summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorDavid Howells <dhowells@redhat.com>2019-06-20 16:49:35 +0100
committerDavid Howells <dhowells@redhat.com>2019-06-20 16:49:35 +0100
commita6853b9ce81a8f32f3c13c30ae951bb6830a896a (patch)
tree7d9ec9c2d44c150862ab74db4475dd96ed8ce823
parent3647e42b55dcbf3b93457eb750660676e8df5010 (diff)
downloadlinux-a6853b9ce81a8f32f3c13c30ae951bb6830a896a.tar.bz2
afs: Fix vlserver record corruption
Because I made the afs_call struct share pointers to an afs_server object and an afs_vlserver object to save space, afs_put_call() calls afs_put_server() on afs_vlserver object (which is only meant for the afs_server object) because it sees that call->server isn't NULL. This means that the afs_vlserver object gets unpredictably and randomly modified, depending on what config options are set (such as lockdep). Fix this by getting rid of the union and having two non-overlapping pointers in the afs_call struct. Fixes: ffba718e9354 ("afs: Get rid of afs_call::reply[]") Signed-off-by: David Howells <dhowells@redhat.com>
-rw-r--r--fs/afs/internal.h6
1 files changed, 2 insertions, 4 deletions
diff --git a/fs/afs/internal.h b/fs/afs/internal.h
index 2073c1a3ab4b..c9495c8dea93 100644
--- a/fs/afs/internal.h
+++ b/fs/afs/internal.h
@@ -113,10 +113,8 @@ struct afs_call {
struct rxrpc_call *rxcall; /* RxRPC call handle */
struct key *key; /* security for this call */
struct afs_net *net; /* The network namespace */
- union {
- struct afs_server *server;
- struct afs_vlserver *vlserver;
- };
+ struct afs_server *server; /* The fileserver record if fs op (pins ref) */
+ struct afs_vlserver *vlserver; /* The vlserver record if vl op */
struct afs_cb_interest *cbi; /* Callback interest for server used */
struct afs_vnode *lvnode; /* vnode being locked */
void *request; /* request data (first part) */