пн, 9 дек. 2019 г. в 20:48, Steve French <smfrench@xxxxxxxxx>: > > Fix refcount underflow warning when unmounting to servers which didn't grant > directory leases. > > [ 301.680095] refcount_t: underflow; use-after-free. > [ 301.680192] WARNING: CPU: 1 PID: 3569 at lib/refcount.c:28 > refcount_warn_saturate+0xb4/0xf3 > ... > [ 301.682139] Call Trace: > [ 301.682240] close_shroot+0x97/0xda [cifs] > [ 301.682351] SMB2_tdis+0x7c/0x176 [cifs] > [ 301.682456] ? _get_xid+0x58/0x91 [cifs] > [ 301.682563] cifs_put_tcon.part.0+0x99/0x202 [cifs] > [ 301.682637] ? ida_free+0x99/0x10a > [ 301.682727] ? cifs_umount+0x3d/0x9d [cifs] > [ 301.682829] cifs_put_tlink+0x3a/0x50 [cifs] > [ 301.682929] cifs_umount+0x44/0x9d [cifs] > > Fixes: 72e73c78c446 ("cifs: close the shared root handle on tree disconnect") > > Signed-off-by: Steve French <stfrench@xxxxxxxxxxxxx> > Acked-by: Ronnie Sahlberg <lsahlber@xxxxxxxxxx> > Reviewed-by: Aurelien Aptel <aaptel@xxxxxxxx> > Reviewed-by: Pavel Shilovsky <pshilov@xxxxxxxxxxxxx> > Reported-and-tested-by: Arthur Marsh <arthur.marsh@xxxxxxxxxxxxxxxx> > > -- > Thanks, > > Steve Looking at this more, I think that the fact that the handle is valid doesn't mean that it has a directory lease. So, I think we need to track that fact separately. I coded a quick follow-on fix (untested) to describe my idea - see the attached patch. Thoughts? -- Best regards, Pavel Shilovsky
Attachment:
0001-CIFS-Close-cached-root-handle-only-if-it-has-a-lease.patch
Description: Binary data