stable.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
	stable@vger.kernel.org,
	Pavel Tikhomirov <ptikhomirov@virtuozzo.com>,
	Vasily Averin <vvs@virtuozzo.com>, NeilBrown <neilb@suse.com>,
	"J. Bruce Fields" <bfields@redhat.com>,
	stable@kernel.org
Subject: [PATCH 4.9 39/63] sunrpc: fix cache_head leak due to queued request
Date: Fri, 11 Jan 2019 15:14:42 +0100	[thread overview]
Message-ID: <20190111131051.812622568@linuxfoundation.org> (raw)
In-Reply-To: <20190111131046.387528003@linuxfoundation.org>

4.9-stable review patch.  If anyone has any objections, please let me know.

------------------

From: Vasily Averin <vvs@virtuozzo.com>

commit 4ecd55ea074217473f94cfee21bb72864d39f8d7 upstream.

After commit d202cce8963d, an expired cache_head can be removed from the
cache_detail's hash.

However, the expired cache_head may be waiting for a reply from a
previously submitted request. Such a cache_head has an increased
refcounter and therefore it won't be freed after cache_put(freeme).

Because the cache_head was removed from the hash it cannot be found
during cache_clean() and can be leaked forever, together with stalled
cache_request and other taken resources.

In our case we noticed it because an entry in the export cache was
holding a reference on a filesystem.

Fixes d202cce8963d ("sunrpc: never return expired entries in sunrpc_cache_lookup")
Cc: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
Cc: stable@kernel.org # 2.6.35
Signed-off-by: Vasily Averin <vvs@virtuozzo.com>
Reviewed-by: NeilBrown <neilb@suse.com>
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

---
 net/sunrpc/cache.c |   10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

--- a/net/sunrpc/cache.c
+++ b/net/sunrpc/cache.c
@@ -54,6 +54,11 @@ static void cache_init(struct cache_head
 	h->last_refresh = now;
 }
 
+static void cache_fresh_locked(struct cache_head *head, time_t expiry,
+				struct cache_detail *detail);
+static void cache_fresh_unlocked(struct cache_head *head,
+				struct cache_detail *detail);
+
 struct cache_head *sunrpc_cache_lookup(struct cache_detail *detail,
 				       struct cache_head *key, int hash)
 {
@@ -95,6 +100,7 @@ struct cache_head *sunrpc_cache_lookup(s
 			if (cache_is_expired(detail, tmp)) {
 				hlist_del_init(&tmp->cache_list);
 				detail->entries --;
+				cache_fresh_locked(tmp, 0, detail);
 				freeme = tmp;
 				break;
 			}
@@ -110,8 +116,10 @@ struct cache_head *sunrpc_cache_lookup(s
 	cache_get(new);
 	write_unlock(&detail->hash_lock);
 
-	if (freeme)
+	if (freeme) {
+		cache_fresh_unlocked(freeme, detail);
 		cache_put(freeme, detail);
+	}
 	return new;
 }
 EXPORT_SYMBOL_GPL(sunrpc_cache_lookup);



  parent reply	other threads:[~2019-01-11 15:07 UTC|newest]

Thread overview: 67+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-01-11 14:14 [PATCH 4.9 00/63] 4.9.150-stable review Greg Kroah-Hartman
2019-01-11 14:14 ` [PATCH 4.9 01/63] pinctrl: meson: fix pull enable register calculation Greg Kroah-Hartman
2019-01-11 14:14 ` [PATCH 4.9 02/63] powerpc: Fix COFF zImage booting on old powermacs Greg Kroah-Hartman
2019-01-11 14:14 ` [PATCH 4.9 03/63] ARM: imx: update the cpu power up timing setting on i.mx6sx Greg Kroah-Hartman
2019-01-11 14:14 ` [PATCH 4.9 04/63] ARM: dts: imx7d-nitrogen7: Fix the description of the Wifi clock Greg Kroah-Hartman
2019-01-11 14:14 ` [PATCH 4.9 05/63] Input: restore EV_ABS ABS_RESERVED Greg Kroah-Hartman
2019-01-11 14:14 ` [PATCH 4.9 06/63] checkstack.pl: fix for aarch64 Greg Kroah-Hartman
2019-01-11 14:14 ` [PATCH 4.9 07/63] xfrm: Fix bucket count reported to userspace Greg Kroah-Hartman
2019-01-11 14:14 ` [PATCH 4.9 08/63] netfilter: seqadj: re-load tcp header pointer after possible head reallocation Greg Kroah-Hartman
2019-01-11 14:14 ` [PATCH 4.9 09/63] scsi: bnx2fc: Fix NULL dereference in error handling Greg Kroah-Hartman
2019-01-11 14:14 ` [PATCH 4.9 10/63] Input: omap-keypad - fix idle configuration to not block SoC idle states Greg Kroah-Hartman
2019-01-11 14:14 ` [PATCH 4.9 11/63] netfilter: ipset: do not call ipset_nest_end after nla_nest_cancel Greg Kroah-Hartman
2019-01-11 14:14 ` [PATCH 4.9 12/63] bnx2x: Clear fip MAC when fcoe offload support is disabled Greg Kroah-Hartman
2019-01-11 14:14 ` [PATCH 4.9 13/63] bnx2x: Remove configured vlans as part of unload sequence Greg Kroah-Hartman
2019-01-11 14:14 ` [PATCH 4.9 14/63] bnx2x: Send update-svid ramrod with retry/poll flags enabled Greg Kroah-Hartman
2019-01-11 14:14 ` [PATCH 4.9 15/63] scsi: target: iscsi: cxgbit: fix csk leak Greg Kroah-Hartman
2019-01-11 14:14 ` [PATCH 4.9 16/63] scsi: target: iscsi: cxgbit: add missing spin_lock_init() Greg Kroah-Hartman
2019-01-11 14:14 ` [PATCH 4.9 17/63] drivers: net: xgene: Remove unnecessary forward declarations Greg Kroah-Hartman
2019-01-11 14:14 ` [PATCH 4.9 18/63] w90p910_ether: remove incorrect __init annotation Greg Kroah-Hartman
2019-01-11 14:14 ` [PATCH 4.9 19/63] net: hns: Incorrect offset address used for some registers Greg Kroah-Hartman
2019-01-11 14:14 ` [PATCH 4.9 20/63] net: hns: All ports can not work when insmod hns ko after rmmod Greg Kroah-Hartman
2019-01-11 14:14 ` [PATCH 4.9 21/63] net: hns: Some registers use wrong address according to the datasheet Greg Kroah-Hartman
2019-01-11 14:14 ` [PATCH 4.9 22/63] net: hns: Fixed bug that netdev was opened twice Greg Kroah-Hartman
2019-01-11 14:14 ` [PATCH 4.9 23/63] net: hns: Clean rx fbd when ae stopped Greg Kroah-Hartman
2019-01-11 14:14 ` [PATCH 4.9 24/63] net: hns: Free irq when exit from abnormal branch Greg Kroah-Hartman
2019-01-11 14:14 ` [PATCH 4.9 25/63] net: hns: Avoid net reset caused by pause frames storm Greg Kroah-Hartman
2019-01-11 14:14 ` [PATCH 4.9 26/63] net: hns: Fix ntuple-filters status error Greg Kroah-Hartman
2019-01-11 14:14 ` [PATCH 4.9 27/63] net: hns: Add mac pcs config when enable|disable mac Greg Kroah-Hartman
2019-01-11 14:14 ` [PATCH 4.9 28/63] SUNRPC: Fix a race with XPRT_CONNECTING Greg Kroah-Hartman
2019-01-11 14:14 ` [PATCH 4.9 29/63] lan78xx: Resolve issue with changing MAC address Greg Kroah-Hartman
2019-01-11 14:14 ` [PATCH 4.9 30/63] vxge: ensure data0 is initialized in when fetching firmware version information Greg Kroah-Hartman
2019-01-11 14:14 ` [PATCH 4.9 31/63] net: netxen: fix a missing check and an uninitialized use Greg Kroah-Hartman
2019-01-11 14:14 ` [PATCH 4.9 32/63] serial/sunsu: fix refcount leak Greg Kroah-Hartman
2019-01-11 14:14 ` [PATCH 4.9 33/63] scsi: zfcp: fix posting too many status read buffers leading to adapter shutdown Greg Kroah-Hartman
2019-01-11 14:14 ` [PATCH 4.9 34/63] libceph: fix CEPH_FEATURE_CEPHX_V2 check in calc_signature() Greg Kroah-Hartman
2019-01-11 14:14 ` [PATCH 4.9 35/63] fork: record start_time late Greg Kroah-Hartman
2019-01-11 14:14 ` [PATCH 4.9 36/63] hwpoison, memory_hotplug: allow hwpoisoned pages to be offlined Greg Kroah-Hartman
2019-01-11 14:14 ` [PATCH 4.9 37/63] mm, devm_memremap_pages: mark devm_memremap_pages() EXPORT_SYMBOL_GPL Greg Kroah-Hartman
2019-01-11 14:14 ` [PATCH 4.9 38/63] mm, devm_memremap_pages: kill mapping "System RAM" support Greg Kroah-Hartman
2019-01-11 14:14 ` Greg Kroah-Hartman [this message]
2019-01-11 14:14 ` [PATCH 4.9 40/63] sunrpc: use SVC_NET() in svcauth_gss_* functions Greg Kroah-Hartman
2019-01-11 14:14 ` [PATCH 4.9 41/63] MIPS: math-emu: Write-protect delay slot emulation pages Greg Kroah-Hartman
2019-01-11 14:14 ` [PATCH 4.9 42/63] crypto: x86/chacha20 - avoid sleeping with preemption disabled Greg Kroah-Hartman
2019-01-11 14:14 ` [PATCH 4.9 43/63] vhost/vsock: fix uninitialized vhost_vsock->guest_cid Greg Kroah-Hartman
2019-01-11 14:14 ` [PATCH 4.9 44/63] IB/hfi1: Incorrect sizing of sge for PIO will OOPs Greg Kroah-Hartman
2019-01-11 14:14 ` [PATCH 4.9 45/63] ALSA: cs46xx: Potential NULL dereference in probe Greg Kroah-Hartman
2019-01-11 14:14 ` [PATCH 4.9 46/63] ALSA: usb-audio: Avoid access before bLength check in build_audio_procunit() Greg Kroah-Hartman
2019-01-11 14:14 ` [PATCH 4.9 47/63] ALSA: usb-audio: Fix an out-of-bound read in create_composite_quirks Greg Kroah-Hartman
2019-01-11 14:14 ` [PATCH 4.9 48/63] dlm: fixed memory leaks after failed ls_remove_names allocation Greg Kroah-Hartman
2019-01-11 14:14 ` [PATCH 4.9 49/63] dlm: possible memory leak on error path in create_lkb() Greg Kroah-Hartman
2019-01-11 14:14 ` [PATCH 4.9 50/63] dlm: lost put_lkb on error path in receive_convert() and receive_unlock() Greg Kroah-Hartman
2019-01-11 14:14 ` [PATCH 4.9 51/63] dlm: memory leaks on error path in dlm_user_request() Greg Kroah-Hartman
2019-01-11 14:14 ` [PATCH 4.9 52/63] gfs2: Get rid of potential double-freeing in gfs2_create_inode Greg Kroah-Hartman
2019-01-11 14:14 ` [PATCH 4.9 53/63] gfs2: Fix loop in gfs2_rbm_find Greg Kroah-Hartman
2019-01-11 14:14 ` [PATCH 4.9 54/63] b43: Fix error in cordic routine Greg Kroah-Hartman
2019-01-11 14:14 ` [PATCH 4.9 55/63] powerpc/tm: Set MSR[TS] just prior to recheckpoint Greg Kroah-Hartman
2019-01-11 14:14 ` [PATCH 4.9 56/63] 9p/net: put a lower bound on msize Greg Kroah-Hartman
2019-01-11 14:15 ` [PATCH 4.9 57/63] rxe: fix error completion wr_id and qp_num Greg Kroah-Hartman
2019-01-11 14:15 ` [PATCH 4.9 58/63] iommu/vt-d: Handle domain agaw being less than iommu agaw Greg Kroah-Hartman
2019-01-11 14:15 ` [PATCH 4.9 59/63] ceph: dont update importing caps mseq when handing cap export Greg Kroah-Hartman
2019-01-11 14:15 ` [PATCH 4.9 60/63] genwqe: Fix size check Greg Kroah-Hartman
2019-01-11 14:15 ` [PATCH 4.9 61/63] intel_th: msu: Fix an off-by-one in attribute store Greg Kroah-Hartman
2019-01-11 14:15 ` [PATCH 4.9 62/63] power: supply: olpc_battery: correct the temperature units Greg Kroah-Hartman
2019-01-11 14:15 ` [PATCH 4.9 63/63] drm/vc4: Set ->is_yuv to false when num_planes == 1 Greg Kroah-Hartman
2019-01-11 21:42 ` [PATCH 4.9 00/63] 4.9.150-stable review shuah
2019-01-12  8:07 ` Naresh Kamboju
2019-01-12 17:43 ` Guenter Roeck

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20190111131051.812622568@linuxfoundation.org \
    --to=gregkh@linuxfoundation.org \
    --cc=bfields@redhat.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=neilb@suse.com \
    --cc=ptikhomirov@virtuozzo.com \
    --cc=stable@kernel.org \
    --cc=stable@vger.kernel.org \
    --cc=vvs@virtuozzo.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).