From: Ilya Dryomov <idryomov@gmail.com>
To: Dan Carpenter <dan.carpenter@oracle.com>
Cc: Jeff Layton <jlayton@kernel.org>, Xiubo Li <xiubli@redhat.com>,
Ceph Development <ceph-devel@vger.kernel.org>,
kernel-janitors@vger.kernel.org
Subject: Re: [PATCH] ceph: fix off by one bugs in unsafe_request_wait()
Date: Mon, 6 Sep 2021 20:03:24 +0200 [thread overview]
Message-ID: <CAOi1vP9bbs++zmcSJ=hb+PfR5-=QQbicHNNDu0uzcD_7XRG44g@mail.gmail.com> (raw)
In-Reply-To: <20210906094301.GB10957@kili>
On Mon, Sep 6, 2021 at 11:43 AM Dan Carpenter <dan.carpenter@oracle.com> wrote:
>
> The "> max" tests should be ">= max" to prevent an out of bounds access
> on the next lines.
>
> Fixes: e1a4541ec0b9 ("ceph: flush the mdlog before waiting on unsafe reqs")
> Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
> ---
> fs/ceph/caps.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/fs/ceph/caps.c b/fs/ceph/caps.c
> index 26c5029629a4..ebbad9080422 100644
> --- a/fs/ceph/caps.c
> +++ b/fs/ceph/caps.c
> @@ -2260,7 +2260,7 @@ static int unsafe_request_wait(struct inode *inode)
> list_for_each_entry(req, &ci->i_unsafe_dirops,
> r_unsafe_dir_item) {
> s = req->r_session;
> - if (unlikely(s->s_mds > max)) {
> + if (unlikely(s->s_mds >= max)) {
> spin_unlock(&ci->i_unsafe_lock);
> goto retry;
> }
> @@ -2274,7 +2274,7 @@ static int unsafe_request_wait(struct inode *inode)
> list_for_each_entry(req, &ci->i_unsafe_iops,
> r_unsafe_target_item) {
> s = req->r_session;
> - if (unlikely(s->s_mds > max)) {
> + if (unlikely(s->s_mds >= max)) {
> spin_unlock(&ci->i_unsafe_lock);
> goto retry;
> }
> --
> 2.20.1
>
Applied.
Thanks,
Ilya
prev parent reply other threads:[~2021-09-06 18:03 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-09-06 9:43 [PATCH] ceph: fix off by one bugs in unsafe_request_wait() Dan Carpenter
2021-09-06 18:03 ` Ilya Dryomov [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAOi1vP9bbs++zmcSJ=hb+PfR5-=QQbicHNNDu0uzcD_7XRG44g@mail.gmail.com' \
--to=idryomov@gmail.com \
--cc=ceph-devel@vger.kernel.org \
--cc=dan.carpenter@oracle.com \
--cc=jlayton@kernel.org \
--cc=kernel-janitors@vger.kernel.org \
--cc=xiubli@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.