linux_old1/fs
Jan Kara a61d90d75d jbd: fix race in buffer processing in commit code
In commit code, we scan buffers attached to a transaction.  During this
scan, we sometimes have to drop j_list_lock and then we recheck whether
the journal buffer head didn't get freed by journal_try_to_free_buffers().
 But checking for buffer_jbd(bh) isn't enough because a new journal head
could get attached to our buffer head.  So add a check whether the journal
head remained the same and whether it's still at the same transaction and
list.

This is a nasty bug and can cause problems like memory corruption (use after
free) or trigger various assertions in JBD code (observed).

Signed-off-by: Jan Kara <jack@suse.cz>
Cc: <stable@kernel.org>
Cc: <linux-ext4@vger.kernel.org>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
2009-06-09 16:59:03 -07:00
..
9p Fix a leak in failure exit in 9p ->get_sb() 2009-05-09 10:49:40 -04:00
adfs fs/adfs: return f_fsid for statfs(2) 2009-04-02 19:05:08 -07:00
affs Fix races around the access to ->s_options 2009-05-09 10:51:34 -04:00
afs Fix races around the access to ->s_options 2009-05-09 10:51:34 -04:00
autofs Fix autofs_expire() 2009-04-20 23:01:15 -04:00
autofs4 autofs4: remove hashed check in validate_wait() 2009-06-09 16:59:03 -07:00
befs befs: fix build on parisc 2009-04-08 10:21:43 -07:00
bfs fs/Kconfig: move bfs out 2009-01-22 13:15:57 +03:00
btrfs Merge git://git.kernel.org/pub/scm/linux/kernel/git/mason/btrfs-unstable 2009-06-05 11:54:28 -07:00
cachefiles CacheFiles: Fixup renamed filenames in comments in internal.h 2009-05-27 10:20:13 -07:00
cifs [CIFS] Avoid open on possible directories since Samba now rejects them 2009-05-23 18:57:25 +00:00
coda constify dentry_operations: misc filesystems 2009-03-27 14:44:00 -04:00
configfs configfs: Fix Trivial Warning in fs/configfs/symlink.c 2009-04-21 12:59:21 -07:00
cramfs fs/cramfs: return f_fsid for statfs(2) 2009-04-02 19:05:08 -07:00
debugfs debugfs: function to know if debugfs is initialized 2009-03-23 16:25:46 +01:00
devpts devpts: correctly set default options 2009-05-15 08:03:23 -07:00
dlm dlm: fix length calculation in compat code 2009-03-11 12:23:59 -05:00
ecryptfs Convert obvious places to deactivate_locked_super() 2009-05-09 10:49:40 -04:00
efs fs/efs: return f_fsid for statfs(2) 2009-04-02 19:05:09 -07:00
exofs exofs: Documentation 2009-03-31 19:44:38 +03:00
exportfs Merge branch 'next' into for-linus 2008-12-25 11:40:09 +11:00
ext2 ext2: missing unlock in ext2_quota_write() 2009-04-27 16:49:52 +02:00
ext3 ext3: Try to avoid starting a transaction in writepage for data=writepage 2009-04-08 13:15:10 -04:00
ext4 ext4: Fix race in ext4_inode_info.i_cached_extent 2009-05-15 09:07:28 -04:00
fat vfat: Note the NLS requirement 2009-04-17 09:32:11 -07:00
freevxfs fs/Kconfig: move vxfs out 2009-01-22 13:15:58 +03:00
fscache FS-Cache: Fixup renamed filenames in comments in internal.h 2009-05-27 10:20:13 -07:00
fuse Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/mszeredi/fuse 2009-05-13 16:32:57 -07:00
gfs2 Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6 2009-05-10 10:49:08 -07:00
hfs hfs: fix memory leak when unmounting 2009-04-13 15:04:29 -07:00
hfsplus Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6 2009-04-02 21:09:10 -07:00
hostfs constify dentry_operations: misc filesystems 2009-03-27 14:44:00 -04:00
hpfs Fix races around the access to ->s_options 2009-05-09 10:51:34 -04:00
hppfs hppfs: hppfs_read_file() may return -ERROR 2009-04-02 19:04:53 -07:00
hugetlbfs Remove implementation of readpage from the hugetlbfs_aops 2009-05-13 08:04:45 -07:00
isofs fs/isofs: return f_fsid for statfs(2) 2009-04-02 19:05:09 -07:00
jbd jbd: fix race in buffer processing in commit code 2009-06-09 16:59:03 -07:00
jbd2 jbd2: use SWRITE_SYNC_PLUG when writing synchronous revoke records 2009-04-14 07:50:56 -04:00
jffs2 jffs2: Fix corruption when flash erase/write failure 2009-05-29 10:44:46 +01:00
jfs New helper - current_umask() 2009-03-31 23:00:26 -04:00
lockd lockd: fix list corruption on lockd restart 2009-05-06 17:19:36 -04:00
minix fs/minix: return f_fsid for statfs(2) 2009-04-02 19:05:09 -07:00
ncpfs ncpfs: use memdup_user() 2009-04-20 23:02:51 -04:00
nfs NFSv4: Fix the case where NFSv4 renewal fails 2009-05-26 14:51:00 -04:00
nfs_common SUNRPC: nfsacl_encode/nfsacl_decode should be exported as GPL-only 2008-12-23 15:21:32 -05:00
nfsd nfsd: fix hung up of nfs client while sync write data to nfs server 2009-05-27 17:40:06 -04:00
nilfs2 nilfs2: fix bh leak in nilfs_cpfile_delete_checkpoints function 2009-05-30 22:07:50 +09:00
nls remove CONFIG_KMOD from fs 2008-10-17 02:38:36 +11:00
notify inotify: use GFP_NOFS in kernel_event() to work around a lockdep false-positive 2009-05-06 16:36:09 -07:00
ntfs ntfs: remove private wrapper of endian helpers 2009-04-01 08:59:18 -07:00
ocfs2 ocfs2: Use nd_set_link(). 2009-05-09 10:49:40 -04:00
omfs Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs-2.6 2009-04-02 21:09:10 -07:00
openpromfs zero i_uid/i_gid on inode allocation 2009-01-05 11:54:28 -05:00
partitions Merge branch 'tracing/core-v2' into tracing-for-linus 2009-04-02 00:49:02 +02:00
proc procfs: make errno values consistent when open pident vs exit(2) race occurs 2009-05-29 08:40:02 -07:00
qnx4 fs/qnx4: return f_fsid for statfs(2) 2009-04-02 19:05:10 -07:00
quota quota: remove obsolete comments in fs/quota/Makefile 2009-04-27 16:49:52 +02:00
ramfs ramfs: fix double freeing s_fs_info on failed mount 2009-04-07 07:39:59 -07:00
reiserfs reiserfs: fixup perms when xattrs are disabled 2009-05-17 11:45:45 -07:00
romfs ROMFS: romfs_dev_read() error ignored 2009-05-09 10:49:41 -04:00
smbfs constify dentry_operations: misc filesystems 2009-03-27 14:44:00 -04:00
squashfs Squashfs: cody tidying, remove commented out line in Makefile 2009-05-13 03:25:20 +01:00
sysfs sysfs: file.c: use create_singlethread_workqueue() 2009-05-28 14:24:07 -07:00
sysv fs/sysv: return f_fsid for statfs(2) 2009-04-02 19:05:10 -07:00
ubifs Convert obvious places to deactivate_locked_super() 2009-05-09 10:49:40 -04:00
udf udf: Don't write integrity descriptor too often 2009-04-02 13:36:28 +02:00
ufs switch ufs directories to ufs_sync_file() 2009-05-09 10:49:42 -04:00
xfs Merge branch 'for-linus' of git://oss.sgi.com/xfs/xfs 2009-06-02 09:47:21 -07:00
Kconfig nilfs2: update makefile and Kconfig 2009-04-07 08:31:16 -07:00
Kconfig.binfmt CORE_DUMP_DEFAULT_ELF_HEADERS depends on ELF_CORE 2009-01-09 16:54:41 -08:00
Makefile nilfs2: update makefile and Kconfig 2009-04-07 08:31:16 -07:00
aio.c aio: lookup_ioctx can return the wrong value when looking up a bogus context 2009-03-19 15:57:18 -07:00
anon_inodes.c constify dentry_operations: rest 2009-03-27 14:44:03 -04:00
attr.c vfs: Use lowercase names of quota functions 2009-03-26 02:18:35 +01:00
bad_inode.c kill ->dir_notify() 2008-12-31 18:07:43 -05:00
binfmt_aout.c sanitize ifdefs in binfmt_aout 2009-01-03 11:45:54 -08:00
binfmt_elf.c Trim includes in binfmt_elf 2009-03-31 23:00:27 -04:00
binfmt_elf_fdpic.c ptrace: s/parent/real_parent/ in binfmt_elf_fdpic.c 2009-05-02 15:36:10 -07:00
binfmt_em86.c Allow recursion in binfmt_script and binfmt_misc 2008-10-16 11:21:38 -07:00
binfmt_flat.c flat: fix data sections alignment 2009-05-29 08:40:02 -07:00
binfmt_misc.c fs/binfmt_misc.c: add terminating newline to /proc/sys/fs/binfmt_misc/status 2009-01-06 15:59:19 -08:00
binfmt_script.c Allow recursion in binfmt_script and binfmt_misc 2008-10-16 11:21:38 -07:00
binfmt_som.c Don't crap into descriptor table in binfmt_som 2009-03-31 23:00:28 -04:00
bio-integrity.c block: add private bio_set for bio integrity allocations 2009-03-24 12:35:17 +01:00
bio.c bio: fix memcpy corruption in bio_copy_user_iov() 2009-04-28 20:24:29 +02:00
block_dev.c Cleanup after commit 585d3bc06f 2009-04-01 07:07:16 -04:00
buffer.c Fix nobh_truncate_page() to not pass stack garbage to get_block() 2009-06-06 06:17:25 -04:00
char_dev.c fs: fix name overwrite in __register_chrdev_region() 2009-01-06 15:59:13 -08:00
compat.c do_execve() must not clear fs->in_exec if it was set by another thread 2009-04-24 07:39:45 -07:00
compat_binfmt_elf.c
compat_ioctl.c fs/compat_ioctl: fix build when !BLOCK 2009-04-20 23:01:16 -04:00
dcache.c fs: dcache fix LRU ordering 2009-05-09 10:49:40 -04:00
dcookies.c [CVE-2009-0029] System call wrapper special cases 2009-01-14 14:15:18 +01:00
direct-io.c dio: Remove code handling bio_alloc failure with __GFP_WAIT 2009-04-15 12:10:13 +02:00
drop_caches.c vfs: skip I_CLEAR state inodes 2009-04-02 19:04:48 -07:00
eventfd.c epoll keyed wakeups: make eventfd use keyed wakeups 2009-04-01 08:59:20 -07:00
eventpoll.c epoll: fix size check in epoll_create() 2009-05-12 14:11:35 -07:00
exec.c Switch open_exec() and sys_uselib() to do_open_filp() 2009-05-09 10:49:42 -04:00
fcntl.c dup2: Fix return value with oldfd == newfd and invalid fd 2009-05-11 12:18:06 -07:00
fifo.c [PATCH] introduce fmode_t, do annotations 2008-10-21 07:47:06 -04:00
file.c
file_table.c trivial: remove unused variable 'path' in alloc_file() 2009-03-30 15:22:03 +02:00
filesystems.c fs: Mark get_filesystem_list() as __init function. 2009-04-20 23:02:52 -04:00
fs-writeback.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jikos/trivial 2009-04-03 15:24:35 -07:00
fs_struct.c Get rid of indirect include of fs_struct.h 2009-03-31 23:00:27 -04:00
generic_acl.c New helper - current_umask() 2009-03-31 23:00:26 -04:00
inode.c integrity: fix IMA inode leak 2009-06-06 14:33:41 -07:00
internal.h New locking/refcounting for fs_struct 2009-03-31 23:00:26 -04:00
ioctl.c fiemap: fix problem with setting FIEMAP_EXTENT_LAST 2009-05-06 16:36:09 -07:00
ioprio.c [CVE-2009-0029] System call wrappers part 28 2009-01-14 14:15:30 +01:00
libfs.c Convert obvious places to deactivate_locked_super() 2009-05-09 10:49:40 -04:00
locks.c [CVE-2009-0029] System call wrappers part 16 2009-01-14 14:15:25 +01:00
mbcache.c
mpage.c Remove two unneeded exports and make two symbols static in fs/mpage.c 2009-04-01 07:38:54 -04:00
namei.c Switch open_exec() and sys_uselib() to do_open_filp() 2009-05-09 10:49:42 -04:00
namespace.c Fix races around the access to ->s_options 2009-05-09 10:51:34 -04:00
nfsctl.c [CVE-2009-0029] System call wrappers part 27 2009-01-14 14:15:29 +01:00
no-block.c
open.c Switch open_exec() and sys_uselib() to do_open_filp() 2009-05-09 10:49:42 -04:00
pipe.c splice: add helpers for locking pipe inode 2009-04-15 12:10:12 +02:00
pnode.c
pnode.h
posix_acl.c CRED: Wrap task credential accesses in the filesystem subsystem 2008-11-14 10:39:05 +11:00
read_write.c Make non-compat preadv/pwritev use native register size 2009-04-04 14:20:34 -07:00
read_write.h
readdir.c [CVE-2009-0029] System call wrappers part 32 2009-01-14 14:15:31 +01:00
select.c [CVE-2009-0029] System call wrappers part 32 2009-01-14 14:15:31 +01:00
seq_file.c cpumask: fix seq_bitmap_*() functions. 2009-03-30 22:05:11 +10:30
signalfd.c [CVE-2009-0029] System call wrappers part 31 2009-01-14 14:15:31 +01:00
splice.c splice: fix new kernel-doc warnings 2009-04-17 07:38:07 -07:00
stack.c
stat.c kill vfs_stat_fd / vfs_lstat_fd 2009-04-20 23:02:52 -04:00
super.c NULL noise in fs/super.c:kill_bdev_super() 2009-05-09 10:49:41 -04:00
sync.c Merge branch 'for_linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jack/linux-quota-2.6 2009-03-27 14:48:34 -07:00
timerfd.c timerfd: add flags check 2009-02-18 15:37:53 -08:00
utimes.c [CVE-2009-0029] System call wrappers part 30 2009-01-14 14:15:30 +01:00
xattr.c xattr: use memdup_user() 2009-04-20 23:02:50 -04:00
xattr_acl.c