Revision f818a73674c5d197f66b636a46d7d578d7258129 authored by Sage Weil on 12 May 2010, 03:56:31 UTC, committed by Sage Weil on 12 May 2010, 03:56:31 UTC
The iterate_session_caps helper traverses the session caps list and tries to grab an inode reference. However, the __ceph_remove_cap was clearing the inode backpointer _before_ removing itself from the session list, causing a null pointer dereference. Clear cap->ci under protection of s_cap_lock to avoid the race, and to tightly couple the list and backpointer state. Use a local flag to indicate whether we are releasing the cap, as cap->session may be modified by a racing thread in iterate_session_caps. Signed-off-by: Sage Weil <sage@newdream.net>
1 parent 45c6ceb
File | Mode | Size |
---|---|---|
include | ||
ss | ||
.gitignore | -rw-r--r-- | 25 bytes |
Kconfig | -rw-r--r-- | 5.1 KB |
Makefile | -rw-r--r-- | 728 bytes |
avc.c | -rw-r--r-- | 20.6 KB |
exports.c | -rw-r--r-- | 1.7 KB |
hooks.c | -rw-r--r-- | 140.9 KB |
netif.c | -rw-r--r-- | 7.6 KB |
netlabel.c | -rw-r--r-- | 12.2 KB |
netlink.c | -rw-r--r-- | 2.4 KB |
netnode.c | -rw-r--r-- | 8.7 KB |
netport.c | -rw-r--r-- | 7.1 KB |
nlmsgtab.c | -rw-r--r-- | 6.3 KB |
selinuxfs.c | -rw-r--r-- | 37.8 KB |
xfrm.c | -rw-r--r-- | 10.6 KB |
Computing file changes ...