[PATCH net 0/2] rxrpc: Fix local endpoint handling

From: David Howells
Date: Wed Aug 14 2019 - 06:47:55 EST

Next message: David Howells: "[PATCH net 1/2] rxrpc: Fix local endpoint replacement"
Previous message: Dariusz Marcinkiewicz: "[PATCH v7 9/9] drm: exynos: exynos_hdmi: use cec_notifier_conn_(un)register"
Next in thread: David Howells: "[PATCH net 1/2] rxrpc: Fix local endpoint replacement"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Here's a pair of patches that fix two issues in the handling of local
endpoints (rxrpc_local structs):

(1) Use list_replace_init() rather than list_replace() if we're going to
unconditionally delete the replaced item later, lest the list get
corrupted.

(2) Don't access the rxrpc_local object after passing our ref to the
workqueue, not even to illuminate tracepoints, as the work function
may cause the object to be freed. We have to cache the information
beforehand.

The patches are tagged here:

git://git.kernel.org/pub/scm/linux/kernel/git/dhowells/linux-fs.git
rxrpc-fixes-20190814

and can also be found on the following branch:

http://git.kernel.org/cgit/linux/kernel/git/dhowells/linux-fs.git/log/?h=rxrpc-fixes

David
---
David Howells (2):
rxrpc: Fix local endpoint replacement
rxrpc: Fix read-after-free in rxrpc_queue_local()

include/trace/events/rxrpc.h | 6 +++---
net/rxrpc/local_object.c | 21 +++++++++++----------
2 files changed, 14 insertions(+), 13 deletions(-)

Next message: David Howells: "[PATCH net 1/2] rxrpc: Fix local endpoint replacement"
Previous message: Dariusz Marcinkiewicz: "[PATCH v7 9/9] drm: exynos: exynos_hdmi: use cec_notifier_conn_(un)register"
Next in thread: David Howells: "[PATCH net 1/2] rxrpc: Fix local endpoint replacement"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]