freebsd-nq/module/spl
Chunwei Chen cce83ba0ec Fix use-after-free in taskq_seq_show_impl
taskq_seq_show_impl walks the tq_active_list to show the tqent_func and
tqent_arg. However for taskq_dispatch_ent, it's very likely that the
task entry will be freed during the function call, and causes a
use-after-free bug.

To fix this, we duplicate the task entry to an on-stack struct, and
assign it instead to tqt_task. This way, the tq_lock alone will
guarantee its safety.

Reviewed-by: Tim Chase <tim@chase2k.com>
Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Chunwei Chen <david.chen@osnexus.com>
Closes #638 
Closes #640
2017-08-04 09:57:58 -07:00
..
Makefile.in Support parallel build trees (VPATH builds) 2015-07-17 12:53:11 -07:00
spl-atomic.c Refresh links to web site 2013-03-04 19:09:34 -08:00
spl-condvar.c Fix cv_timedwait timeout 2017-05-25 10:01:44 -07:00
spl-cred.c Linux 4.9 compat: group_info changes 2016-10-20 09:33:28 -07:00
spl-err.c Module parameter to enable spl_panic() to panic the kernel 2017-07-25 23:03:12 -07:00
spl-generic.c Add __divmoddi4 and __udivmoddi4 for 32-bit arch 2017-08-03 10:41:42 -07:00
spl-kmem-cache.c Add support for recent kmem_cache_create_usercopy 2017-01-17 12:05:14 -08:00
spl-kmem.c Increase spl_kmem_alloc_warn limit 2016-09-16 17:10:36 -07:00
spl-kobj.c kobj_read_file: Return -1 on vn_rdwr() error 2016-01-23 10:10:44 -08:00
spl-kstat.c Avoid WARN() from procfs on kstat collision 2017-07-24 10:52:53 -07:00
spl-mutex.c Remove adaptive mutex implementation 2014-10-17 15:07:28 -07:00
spl-proc.c Linux 4.13 compat: wait queues 2017-07-23 19:32:14 -07:00
spl-rwlock.c Reimplement rt_mutex_owner to fix build with DEBUG & PREEMPT_RT_FULL 2017-01-19 14:41:38 -08:00
spl-taskq.c Fix use-after-free in taskq_seq_show_impl 2017-08-04 09:57:58 -07:00
spl-thread.c Retire legacy debugging infrastructure 2014-11-19 10:35:07 -08:00
spl-tsd.c Use tsd to store tq for taskq_member 2016-01-20 13:07:45 -08:00
spl-vmem.c Fix vmem_size() 2016-11-02 10:34:19 -07:00
spl-vnode.c Linux 4.12 compat: PF_FSTRANS was removed 2017-05-09 10:36:54 -07:00
spl-xdr.c Retire legacy debugging infrastructure 2014-11-19 10:35:07 -08:00
spl-zlib.c Refactor existing code 2015-01-16 13:55:08 -08:00