This is a note to let you know that I've just added the patch titled
cifs: missing lock when updating session status
to the 6.3-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
cifs-missing-lock-when-updating-session-status.patch
and it can be found in the queue-6.3 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.
commit 75d024a4dfb11aa44a9887e7f2bbf310aac689b3
Author: Steve French <stfrench@xxxxxxxxxxxxx>
Date: Wed Apr 26 22:01:31 2023 -0500
cifs: missing lock when updating session status
[ Upstream commit 943fb67b090212f1d3789eb7796b1c9045c62fd6 ]
Coverity noted a place where we were not grabbing
the ses_lock when setting (and checking) ses_status.
Addresses-Coverity: 1536833 ("Data race condition (MISSING_LOCK)")
Reviewed-by: Paulo Alcantara (SUSE) <pc@xxxxxxxxxxxxx>
Reviewed-by: Bharath SM <bharathsm@xxxxxxxxxxxxx>
Signed-off-by: Steve French <stfrench@xxxxxxxxxxxxx>
Signed-off-by: Sasha Levin <sashal@xxxxxxxxxx>
diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c
index 59a10330e299b..8e9a672320ab7 100644
--- a/fs/cifs/connect.c
+++ b/fs/cifs/connect.c
@@ -1918,18 +1918,22 @@ void __cifs_put_smb_ses(struct cifs_ses *ses)
/* ses_count can never go negative */
WARN_ON(ses->ses_count < 0);
+ spin_lock(&ses->ses_lock);
if (ses->ses_status == SES_GOOD)
ses->ses_status = SES_EXITING;
- cifs_free_ipc(ses);
-
if (ses->ses_status == SES_EXITING && server->ops->logoff) {
+ spin_unlock(&ses->ses_lock);
+ cifs_free_ipc(ses);
xid = get_xid();
rc = server->ops->logoff(xid, ses);
if (rc)
cifs_server_dbg(VFS, "%s: Session Logoff failure rc=%d\n",
__func__, rc);
_free_xid(xid);
+ } else {
+ spin_unlock(&ses->ses_lock);
+ cifs_free_ipc(ses);
}
spin_lock(&cifs_tcp_ses_lock);
