From: Paulo Alcantara <pc@manguebit.com>
To: nspmangalore@gmail.com, smfrench@gmail.com,
bharathsm.hsk@gmail.com, linux-cifs@vger.kernel.org
Cc: Shyam Prasad N <sprasad@microsoft.com>
Subject: Re: [PATCH 09/14] cifs: add a back pointer to cifs_sb from tcon
Date: Fri, 03 Nov 2023 18:03:05 -0300 [thread overview]
Message-ID: <ffa541bac7417c9dea79c73e22de1eda.pc@manguebit.com> (raw)
In-Reply-To: <20231030110020.45627-9-sprasad@microsoft.com>
nspmangalore@gmail.com writes:
> From: Shyam Prasad N <sprasad@microsoft.com>
>
> Today, we have no way to access the cifs_sb when we
> just have pointers to struct tcon. This is very
> limiting as many functions deal with cifs_sb, and
> these calls do not directly originate from VFS.
>
> This change introduces a new cifs_sb field in cifs_tcon
> that points to the cifs_sb for the tcon. The assumption
> here is that a tcon will always map to this cifs_sb and
> will never change.
>
> Also, refcounting should not be necessary, since cifs_sb
> will never be freed before tcon.
>
> Signed-off-by: Shyam Prasad N <sprasad@microsoft.com>
> ---
> fs/smb/client/cifsglob.h | 1 +
> fs/smb/client/connect.c | 2 ++
> 2 files changed, 3 insertions(+)
This is wrong as a single tcon may be shared among different
superblocks. You can, however, map those superblocks to a tcon by using
the cifs_sb_master_tcon() helper.
If you do something like this
mount.cifs //srv/share /mnt/1 -o ...
mount.cifs //srv/share /mnt/1 -o ... -> -EBUSY
tcon->cifs_sb will end up with the already freed superblock pointer that
was compared to the existing one. So, you'll get an use-after-free when
you dereference tcon->cifs_sb as in patch 11/14.
next prev parent reply other threads:[~2023-11-03 21:03 UTC|newest]
Thread overview: 61+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-10-30 11:00 [PATCH 01/14] cifs: print server capabilities in DebugData nspmangalore
2023-10-30 11:00 ` [PATCH 02/14] cifs: add xid to query server interface call nspmangalore
2023-10-31 5:35 ` Bharath SM
2023-10-30 11:00 ` [PATCH 03/14] cifs: reconnect helper should set reconnect for the right channel nspmangalore
2023-10-31 15:27 ` Paulo Alcantara
2023-10-31 18:29 ` Steve French
2023-10-30 11:00 ` [PATCH 04/14] cifs: do not reset chan_max if multichannel is not supported at mount nspmangalore
2023-11-01 2:57 ` Steve French
2023-11-01 3:14 ` Steve French
2023-10-30 11:00 ` [PATCH 05/14] cifs: force interface update before a fresh session setup nspmangalore
2023-11-01 3:14 ` Steve French
2023-10-30 11:00 ` [PATCH 06/14] cifs: handle cases where a channel is closed nspmangalore
2023-11-01 3:09 ` Steve French
2023-11-02 12:26 ` Shyam Prasad N
2023-10-30 11:00 ` [PATCH 07/14] cifs: distribute channels across interfaces based on speed nspmangalore
2023-10-30 11:00 ` [PATCH 08/14] cifs: account for primary channel in the interface list nspmangalore
2023-11-08 15:44 ` Paulo Alcantara
2023-11-08 18:16 ` Steve French
2023-11-08 19:03 ` Paulo Alcantara
2023-10-30 11:00 ` [PATCH 09/14] cifs: add a back pointer to cifs_sb from tcon nspmangalore
2023-11-01 3:30 ` Steve French
2023-11-03 21:03 ` Paulo Alcantara [this message]
2023-11-06 16:12 ` Shyam Prasad N
2023-11-06 17:04 ` Shyam Prasad N
[not found] ` <CAH2r5msQLTcdiHBrOKd+q6LPPHW_Jj3QbpFZyZ48CJbrtDqC5w@mail.gmail.com>
[not found] ` <CAH2r5mt4hC5x2w2D46y13j_OtjkJk9_ZaeGXbb7YKukffBk2LQ@mail.gmail.com>
2023-11-06 19:36 ` Fwd: " Steve French
2023-11-08 15:24 ` Paulo Alcantara
2023-11-08 16:11 ` Steve French
2023-10-30 11:00 ` [PATCH 10/14] cifs: reconnect work should have reference on server struct nspmangalore
2023-11-16 17:10 ` Paulo Alcantara
[not found] ` <CAH2r5mtDeP323Z8=9WjCCYVVb9B2AmO5Q4PDtcMz8wxVUCVRBA@mail.gmail.com>
2023-11-16 19:35 ` Paulo Alcantara
2023-10-30 11:00 ` [PATCH 11/14] cifs: handle when server starts supporting multichannel nspmangalore
2023-11-01 3:30 ` Steve French
2023-11-01 15:52 ` Paulo Alcantara
2023-11-04 7:50 ` Shyam Prasad N
2023-11-02 20:28 ` Paulo Alcantara
2023-11-03 0:43 ` Steve French
2023-11-03 20:32 ` Paulo Alcantara
[not found] ` <notmuch-sha1-c3bfa7f4ae0bb24c5ee7cfddb408c2fbeca5d8f7>
2023-11-08 16:02 ` Paulo Alcantara
2023-11-08 19:25 ` Steve French
2023-11-08 19:31 ` Paulo Alcantara
2023-10-30 11:00 ` [PATCH 12/14] cifs: handle when server stops " nspmangalore
2023-11-08 16:35 ` Paulo Alcantara
[not found] ` <notmuch-sha1-9ed0289358ca5c90903408ad9c0ac0310afee598>
2023-11-08 19:13 ` Paulo Alcantara
2023-11-08 19:41 ` Paulo Alcantara
2023-11-09 11:44 ` Shyam Prasad N
2023-11-09 13:28 ` Paulo Alcantara
2023-11-09 13:49 ` Shyam Prasad N
2023-11-10 4:09 ` Shyam Prasad N
2023-11-11 17:23 ` Paulo Alcantara
2023-11-12 18:52 ` Steve French
[not found] ` <CAH2r5mvG3zLBxknPOuaz9=GarZO6n6bhcduiZHHfiqVYZYJiVQ@mail.gmail.com>
2023-11-12 19:32 ` Paulo Alcantara
2023-10-30 11:00 ` [PATCH 13/14] cifs: display the endpoint IP details in DebugData nspmangalore
2023-10-31 15:18 ` Paulo Alcantara
[not found] ` <notmuch-sha1-260ef7fe7af7face0e1486229c0fda5149fe14e2>
2023-11-01 14:12 ` Paulo Alcantara
2023-11-01 14:19 ` Steve French
2023-11-04 7:44 ` Shyam Prasad N
2023-11-04 19:00 ` Paulo Alcantara
2023-10-30 12:34 ` [PATCH 01/14] cifs: print server capabilities " Bharath SM
2023-10-30 12:40 ` Shyam Prasad N
2023-10-30 12:51 ` Shyam Prasad N
2023-10-30 14:54 ` Steve French
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ffa541bac7417c9dea79c73e22de1eda.pc@manguebit.com \
--to=pc@manguebit.com \
--cc=bharathsm.hsk@gmail.com \
--cc=linux-cifs@vger.kernel.org \
--cc=nspmangalore@gmail.com \
--cc=smfrench@gmail.com \
--cc=sprasad@microsoft.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.