diff options
| author | Namjae Jeon <[email protected]> | 2023-10-04 18:31:03 +0900 | 
|---|---|---|
| committer | Steve French <[email protected]> | 2023-10-04 20:21:48 -0500 | 
| commit | 75ac9a3dd65f7eab4d12b0a0f744234b5300a491 (patch) | |
| tree | c54b6fd1e2697dbfd7917749fceb433e9bf4ae9f /drivers/gpu/drm/amd/amdgpu/amdgpu_cgs.c | |
| parent | 7ca9da7d873ee8024e9548d3366101c2b6843eab (diff) | |
ksmbd: fix race condition from parallel smb2 lock requests
There is a race condition issue between parallel smb2 lock request.
                                            Time
                                             +
Thread A                                     | Thread A
smb2_lock                                    | smb2_lock
                                             |
 insert smb_lock to lock_list                |
 spin_unlock(&work->conn->llist_lock)        |
                                             |
                                             |   spin_lock(&conn->llist_lock);
                                             |   kfree(cmp_lock);
                                             |
 // UAF!                                     |
 list_add(&smb_lock->llist, &rollback_list)  +
This patch swaps the line for adding the smb lock to the rollback list and
adding the lock list of connection to fix the race issue.
Reported-by: luosili <[email protected]>
Signed-off-by: Namjae Jeon <[email protected]>
Signed-off-by: Steve French <[email protected]>
Diffstat (limited to 'drivers/gpu/drm/amd/amdgpu/amdgpu_cgs.c')
0 files changed, 0 insertions, 0 deletions