This series aims to tackle the various UAF reports, like: - https://lore.kernel.org/linux-block/8376443a-ec1b-0cef-8244-ed584b96fa96@xxxxxxxxxx/ - https://lore.kernel.org/linux-block/5c3ac5af-ed81-11e4-fee3-f92175f14daf@xxxxxxx/T/#m6c1ac11540522716f645d004e2a5a13c9f218908 - https://lore.kernel.org/linux-block/04e2f9e8-79fa-f1cb-ab23-4a15bf3f64cc@xxxxxxxxx/ Details are in the commit messages. Most important detail is that fastpath is untouched. The issue addressed in patch 1/2 is pretty easy to reproduce, 2/2 not so much. Differences to v1: - add 2nd patch John Garry (2): blk-mq: Clean up references to old requests when freeing rqs blk-mq: Lockout tagset iter when freeing rqs block/blk-mq-sched.c | 2 +- block/blk-mq-tag.c | 22 +++++++++++++++++++--- block/blk-mq-tag.h | 3 +++ block/blk-mq.c | 22 ++++++++++++++++++++-- block/blk-mq.h | 2 ++ 5 files changed, 45 insertions(+), 6 deletions(-) -- 2.26.2
