diff options
author | David Howells <dhowells@redhat.com> | 2019-06-20 16:49:35 +0100 |
---|---|---|
committer | David Howells <dhowells@redhat.com> | 2019-06-20 16:49:35 +0100 |
commit | a6853b9ce81a8f32f3c13c30ae951bb6830a896a (patch) | |
tree | 7d9ec9c2d44c150862ab74db4475dd96ed8ce823 | |
parent | 3647e42b55dcbf3b93457eb750660676e8df5010 (diff) | |
download | linux-a6853b9ce81a8f32f3c13c30ae951bb6830a896a.tar.bz2 |
afs: Fix vlserver record corruption
Because I made the afs_call struct share pointers to an afs_server object
and an afs_vlserver object to save space, afs_put_call() calls
afs_put_server() on afs_vlserver object (which is only meant for the
afs_server object) because it sees that call->server isn't NULL.
This means that the afs_vlserver object gets unpredictably and randomly
modified, depending on what config options are set (such as lockdep).
Fix this by getting rid of the union and having two non-overlapping
pointers in the afs_call struct.
Fixes: ffba718e9354 ("afs: Get rid of afs_call::reply[]")
Signed-off-by: David Howells <dhowells@redhat.com>
-rw-r--r-- | fs/afs/internal.h | 6 |
1 files changed, 2 insertions, 4 deletions
diff --git a/fs/afs/internal.h b/fs/afs/internal.h index 2073c1a3ab4b..c9495c8dea93 100644 --- a/fs/afs/internal.h +++ b/fs/afs/internal.h @@ -113,10 +113,8 @@ struct afs_call { struct rxrpc_call *rxcall; /* RxRPC call handle */ struct key *key; /* security for this call */ struct afs_net *net; /* The network namespace */ - union { - struct afs_server *server; - struct afs_vlserver *vlserver; - }; + struct afs_server *server; /* The fileserver record if fs op (pins ref) */ + struct afs_vlserver *vlserver; /* The vlserver record if vl op */ struct afs_cb_interest *cbi; /* Callback interest for server used */ struct afs_vnode *lvnode; /* vnode being locked */ void *request; /* request data (first part) */ |