve.c
NFS: Enabling v4.2 should not recompile nfsd and lockd
2013-11-19 16:20:40 -05:00
dns_resolve.h
NFS: DNS resolver cache per network namespace context introduced
2012-01-31 18:20:26 -05:00
file.c
NFS: dprintk() should not print negative fileids and inode numbers
2014-01-05 15:51:23 -05:00
fscache-index.c
NFS: Use the inode->i_version to cache NFSv4 change attribute information
2011-10-18 09:14:34 -07:00
fscache.c
NFS: Use i_writecount to control whether to get an fscache cookie in nfs_open()
2013-09-27 18:40:25 +01:00
fscache.h
NFS: Use i_writecount to control whether to get an fscache cookie in nfs_open()
2013-09-27 18:40:25 +01:00
getroot.c
NFS:Add labels to client function prototypes
2013-06-08 16:20:15 -04:00
idmap.c
NFSv4: Convert idmapper to use the new framework for pipefs dentries
2013-09-01 11:12:42 -04:00
inode.c
NFS: Be more aggressive in using readdirplus for 'ls -l' situations
2014-02-11 14:01:20 -05:00
internal.h
Merge branch 'devel' into linux-next
2014-03-17 15:15:21 -04:00
iostat.h
NFS: Squelch compiler warning in nfs_add_server_stats()
2010-05-14 15:09:31 -04:00
Kconfig
nfs: fix pnfs Kconfig defaults
2013-11-15 13:41:43 -05:00
Makefile
NFS: Enable slot table helpers for NFSv4.0
2013-09-03 15:26:33 -04:00
mount_clnt.c
nfs: have nfs_mount fake up a auth_flavs list when the server didn't provide it
2013-06-28 15:51:51 -04:00
namespace.c
nfs: use %p[dD] instead of open-coded (and often racy) equivalents
2013-10-24 23:34:50 -04:00
netns.h
nfs: include NFSv4 header in netns.h
2012-10-02 08:17:02 -07:00
nfs2super.c
NFS: Convert v2 into a module
2012-07-30 19:06:41 -04:00
nfs2xdr.c
nfs: Convert nfs2xdr to use kuids and kgids
2013-02-13 06:15:30 -08:00
nfs3acl.c
NFSv3: Fix return value of nfs3_proc_setacls
2014-02-03 13:14:23 -05:00
nfs3client.c
NFS: Only initialize the ACL client in the v3 case
2012-07-30 19:05:54 -04:00
nfs3proc.c
nfs: remove synchronous rename code
2014-03-17 15:14:17 -04:00
nfs3super.c
nfs: use generic posix ACL infrastructure for v3 Posix ACLs
2014-01-26 08:26:20 -05:00
nfs3xdr.c
nfs: Convert nfs3xdr to use kuids and kgids
2013-02-13 06:15:31 -08:00
nfs4_fs.h
NFSv4: Clear the open state flags if the new stateid does not match
2014-02-19 21:21:07 -05:00
nfs4client.c
NFSv4: Schedule recovery if nfs40_walk_client_list() is interrupted
2014-03-19 08:34:20 -04:00
nfs4file.c
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs
2013-11-13 15:34:18 +09:00
nfs4filelayout.c
NFSv4.1 Fail data server I/O if stateid represents a lost lock
2014-03-05 11:55:24 -05:00
nfs4filelayout.h
NFSv4.1: Use layout credentials for get_deviceinfo calls
2013-06-06 16:24:37 -04:00
nfs4filelayoutdev.c
nfs: fix dead code of ipv6_addr_scope
2014-01-05 15:38:21 -05:00
nfs4getroot.c
NFSv4: Fix security auto-negotiation
2013-09-07 16:18:30 -04:00
nfs4namespace.c
NFSv4: Use the correct net namespace in nfs4_update_server
2014-02-17 14:15:46 -05:00
nfs4proc.c
NFSv4: Fix a use-after-free problem in open()
2014-03-28 20:12:10 -04:00
nfs4renewd.c
workqueue: use mod_delayed_work() instead of cancel + queue
2012-08-13 16:27:37 -07:00
nfs4session.c
NFSv4.1: nfs4_destroy_session must call rpc_destroy_waitqueue
2014-02-01 15:13:39 -05:00
nfs4session.h
NFSv4.1: nfs4_destroy_session must call rpc_destroy_waitqueue
2014-02-01 15:13:39 -05:00
nfs4state.c
NFSv4: Ensure we respect soft mount timeouts during trunking discovery
2014-03-19 08:34:40 -04:00
nfs4super.c
NFSv4.1: Fix a race in nfs4_write_inode
2014-01-13 13:34:36 -05:00
nfs4sysctl.c
nfs: include nfs4_fh.h in nfs4sysctl.c
2012-10-02 08:17:03 -07:00
nfs4trace.c
NFSv4.1: Add tracepoints for debugging slot table operations
2013-08-22 08:58:27 -04:00
nfs4trace.h
NFSv4.1: Add tracepoints for debugging test_stateid events
2013-08-22 08:58:27 -04:00
nfs4xdr.c
NFS: Clean up: revert increase in READDIR RPC buffer max size
2014-03-17 15:30:38 -04:00
nfs.h
NFS: Convert v4 into a module
2012-07-30 19:06:52 -04:00
nfsroot.c
SUNRPC/NFS: Add Kbuild dependencies for NFS_DEBUG/RPC_DEBUG
2012-03-20 13:08:26 -04:00
nfstrace.c
NFS: Add event tracing for generic NFS lookups
2013-08-22 08:58:18 -04:00
nfstrace.h
NFS: fix the handling of NFS_INO_INVALID_DATA flag in nfs_revalidate_mapping
2014-01-27 15:35:56 -05:00
pagelist.c
NFS: Don't check lock owner compatability unless file is locked (part 2)
2013-09-06 11:27:41 -04:00
pnfs_dev.c
hlist: drop the node parameter from iterators
2013-02-27 19:10:24 -08:00
pnfs.c
NFSv4.1: Ensure that we free existing layout segments if we get a new layout
2014-02-19 21:21:06 -05:00
pnfs.h
NFSv4.1: Don't trust attributes if a pNFS LAYOUTCOMMIT is outstanding
2014-01-13 12:08:11 -05:00
proc.c
nfs: remove synchronous rename code
2014-03-17 15:14:17 -04:00
read.c
NFS: dprintk() should not print negative fileids and inode numbers
2014-01-05 15:51:23 -05:00
super.c
NFS: correctly report misuse of "migration" mount option.
2013-11-15 13:41:43 -05:00
symlink.c
include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h
2010-03-30 22:02:32 +09:00
sysctl.c
NFS: Initialize v4 sysctls from nfs_init_v4()
2012-07-17 13:33:18 -04:00
unlink.c
nfs: emit a fsnotify_nameremove call in sillyrename codepath
2014-03-17 15:14:17 -04:00
write.c
nfs: add memory barriers around NFS_INO_INVALID_DATA and NFS_INO_INVALIDATING
2014-01-28 14:48:18 -05:00