/* -*- mode: c; c-basic-offset: 8; -*- * vim: noexpandtab sw=8 ts=8 sts=0: * * ocfs1_fs_compat.h * * OCFS1 volume header definitions. OCFS2 creates valid but unmountable * OCFS1 volume headers on the first two sectors of an OCFS2 volume. * This allows an OCFS1 volume to see the partition and cleanly fail to * mount it. * * Copyright (C) 2002, 2004 Oracle. All rights reserved. * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public * License, version 2, as published by the Free Software Foundation. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * General Public License for more details. * * You should have received a copy of the GNU General Public * License along with this program; if not, write to the * Free Software Foundation, Inc., 59 Temple Place - Suite 330, * Boston, MA 021110-1307, USA. */ #ifndef _OCFS1_FS_COMPAT_H #define _OCFS1_FS_COMPAT_H #define OCFS1_MAX_VOL_SIGNATURE_LEN 128 #define OCFS1_MAX_MOUNT_POINT_LEN 128 #define OCFS1_MAX_VOL_ID_LENGTH 16 #define OCFS1_MAX_VOL_LABEL_LEN 64 #define OCFS1_MAX_CLUSTER_NAME_LEN 64 #define OCFS1_MAJOR_VERSION (2) #define OCFS1_MINOR_VERSION (0) #define OCFS1_VOLUME_SIGNATURE "OracleCFS" /* * OCFS1 superblock. Lives at sector 0. */ struct ocfs1_vol_disk_hdr { /*00*/ __u32 minor_version; __u32 major_version; /*08*/ __u8 signature[OCFS1_MAX_VOL_SIGNATURE_LEN]; /*88*/ __u8 mount_point[OCFS1_MAX_MOUNT_POINT_LEN]; /*108*/ __u64 serial_num; /*110*/ __u64 device_size; __u64 start_off; /*120*/ __u64 bitmap_off; __u64 publ_off; /*130*/ __u64 vote_off; __u64 root_bitmap_off; /*140*/ __u64 data_start_off; __u64 root_bitmap_size; /*150*/ __u64 root_off; __u64 root_size; /*160*/ __u64 cluster_size; __u64 num_nodes; /*170*/ __u64 num_clusters; __u64 dir_node_size; /*180*/ __u64 file_node_size; __u64 internal_off; /*190*/ __u64 node_cfg_off; __u64 node_cfg_size; /*1A0*/ __u64 new_cfg_off; __u32 prot_bits; __s32 excl_mount; /*1B0*/ }; struct ocfs1_disk_lock { /*00*/ __u32 curr_master; __u8 file_lock; __u8 compat_pad[3]; /* Not in original definition. Used to make the already existing alignment explicit */ __u64 last_write_time; /*10*/ __u64 last_read_time; __u32 writer_node_num; __u32 reader_node_num; /*20*/ __u64 oin_node_map; __u64 dlock_seq_num; /*30*/ }; /* * OCFS1 volume label. Lives at sector 1. */ struct ocfs1_vol_label { /*00*/ struct ocfs1_disk_lock disk_lock; /*30*/ __u8 label[OCFS1_MAX_VOL_LABEL_LEN]; /*70*/ __u16 label_len; /*72*/ __u8 vol_id[OCFS1_MAX_VOL_ID_LENGTH]; /*82*/ __u16 vol_id_len; /*84*/ __u8 cluster_name[OCFS1_MAX_CLUSTER_NAME_LEN]; /*A4*/ __u16 cluster_name_len; /*A6*/ }; #endif /* _OCFS1_FS_COMPAT_H */ t/include/net/scm.h
diff options
context:
space:
mode:
authorEric Dumazet <edumazet@google.com>2017-01-27 08:11:44 -0800
committerDavid S. Miller <davem@davemloft.net>2017-01-29 18:30:56 -0500
commitf1712c73714088a7252d276a57126d56c7d37e64 (patch)
tree962ee49daf8d1cba8403fcf03b315d4a142ec944 /include/net/scm.h
parentdc97a89e726c4e1830320d1db8215ef77ecebae0 (diff)
can: Fix kernel panic at security_sock_rcv_skb
Zhang Yanmin reported crashes [1] and provided a patch adding a synchronize_rcu() call in can_rx_unregister() The main problem seems that the sockets themselves are not RCU protected. If CAN uses RCU for delivery, then sockets should be freed only after one RCU grace period. Recent kernels could use sock_set_flag(sk, SOCK_RCU_FREE), but let's ease stable backports with the following fix instead. [1] BUG: unable to handle kernel NULL pointer dereference at (null) IP: [<ffffffff81495e25>] selinux_socket_sock_rcv_skb+0x65/0x2a0 Call Trace: <IRQ> [<ffffffff81485d8c>] security_sock_rcv_skb+0x4c/0x60 [<ffffffff81d55771>] sk_filter+0x41/0x210 [<ffffffff81d12913>] sock_queue_rcv_skb+0x53/0x3a0 [<ffffffff81f0a2b3>] raw_rcv+0x2a3/0x3c0 [<ffffffff81f06eab>] can_rcv_filter+0x12b/0x370 [<ffffffff81f07af9>] can_receive+0xd9/0x120 [<ffffffff81f07beb>] can_rcv+0xab/0x100 [<ffffffff81d362ac>] __netif_receive_skb_core+0xd8c/0x11f0 [<ffffffff81d36734>] __netif_receive_skb+0x24/0xb0 [<ffffffff81d37f67>] process_backlog+0x127/0x280 [<ffffffff81d36f7b>] net_rx_action+0x33b/0x4f0 [<ffffffff810c88d4>] __do_softirq+0x184/0x440 [<ffffffff81f9e86c>] do_softirq_own_stack+0x1c/0x30 <EOI> [<ffffffff810c76fb>] do_softirq.part.18+0x3b/0x40 [<ffffffff810c8bed>] do_softirq+0x1d/0x20 [<ffffffff81d30085>] netif_rx_ni+0xe5/0x110 [<ffffffff8199cc87>] slcan_receive_buf+0x507/0x520 [<ffffffff8167ef7c>] flush_to_ldisc+0x21c/0x230 [<ffffffff810e3baf>] process_one_work+0x24f/0x670 [<ffffffff810e44ed>] worker_thread+0x9d/0x6f0 [<ffffffff810e4450>] ? rescuer_thread+0x480/0x480 [<ffffffff810ebafc>] kthread+0x12c/0x150 [<ffffffff81f9ccef>] ret_from_fork+0x3f/0x70 Reported-by: Zhang Yanmin <yanmin.zhang@intel.com> Signed-off-by: Eric Dumazet <edumazet@google.com> Acked-by: Oliver Hartkopp <socketcan@hartkopp.net> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'include/net/scm.h')