diff options
| author | Jeff Layton <jlayton@kernel.org> | 2019-04-15 12:00:42 -0400 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2019-05-02 09:40:29 +0200 |
| commit | cc97f988b736c678a921cba87a350e6833489f82 (patch) | |
| tree | 189f160cd3e1794ab20bf853d1e03d83949a8383 /fs/ceph/dir.c | |
| parent | e4713de969c4b20a71fd3905af19e8b3904e7425 (diff) | |
ceph: only use d_name directly when parent is locked
commit 1bcb344086f3ecf8d6705f6d708441baa823beb3 upstream.
Ben reported tripping the BUG_ON in create_request_message during some
performance testing. Analysis of the vmcore showed that the length of
the r_dentry->d_name string changed after we allocated the buffer, but
before we encoded it.
build_dentry_path returns pointers to d_name in the common case of
non-snapped dentries, but this optimization isn't safe unless the parent
directory is locked. When it isn't, have the code make a copy of the
d_name while holding the d_lock.
Cc: stable@vger.kernel.org
Reported-by: Ben England <bengland@redhat.com>
Signed-off-by: Jeff Layton <jlayton@kernel.org>
Reviewed-by: "Yan, Zheng" <zyan@redhat.com>
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'fs/ceph/dir.c')
0 files changed, 0 insertions, 0 deletions