1. Patchew
  2. linux
  3. View series

[PATCH] ocfs2: fix race between ocfs2_control_install_private() and ocfs2_control_release()

Joseph Qi posted 1 patch 6 days, 17 hours ago 
fs/ocfs2/stack_user.c | 10 +++-------
1 file changed, 3 insertions(+), 7 deletions(-)
[PATCH] ocfs2: fix race between ocfs2_control_install_private() and ocfs2_control_release()
Posted by Joseph Qi 6 days, 17 hours ago 
Move atomic_inc(&ocfs2_control_opened) and the handshake state update
inside ocfs2_control_lock to close a race window where
ocfs2_control_release() can observe ocfs2_control_opened dropping to
zero (resetting ocfs2_control_this_node and running_proto) while
ocfs2_control_install_private() is about to bump the counter and mark
the connection valid.

Fixes: 3cfd4ab6b6b4 ("ocfs2: Add the local node id to the handshake.")
Reported-by: Ginger <ginger@gmail.com>
Signed-off-by: Joseph Qi <joseph.qi@linux.alibaba.com>
---
 fs/ocfs2/stack_user.c | 10 +++-------
 1 file changed, 3 insertions(+), 7 deletions(-)

diff --git a/fs/ocfs2/stack_user.c b/fs/ocfs2/stack_user.c
index 5803f1dee679..91e19d33847c 100644
--- a/fs/ocfs2/stack_user.c
+++ b/fs/ocfs2/stack_user.c
@@ -327,18 +327,14 @@ static int ocfs2_control_install_private(struct file *file)
 		ocfs2_control_this_node = p->op_this_node;
 		running_proto.pv_major = p->op_proto.pv_major;
 		running_proto.pv_minor = p->op_proto.pv_minor;
-	}
-
-out_unlock:
-	mutex_unlock(&ocfs2_control_lock);
-
-	if (!rc && set_p) {
-		/* We set the global values successfully */
 		atomic_inc(&ocfs2_control_opened);
 		ocfs2_control_set_handshake_state(file,
 					OCFS2_CONTROL_HANDSHAKE_VALID);
 	}
 
+out_unlock:
+	mutex_unlock(&ocfs2_control_lock);
+
 	return rc;
 }
 
-- 
2.39.3
Re: [PATCH] ocfs2: fix race between ocfs2_control_install_private() and ocfs2_control_release()
Posted by Heming Zhao 6 days, 1 hour ago 
On Mon, Jun 01, 2026 at 08:16:18PM +0800, Joseph Qi wrote:
> Move atomic_inc(&ocfs2_control_opened) and the handshake state update
> inside ocfs2_control_lock to close a race window where
> ocfs2_control_release() can observe ocfs2_control_opened dropping to
> zero (resetting ocfs2_control_this_node and running_proto) while
> ocfs2_control_install_private() is about to bump the counter and mark
> the connection valid.
> 
> Fixes: 3cfd4ab6b6b4 ("ocfs2: Add the local node id to the handshake.")
> Reported-by: Ginger <ginger@gmail.com>

The code looks good to me, but above email address is not valid.
The correct should be: <ginger.jzllee@gmail.com>

- Heming

> Signed-off-by: Joseph Qi <joseph.qi@linux.alibaba.com>
> ---
>  fs/ocfs2/stack_user.c | 10 +++-------
>  1 file changed, 3 insertions(+), 7 deletions(-)
> 
> diff --git a/fs/ocfs2/stack_user.c b/fs/ocfs2/stack_user.c
> index 5803f1dee679..91e19d33847c 100644
> --- a/fs/ocfs2/stack_user.c
> +++ b/fs/ocfs2/stack_user.c
> @@ -327,18 +327,14 @@ static int ocfs2_control_install_private(struct file *file)
>  		ocfs2_control_this_node = p->op_this_node;
>  		running_proto.pv_major = p->op_proto.pv_major;
>  		running_proto.pv_minor = p->op_proto.pv_minor;
> -	}
> -
> -out_unlock:
> -	mutex_unlock(&ocfs2_control_lock);
> -
> -	if (!rc && set_p) {
> -		/* We set the global values successfully */
>  		atomic_inc(&ocfs2_control_opened);
>  		ocfs2_control_set_handshake_state(file,
>  					OCFS2_CONTROL_HANDSHAKE_VALID);
>  	}
>  
> +out_unlock:
> +	mutex_unlock(&ocfs2_control_lock);
> +
>  	return rc;
>  }
>  
> -- 
> 2.39.3
>
Re: [PATCH] ocfs2: fix race between ocfs2_control_install_private() and ocfs2_control_release()
Posted by Joseph Qi 5 days, 23 hours ago 

On 6/2/26 12:18 PM, Heming Zhao wrote:
> On Mon, Jun 01, 2026 at 08:16:18PM +0800, Joseph Qi wrote:
>> Move atomic_inc(&ocfs2_control_opened) and the handshake state update
>> inside ocfs2_control_lock to close a race window where
>> ocfs2_control_release() can observe ocfs2_control_opened dropping to
>> zero (resetting ocfs2_control_this_node and running_proto) while
>> ocfs2_control_install_private() is about to bump the counter and mark
>> the connection valid.
>>
>> Fixes: 3cfd4ab6b6b4 ("ocfs2: Add the local node id to the handshake.")
>> Reported-by: Ginger <ginger@gmail.com>
> 
> The code looks good to me, but above email address is not valid.
> The correct should be: <ginger.jzllee@gmail.com>
> 

Oops, my mistake. Thank you for pointing out this.

Thanks,
Joseph
Re: [PATCH] ocfs2: fix race between ocfs2_control_install_private() and ocfs2_control_release()
Posted by Andrew Morton 6 days ago 
On Tue, 2 Jun 2026 12:18:59 +0800 Heming Zhao <heming.zhao@suse.com> wrote:

> On Mon, Jun 01, 2026 at 08:16:18PM +0800, Joseph Qi wrote:
> > Move atomic_inc(&ocfs2_control_opened) and the handshake state update
> > inside ocfs2_control_lock to close a race window where
> > ocfs2_control_release() can observe ocfs2_control_opened dropping to
> > zero (resetting ocfs2_control_this_node and running_proto) while
> > ocfs2_control_install_private() is about to bump the counter and mark
> > the connection valid.
> > 
> > Fixes: 3cfd4ab6b6b4 ("ocfs2: Add the local node id to the handshake.")
> > Reported-by: Ginger <ginger@gmail.com>
> 
> The code looks good to me, but above email address is not valid.
> The correct should be: <ginger.jzllee@gmail.com>

Updated, thanks.

Patchew 2.1-devel-ea86937

© 2016 - 2026 Red Hat, Inc.