linux-hardened/fs/cachefiles
David Howells a3b7c00484 CacheFiles: Handle object being killed before being set up
If a cache object gets killed whilst in the process of being set up - for
instance if the netfs relinquishes the cookie that the object is associated
with - then the object's state machine will transit to the DROP_OBJECT state
without necessarily going through the LOOKUP_OBJECT or CREATE_OBJECT states.

This is a problem for CacheFiles because cachefiles_drop_object() assumes that
object->dentry will be set upon reaching the DROP_OBJECT state and has an
ASSERT() to that effect (see the oops below) - but object->dentry doesn't get
set until the LOOKUP_OBJECT or CREATE_OBJECT states (and not always then if
they fail).

To fix this, just make the dentry cleanup in cachefiles_drop_object()
conditional on the dentry actually being set and remove the assertion.

	CacheFiles: Assertion failed
	------------[ cut here ]------------
	kernel BUG at .../fs/cachefiles/namei.c:425!
	...
	Workqueue: fscache_object fscache_object_work_func [fscache]
	...
	RIP: ... cachefiles_delete_object+0xcd/0x110 [cachefiles]
	...
	Call Trace:
	 [<ffffffffa043280f>] ? cachefiles_drop_object+0xff/0x130 [cachefiles]
	 [<ffffffffa02ac511>] ? fscache_drop_object+0xd1/0x1d0 [fscache]
	 [<ffffffffa02ac697>] ? fscache_object_work_func+0x87/0x210 [fscache]
	 [<ffffffff81080635>] ? process_one_work+0x155/0x450
	 [<ffffffff81081c44>] ? worker_thread+0x114/0x370
	 [<ffffffff81081b30>] ? manage_workers.isra.21+0x2c0/0x2c0
	 [<ffffffff81087fcc>] ? kthread+0xbc/0xe0
	 [<ffffffff81087f10>] ? flush_kthread_worker+0xa0/0xa0
	 [<ffffffff8150638c>] ? ret_from_fork+0x7c/0xb0
	 [<ffffffff81087f10>] ? flush_kthread_worker+0xa0/0xa0

Reported-by: Manuel Schölling <manuel.schoelling@gmx.de>
Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: Steve Dickson <steved@redhat.com>
2014-09-30 14:50:28 +01:00
..
bind.c fs/cachefiles: add missing \n to kerror conversions 2014-09-26 08:10:35 -07:00
daemon.c fs/cachefiles: add missing \n to kerror conversions 2014-09-26 08:10:35 -07:00
interface.c CacheFiles: Handle object being killed before being set up 2014-09-30 14:50:28 +01:00
internal.h fs/cachefiles: add missing \n to kerror conversions 2014-09-26 08:10:35 -07:00
Kconfig CacheFiles: A cache that backs onto a mounted filesystem 2009-04-03 16:42:41 +01:00
key.c CacheFiles: Downgrade the requirements passed to the allocator 2012-12-20 21:58:25 +00:00
main.c fs/cachefiles: add missing \n to kerror conversions 2014-09-26 08:10:35 -07:00
Makefile CacheFiles: A cache that backs onto a mounted filesystem 2009-04-03 16:42:41 +01:00
namei.c fs/cachefiles: add missing \n to kerror conversions 2014-09-26 08:10:35 -07:00
proc.c CacheFiles: A cache that backs onto a mounted filesystem 2009-04-03 16:42:41 +01:00
rdwr.c cachefiles: remove two unused pagevecs. 2014-09-17 23:29:50 +01:00
security.c fs/cachefiles: replace kerror by pr_err 2014-06-06 16:08:14 -07:00
xattr.c fs/cachefiles: add missing \n to kerror conversions 2014-09-26 08:10:35 -07:00