CIFS: Fix a possible memory corruption during reconnect
We can not unlock/lock cifs_tcp_ses_lock while walking through ses and tcon lists because it can corrupt list iterator pointers and a tcon structure can be released if we don't hold an extra reference. Fix it by moving a reconnect process to a separate delayed work and acquiring a reference to every tcon that needs to be reconnected. Also do not send an echo request on newly established connections. CC: Stable <stable@vger.kernel.org> Signed-off-by: Pavel Shilovsky <pshilov@microsoft.com>
Šī revīzija ir iekļauta:
Pavel Shilovsky
@@ -647,6 +647,8 @@ struct TCP_Server_Info {
|
||||
unsigned int max_read;
|
||||
unsigned int max_write;
|
||||
__u8 preauth_hash[512];
|
||||
struct delayed_work reconnect; /* reconnect workqueue job */
|
||||
struct mutex reconnect_mutex; /* prevent simultaneous reconnects */
|
||||
#endif /* CONFIG_CIFS_SMB2 */
|
||||
unsigned long echo_interval;
|
||||
};
|
||||
@@ -850,6 +852,7 @@ cap_unix(struct cifs_ses *ses)
|
||||
struct cifs_tcon {
|
||||
struct list_head tcon_list;
|
||||
int tc_count;
|
||||
struct list_head rlist; /* reconnect list */
|
||||
struct list_head openFileList;
|
||||
spinlock_t open_file_lock; /* protects list above */
|
||||
struct cifs_ses *ses; /* pointer to session associated with */
|
||||
|
||||
Atsaukties uz šo jaunā problēmā
Block a user