Patch "ksmbd: fix potential circular locking issue in smb2_set_ea()" has been added to the 6.1-stable tree

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



This is a note to let you know that I've just added the patch titled

    ksmbd: fix potential circular locking issue in smb2_set_ea()

to the 6.1-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     ksmbd-fix-potential-circular-locking-issue-in-smb2_set_ea.patch
and it can be found in the queue-6.1 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.


>From stable+bounces-15500-greg=kroah.com@xxxxxxxxxxxxxxx Tue Jan 23 03:39:52 2024
From: Namjae Jeon <linkinjeon@xxxxxxxxxx>
Date: Tue, 23 Jan 2024 20:38:51 +0900
Subject: ksmbd: fix potential circular locking issue in smb2_set_ea()
To: gregkh@xxxxxxxxxxxxxxxxxxx, sashal@xxxxxxxxxx
Cc: stable@xxxxxxxxxxxxxxx, Namjae Jeon <linkinjeon@xxxxxxxxxx>, Steve French <stfrench@xxxxxxxxxxxxx>
Message-ID: <20240123113854.194887-3-linkinjeon@xxxxxxxxxx>

From: Namjae Jeon <linkinjeon@xxxxxxxxxx>

[ Upstream commit 6fc0a265e1b932e5e97a038f99e29400a93baad0 ]

smb2_set_ea() can be called in parent inode lock range.
So add get_write argument to smb2_set_ea() not to call nested
mnt_want_write().

Signed-off-by: Namjae Jeon <linkinjeon@xxxxxxxxxx>
Signed-off-by: Steve French <stfrench@xxxxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
 fs/smb/server/smb2pdu.c |    7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

--- a/fs/smb/server/smb2pdu.c
+++ b/fs/smb/server/smb2pdu.c
@@ -2321,11 +2321,12 @@ out:
  * @eabuf:	set info command buffer
  * @buf_len:	set info command buffer length
  * @path:	dentry path for get ea
+ * @get_write:	get write access to a mount
  *
  * Return:	0 on success, otherwise error
  */
 static int smb2_set_ea(struct smb2_ea_info *eabuf, unsigned int buf_len,
-		       const struct path *path)
+		       const struct path *path, bool get_write)
 {
 	struct user_namespace *user_ns = mnt_user_ns(path->mnt);
 	char *attr_name = NULL, *value;
@@ -3013,7 +3014,7 @@ int smb2_open(struct ksmbd_work *work)
 
 			rc = smb2_set_ea(&ea_buf->ea,
 					 le32_to_cpu(ea_buf->ccontext.DataLength),
-					 &path);
+					 &path, false);
 			if (rc == -EOPNOTSUPP)
 				rc = 0;
 			else if (rc)
@@ -5990,7 +5991,7 @@ static int smb2_set_info_file(struct ksm
 			return -EINVAL;
 
 		return smb2_set_ea((struct smb2_ea_info *)req->Buffer,
-				   buf_len, &fp->filp->f_path);
+				   buf_len, &fp->filp->f_path, true);
 	}
 	case FILE_POSITION_INFORMATION:
 	{


Patches currently in stable-queue which might be from kroah.com@xxxxxxxxxxxxxxx are

queue-6.1/ksmbd-send-lease-break-notification-on-file_rename_information.patch
queue-6.1/ksmbd-fix-potential-circular-locking-issue-in-smb2_set_ea.patch
queue-6.1/ksmbd-add-missing-set_freezable-for-freezable-kthread.patch
queue-6.1/ksmbd-set-v2-lease-version-on-lease-upgrade.patch
queue-6.1/ksmbd-don-t-increment-epoch-if-current-state-and-request-state-are-same.patch




[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Linux USB Devel]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux