Buildresult: linus/32r6_defconfig/mips-gcc12 built on Dec 22, 13:09
kisskb
Revisions
|
Branches
|
Compilers
|
Configs
|
Build Results
|
Build Failures
|
Status:
OK
Date/Time:
Dec 22, 13:09
Duration:
0:03:22.871346
Builder:
blade4b
Revision:
afs: Fix use-after-free due to get/remove race in volume tree (
9a6b294ab496650e9f270123730df37030911b55)
Target:
linus/32r6_defconfig/mips-gcc12
Branch:
linus
Compiler:
mips-gcc12
(mips-linux-gcc (GCC) 12.2.0 / GNU ld (GNU Binutils) 2.39)
Config:
32r6_defconfig
(
download
)
Log:
Download original
Possible warnings (2)
./.config.32r6_defconfig:95:warning: override: CPU_BIG_ENDIAN changes choice state .config:94:warning: override: CPU_BIG_ENDIAN changes choice state
Full Log
# git rev-parse -q --verify 9a6b294ab496650e9f270123730df37030911b55^{commit} 9a6b294ab496650e9f270123730df37030911b55 already have revision, skipping fetch # git checkout -q -f -B kisskb 9a6b294ab496650e9f270123730df37030911b55 # git clean -qxdf # < git log -1 # commit 9a6b294ab496650e9f270123730df37030911b55 # Author: David Howells <dhowells@redhat.com> # Date: Thu Dec 21 13:57:31 2023 +0000 # # afs: Fix use-after-free due to get/remove race in volume tree # # When an afs_volume struct is put, its refcount is reduced to 0 before # the cell->volume_lock is taken and the volume removed from the # cell->volumes tree. # # Unfortunately, this means that the lookup code can race and see a volume # with a zero ref in the tree, resulting in a use-after-free: # # refcount_t: addition on 0; use-after-free. # WARNING: CPU: 3 PID: 130782 at lib/refcount.c:25 refcount_warn_saturate+0x7a/0xda # ... # RIP: 0010:refcount_warn_saturate+0x7a/0xda # ... # Call Trace: # afs_get_volume+0x3d/0x55 # afs_create_volume+0x126/0x1de # afs_validate_fc+0xfe/0x130 # afs_get_tree+0x20/0x2e5 # vfs_get_tree+0x1d/0xc9 # do_new_mount+0x13b/0x22e # do_mount+0x5d/0x8a # __do_sys_mount+0x100/0x12a # do_syscall_64+0x3a/0x94 # entry_SYSCALL_64_after_hwframe+0x62/0x6a # # Fix this by: # # (1) When putting, use a flag to indicate if the volume has been removed # from the tree and skip the rb_erase if it has. # # (2) When looking up, use a conditional ref increment and if it fails # because the refcount is 0, replace the node in the tree and set the # removal flag. # # Fixes: 20325960f875 ("afs: Reorganise volume and server trees to be rooted on the cell") # Signed-off-by: David Howells <dhowells@redhat.com> # Reviewed-by: Jeffrey Altman <jaltman@auristor.com> # cc: Marc Dionne <marc.dionne@auristor.com> # cc: linux-afs@lists.infradead.org # Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> # < /opt/cross/kisskb/korg/gcc-12.2.0-nolibc/mips-linux/bin/mips-linux-gcc --version # < /opt/cross/kisskb/korg/gcc-12.2.0-nolibc/mips-linux/bin/mips-linux-ld --version # < git log --format=%s --max-count=1 9a6b294ab496650e9f270123730df37030911b55 # make -s -j 24 ARCH=mips O=/kisskb/build/linus_32r6_defconfig_mips-gcc12 CROSS_COMPILE=/opt/cross/kisskb/korg/gcc-12.2.0-nolibc/mips-linux/bin/mips-linux- 32r6_defconfig Using /kisskb/src/arch/mips/configs/generic_defconfig as base Merging /kisskb/src/arch/mips/configs/generic/32r6.config Merging /kisskb/src/arch/mips/configs/generic/eb.config ./.config.32r6_defconfig:95:warning: override: CPU_BIG_ENDIAN changes choice state Merging /kisskb/src/arch/mips/configs/generic/board-boston.config Merging /kisskb/src/arch/mips/configs/generic/board-marduk.config Merging /kisskb/src/arch/mips/configs/generic/board-ranchu.config Merging /kisskb/src/arch/mips/configs/generic/board-sead-3.config Merging /kisskb/src/arch/mips/configs/generic/board-virt.config .config:94:warning: override: CPU_BIG_ENDIAN changes choice state # < make -s -j 24 ARCH=mips O=/kisskb/build/linus_32r6_defconfig_mips-gcc12 CROSS_COMPILE=/opt/cross/kisskb/korg/gcc-12.2.0-nolibc/mips-linux/bin/mips-linux- help # make -s -j 24 ARCH=mips O=/kisskb/build/linus_32r6_defconfig_mips-gcc12 CROSS_COMPILE=/opt/cross/kisskb/korg/gcc-12.2.0-nolibc/mips-linux/bin/mips-linux- olddefconfig # make -s -j 24 ARCH=mips O=/kisskb/build/linus_32r6_defconfig_mips-gcc12 CROSS_COMPILE=/opt/cross/kisskb/korg/gcc-12.2.0-nolibc/mips-linux/bin/mips-linux- Completed OK # rm -rf /kisskb/build/linus_32r6_defconfig_mips-gcc12 # Build took: 0:03:22.871346
© Michael Ellerman 2006-2018.