git.osdn.net Git - sagit-ice-cold/kernel_xiaomi

(root) / sagit-ice-cold / kernel_xiaomi_msm8998.git / commit

author	Al Viro <viro@zeniv.linux.org.uk>
	Tue, 26 Mar 2019 01:43:37 +0000 (01:43 +0000)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Thu, 16 May 2019 17:45:01 +0000 (19:45 +0200)
commit	02395682f19b99087ca25fcd0173a48bf5c18324
tree	7c2b66823612aeaeefd8fd01722572852ef5b899	tree \| snapshot
parent	90a015d4d782371571058672be7fecbc685e34ec	commit \| diff

debugfs: fix use-after-free on symlink traversal

[ Upstream commit 93b919da64c15b90953f96a536e5e61df896ca57 ]

symlink body shouldn't be freed without an RCU delay. Switch debugfs to
->destroy_inode() and use of call_rcu(); free both the inode and symlink
body in the callback. Similar to solution for bpf, only here it's even
more obvious that ->evict_inode() can be dropped.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Sasha Levin <sashal@kernel.org>

fs/debugfs/inode.c

diff | blob | history

Mirror: https://github.com/0ranko0P/kernel_xiaomi_msm8998/

RSS Atom

About OSDN

Find Software

Develop Software

Help