Diffusion FreeBSD src repository 0f86fcc2a7bb

Linux: Fix zfs_prune panics
0f86fcc2a7bb
Actions

Description

Linux: Fix zfs_prune panics

by protecting against sb->s_shrink eviction on umount with newer kernels

deactivate_locked_super calls shrinker_free and only then
sops->kill_sb cb, resulting in UAF on umount when trying
to reach for the shrinker functions in zpl_prune_sb of
in-umount dataset

Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Reviewed-by: Adam Moss <c@yotes.com>
Signed-off-by: Pavel Snajdr <snajpa@snajpa.net>
Closes #16770

Details

Provenance

Pavel Snajdr <snajpa@snajpa.net>	Authored on Nov 21 2024, 11:30 PM
Tony Hutter <hutter2@llnl.gov>	Committed on Nov 26 2024, 5:55 PM

Parents

rGa6e1cd183808: Linux 6.12 compat: META

Branches

Unknown

Tags

Unknown

Event Timeline

Tony Hutter <hutter2@llnl.gov> committed rG0f86fcc2a7bb: Linux: Fix zfs_prune panics (authored by Pavel Snajdr <snajpa@snajpa.net>).Nov 26 2024, 5:55 PM

Changes (1)

Path

Size

module/

os/

linux/

zfs/

zpl_super.c

rG0f86fcc2a7bb

View Options

module/os/linux/zfs/zpl_super.c