diff options
author | Jeff Layton <jlayton@redhat.com> | 2012-02-23 09:37:45 -0500 |
---|---|---|
committer | Steve French <smfrench@gmail.com> | 2012-02-27 00:16:26 -0500 |
commit | 5bccda0ebc7c0331b81ac47d39e4b920b198b2cd (patch) | |
tree | 542363c187479df4124bed5441a7fc66bafc4065 /fs/cifs/dir.c | |
parent | 6de2ce423157d06f73d570ef7044f08c2f8697da (diff) |
cifs: fix dentry refcount leak when opening a FIFO on lookup
The cifs code will attempt to open files on lookup under certain
circumstances. What happens though if we find that the file we opened
was actually a FIFO or other special file?
Currently, the open filehandle just ends up being leaked leading to
a dentry refcount mismatch and oops on umount. Fix this by having the
code close the filehandle on the server if it turns out not to be a
regular file. While we're at it, change this spaghetti if statement
into a switch too.
Cc: stable@vger.kernel.org
Reported-by: CAI Qian <caiqian@redhat.com>
Tested-by: CAI Qian <caiqian@redhat.com>
Reviewed-by: Shirish Pargaonkar <shirishpargaonkar@gmail.com>
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <smfrench@gmail.com>
Diffstat (limited to 'fs/cifs/dir.c')
-rw-r--r-- | fs/cifs/dir.c | 20 |
1 files changed, 18 insertions, 2 deletions
diff --git a/fs/cifs/dir.c b/fs/cifs/dir.c index 63a196b97d50..bc7e24420ac0 100644 --- a/fs/cifs/dir.c +++ b/fs/cifs/dir.c | |||
@@ -584,10 +584,26 @@ cifs_lookup(struct inode *parent_dir_inode, struct dentry *direntry, | |||
584 | * If either that or op not supported returned, follow | 584 | * If either that or op not supported returned, follow |
585 | * the normal lookup. | 585 | * the normal lookup. |
586 | */ | 586 | */ |
587 | if ((rc == 0) || (rc == -ENOENT)) | 587 | switch (rc) { |
588 | case 0: | ||
589 | /* | ||
590 | * The server may allow us to open things like | ||
591 | * FIFOs, but the client isn't set up to deal | ||
592 | * with that. If it's not a regular file, just | ||
593 | * close it and proceed as if it were a normal | ||
594 | * lookup. | ||
595 | */ | ||
596 | if (newInode && !S_ISREG(newInode->i_mode)) { | ||
597 | CIFSSMBClose(xid, pTcon, fileHandle); | ||
598 | break; | ||
599 | } | ||
600 | case -ENOENT: | ||
588 | posix_open = true; | 601 | posix_open = true; |
589 | else if ((rc == -EINVAL) || (rc != -EOPNOTSUPP)) | 602 | case -EOPNOTSUPP: |
603 | break; | ||
604 | default: | ||
590 | pTcon->broken_posix_open = true; | 605 | pTcon->broken_posix_open = true; |
606 | } | ||
591 | } | 607 | } |
592 | if (!posix_open) | 608 | if (!posix_open) |
593 | rc = cifs_get_inode_info_unix(&newInode, full_path, | 609 | rc = cifs_get_inode_info_unix(&newInode, full_path, |