Google Git
Sign in
kernel / pub / scm / linux / kernel / git / djwong / xfs-linux / refs/heads/xfs-6.2-merge
commitc547d9894348375c43931d3631bf7405318230bd[log] [tgz]
authorDave Chinner <dchinner@redhat.com>Thu Dec 08 09:53:22 2022 -0800
committerDarrick J. Wong <djwong@kernel.org>Tue Dec 20 16:45:52 2022 -0800
tree718252867d2aa0cde35a0409731e086d52b04572
parentaaf610aab052d69cfe37684d9fa7c0b9b2dfd6ce [diff]
xfs: dquot shrinker doesn't check for XFS_DQFLAG_FREEING

Resulting in a UAF if the shrinker races with some other dquot
freeing mechanism that sets XFS_DQFLAG_FREEING before the dquot is
removed from the LRU. This can occur if a dquot purge races with
drop_caches.

Reported-by: syzbot+912776840162c13db1a3@syzkaller.appspotmail.com
Signed-off-by: Dave Chinner <dchinner@redhat.com>
Reviewed-by: Darrick J. Wong <djwong@kernel.org>
Signed-off-by: Darrick J. Wong <djwong@kernel.org>
1 file changed
tree: 718252867d2aa0cde35a0409731e086d52b04572
  1. arch/
  2. block/
  3. certs/
  4. crypto/
  5. Documentation/
  6. drivers/
  7. fs/
  8. include/
  9. init/
  10. io_uring/
  11. ipc/
  12. kernel/
  13. lib/
  14. LICENSES/
  15. mm/
  16. net/
  17. rust/
  18. samples/
  19. scripts/
  20. security/
  21. sound/
  22. tools/
  23. usr/
  24. virt/
  25. .clang-format
  26. .cocciconfig
  27. .get_maintainer.ignore
  28. .gitattributes
  29. .gitignore
  30. .mailmap
  31. .rustfmt.toml
  32. COPYING
  33. CREDITS
  34. Kbuild
  35. Kconfig
  36. MAINTAINERS
  37. Makefile
  38. README