This patch set fix two problem when recovery intents fails. Patches 1-2 fix the possible problem that intent items not released. When recovery intents, new intents items may be created during recovery intents. if recovery fails, new intents items may be left in AIL or leaks. Patch 3 fix a uaf problem, when recovery intents fails, intent items may be freed before done item commited. v3: - Modified as suggested by Dave, solves the UAF problem by correctly handling the reference counting of intents in patch 3 v2: - change xfs_defer_pending_abort to static in patch 1 - rewrite commit message in patch 2-3 - rename xfs_defer_ops_capture_free to xfs_defer_ops_capture_abort, and add xfs_defer_pending_abort to the start of xfs_defer_ops_capture_abort Long Li (3): xfs: factor out xfs_defer_pending_abort xfs: abort intent items when recovery intents fail xfs: fix intent item uaf when recover intents fail fs/xfs/libxfs/xfs_defer.c | 28 ++++++++++++++++++---------- fs/xfs/libxfs/xfs_defer.h | 2 +- fs/xfs/xfs_attr_item.c | 1 + fs/xfs/xfs_bmap_item.c | 1 + fs/xfs/xfs_extfree_item.c | 1 + fs/xfs/xfs_log_recover.c | 2 +- fs/xfs/xfs_refcount_item.c | 1 + fs/xfs/xfs_rmap_item.c | 1 + 8 files changed, 25 insertions(+), 12 deletions(-) -- 2.31.1
