diff options
author | Suresh Jayaraman <sjayaraman@suse.de> | 2009-09-30 04:53:48 -0400 |
---|---|---|
committer | Jens Axboe <jens.axboe@oracle.com> | 2009-10-01 15:15:46 -0400 |
commit | 3bd0f0c763e497c8674b28e3df2732f48683dabd (patch) | |
tree | fd3bb8635291ad8c0b4e302e40cc776fd1644ada | |
parent | a112a71d45b5e40c3cf07371d20a4a5079a72610 (diff) |
swapfile: avoid NULL pointer dereference in swapon when s_bdev is NULL
While testing Swap over NFS patchset, I noticed an oops that was triggered
during swapon. Investigating further, the NULL pointer deference is due to the
SSD device check/optimization in the swapon code that assumes s_bdev could never
be NULL.
inode->i_sb->s_bdev could be NULL in a few cases. For e.g. one such case is
loopback NFS mount, there could be others as well. Fix this by ensuring s_bdev
is not NULL before we try to deference s_bdev.
Signed-off-by: Suresh Jayaraman <sjayaraman@suse.de>
Signed-off-by: Jens Axboe <jens.axboe@oracle.com>
-rw-r--r-- | mm/swapfile.c | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/mm/swapfile.c b/mm/swapfile.c index 4de7f02f820b..a1bc6b9af9a2 100644 --- a/mm/swapfile.c +++ b/mm/swapfile.c | |||
@@ -1974,12 +1974,14 @@ SYSCALL_DEFINE2(swapon, const char __user *, specialfile, int, swap_flags) | |||
1974 | goto bad_swap; | 1974 | goto bad_swap; |
1975 | } | 1975 | } |
1976 | 1976 | ||
1977 | if (blk_queue_nonrot(bdev_get_queue(p->bdev))) { | 1977 | if (p->bdev) { |
1978 | p->flags |= SWP_SOLIDSTATE; | 1978 | if (blk_queue_nonrot(bdev_get_queue(p->bdev))) { |
1979 | p->cluster_next = 1 + (random32() % p->highest_bit); | 1979 | p->flags |= SWP_SOLIDSTATE; |
1980 | p->cluster_next = 1 + (random32() % p->highest_bit); | ||
1981 | } | ||
1982 | if (discard_swap(p) == 0) | ||
1983 | p->flags |= SWP_DISCARDABLE; | ||
1980 | } | 1984 | } |
1981 | if (discard_swap(p) == 0) | ||
1982 | p->flags |= SWP_DISCARDABLE; | ||
1983 | 1985 | ||
1984 | mutex_lock(&swapon_mutex); | 1986 | mutex_lock(&swapon_mutex); |
1985 | spin_lock(&swap_lock); | 1987 | spin_lock(&swap_lock); |