diff options
author | Justin M. Forbes <jforbes@fedoraproject.org> | 2020-04-29 09:22:36 -0500 |
---|---|---|
committer | Justin M. Forbes <jforbes@fedoraproject.org> | 2020-04-29 09:22:36 -0500 |
commit | 68dd5fcadc5b702c7d1426dea990ff0b55e62f42 (patch) | |
tree | 364eb5e0b639e450c9af02fb3575ab0ab333840b /0001-btrfs-fix-transaction-leak-in-btrfs_recover_relocati.patch | |
parent | 5a34ebde9f6e52bee966789ed3dc196af0724a20 (diff) | |
download | kernel-68dd5fcadc5b702c7d1426dea990ff0b55e62f42.tar.gz kernel-68dd5fcadc5b702c7d1426dea990ff0b55e62f42.tar.xz kernel-68dd5fcadc5b702c7d1426dea990ff0b55e62f42.zip |
* Wed Apr 29 2020 Justin M. Forbes <jforbes@fedoraproject.org> 5.7.0-0.rc3.20200428git51184ae37e05.1
- 51184ae37e05 rebase
Resolves: rhbz#
Signed-off-by: Justin M. Forbes <jforbes@fedoraproject.org>
Diffstat (limited to '0001-btrfs-fix-transaction-leak-in-btrfs_recover_relocati.patch')
-rw-r--r-- | 0001-btrfs-fix-transaction-leak-in-btrfs_recover_relocati.patch | 45 |
1 files changed, 45 insertions, 0 deletions
diff --git a/0001-btrfs-fix-transaction-leak-in-btrfs_recover_relocati.patch b/0001-btrfs-fix-transaction-leak-in-btrfs_recover_relocati.patch new file mode 100644 index 000000000..52942ea7a --- /dev/null +++ b/0001-btrfs-fix-transaction-leak-in-btrfs_recover_relocati.patch @@ -0,0 +1,45 @@ +From 1402d17dfd9657be0da8458b2079d03c2d61c86a Mon Sep 17 00:00:00 2001 +From: Xiyu Yang <xiyuyang19@fudan.edu.cn> +Date: Mon, 20 Apr 2020 13:39:39 +0800 +Subject: [PATCH] btrfs: fix transaction leak in btrfs_recover_relocation + +btrfs_recover_relocation() invokes btrfs_join_transaction(), which joins +a btrfs_trans_handle object into transactions and returns a reference of +it with increased refcount to "trans". + +When btrfs_recover_relocation() returns, "trans" becomes invalid, so the +refcount should be decreased to keep refcount balanced. + +The reference counting issue happens in one exception handling path of +btrfs_recover_relocation(). When read_fs_root() failed, the refcnt +increased by btrfs_join_transaction() is not decreased, causing a refcnt +leak. + +Fix this issue by calling btrfs_end_transaction() on this error path +when read_fs_root() failed. + +Fixes: 79787eaab461 ("btrfs: replace many BUG_ONs with proper error handling") +CC: stable@vger.kernel.org # 4.4+ +Reviewed-by: Filipe Manana <fdmanana@suse.com> +Signed-off-by: Xiyu Yang <xiyuyang19@fudan.edu.cn> +Signed-off-by: Xin Tan <tanxin.ctf@gmail.com> +Signed-off-by: David Sterba <dsterba@suse.com> +--- + fs/btrfs/relocation.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/fs/btrfs/relocation.c b/fs/btrfs/relocation.c +index d35936c934ab..03bc7134e8cb 100644 +--- a/fs/btrfs/relocation.c ++++ b/fs/btrfs/relocation.c +@@ -4559,6 +4559,7 @@ int btrfs_recover_relocation(struct btrfs_root *root) + if (IS_ERR(fs_root)) { + err = PTR_ERR(fs_root); + list_add_tail(&reloc_root->root_list, &reloc_roots); ++ btrfs_end_transaction(trans); + goto out_unset; + } + +-- +2.26.2 + |