aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSteve French <sfrench@us.ibm.com>2007-05-23 10:45:36 -0400
committerSteve French <sfrench@us.ibm.com>2007-05-23 10:45:36 -0400
commit28356a1679006b110215596e057f304ef3083922 (patch)
treea0fb257bab98c9fe5057462ee4f9cf84b88100a6
parentad9ddd66c6e8a79630a975ff0bb8d45a11abe630 (diff)
[CIFS] Fix oops on failed cifs mount (in kthread_stop)
If the cifs demultiplex thread wakes up and exits (zeroing server->tsk) before kthread_stop is called, the cifs_mount code could pass a null pointer to kthread_stop Thanks to akpm, Dave Young and Shaggy for suggesting earlier versions of this patch. CC: akpm@linux-foundatior.org Signed-off-by: Dave Young <hidave.darkstar@gmail.com> Signed-off-by: Dave Kleikamp <shaggy@linux.vnet.ibm.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
-rw-r--r--fs/cifs/connect.c14
1 files changed, 12 insertions, 2 deletions
diff --git a/fs/cifs/connect.c b/fs/cifs/connect.c
index 216fb625843f..f6963d183c53 100644
--- a/fs/cifs/connect.c
+++ b/fs/cifs/connect.c
@@ -2069,8 +2069,15 @@ cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb,
2069 srvTcp->tcpStatus = CifsExiting; 2069 srvTcp->tcpStatus = CifsExiting;
2070 spin_unlock(&GlobalMid_Lock); 2070 spin_unlock(&GlobalMid_Lock);
2071 if (srvTcp->tsk) { 2071 if (srvTcp->tsk) {
2072 struct task_struct *tsk;
2073 /* If we could verify that kthread_stop would
2074 always wake up processes blocked in
2075 tcp in recv_mesg then we could remove the
2076 send_sig call */
2072 send_sig(SIGKILL,srvTcp->tsk,1); 2077 send_sig(SIGKILL,srvTcp->tsk,1);
2073 kthread_stop(srvTcp->tsk); 2078 tsk = srvTcp->tsk;
2079 if(tsk)
2080 kthread_stop(srvTcp->tsk);
2074 } 2081 }
2075 } 2082 }
2076 /* If find_unc succeeded then rc == 0 so we can not end */ 2083 /* If find_unc succeeded then rc == 0 so we can not end */
@@ -2085,8 +2092,11 @@ cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb,
2085 /* if the socketUseCount is now zero */ 2092 /* if the socketUseCount is now zero */
2086 if ((temp_rc == -ESHUTDOWN) && 2093 if ((temp_rc == -ESHUTDOWN) &&
2087 (pSesInfo->server) && (pSesInfo->server->tsk)) { 2094 (pSesInfo->server) && (pSesInfo->server->tsk)) {
2095 struct task_struct *tsk;
2088 send_sig(SIGKILL,pSesInfo->server->tsk,1); 2096 send_sig(SIGKILL,pSesInfo->server->tsk,1);
2089 kthread_stop(pSesInfo->server->tsk); 2097 tsk = pSesInfo->server->tsk;
2098 if(tsk)
2099 kthread_stop(tsk);
2090 } 2100 }
2091 } else 2101 } else
2092 cFYI(1, ("No session or bad tcon")); 2102 cFYI(1, ("No session or bad tcon"));