diff options
author | Steven Whitehouse <swhiteho@redhat.com> | 2008-12-19 10:43:05 -0500 |
---|---|---|
committer | Steven Whitehouse <swhiteho@redhat.com> | 2009-01-05 02:39:19 -0500 |
commit | 88a19ad066c1aab2f9713beb670525fcc06e1c09 (patch) | |
tree | 2d967c8f553a9dd862dc92fb085e5af1be859956 /fs/gfs2 | |
parent | fefc03bfedeff2002f14e848ecb7c0cd77ee0b15 (diff) |
GFS2: Fix use-after-free bug on umount (try #2)
This should solve the issue with the previous attempt at fixing this.
Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
Diffstat (limited to 'fs/gfs2')
-rw-r--r-- | fs/gfs2/ops_fstype.c | 20 | ||||
-rw-r--r-- | fs/gfs2/ops_super.c | 1 |
2 files changed, 12 insertions, 9 deletions
diff --git a/fs/gfs2/ops_fstype.c b/fs/gfs2/ops_fstype.c index 4cae60f4a175..f91eebdde581 100644 --- a/fs/gfs2/ops_fstype.c +++ b/fs/gfs2/ops_fstype.c | |||
@@ -1263,17 +1263,21 @@ static int gfs2_get_sb_meta(struct file_system_type *fs_type, int flags, | |||
1263 | static void gfs2_kill_sb(struct super_block *sb) | 1263 | static void gfs2_kill_sb(struct super_block *sb) |
1264 | { | 1264 | { |
1265 | struct gfs2_sbd *sdp = sb->s_fs_info; | 1265 | struct gfs2_sbd *sdp = sb->s_fs_info; |
1266 | if (sdp) { | 1266 | |
1267 | gfs2_meta_syncfs(sdp); | 1267 | if (sdp == NULL) { |
1268 | dput(sdp->sd_root_dir); | 1268 | kill_block_super(sb); |
1269 | dput(sdp->sd_master_dir); | 1269 | return; |
1270 | sdp->sd_root_dir = NULL; | ||
1271 | sdp->sd_master_dir = NULL; | ||
1272 | } | 1270 | } |
1271 | |||
1272 | gfs2_meta_syncfs(sdp); | ||
1273 | dput(sdp->sd_root_dir); | ||
1274 | dput(sdp->sd_master_dir); | ||
1275 | sdp->sd_root_dir = NULL; | ||
1276 | sdp->sd_master_dir = NULL; | ||
1273 | shrink_dcache_sb(sb); | 1277 | shrink_dcache_sb(sb); |
1274 | kill_block_super(sb); | 1278 | kill_block_super(sb); |
1275 | if (sdp) | 1279 | gfs2_delete_debugfs_file(sdp); |
1276 | gfs2_delete_debugfs_file(sdp); | 1280 | kfree(sdp); |
1277 | } | 1281 | } |
1278 | 1282 | ||
1279 | struct file_system_type gfs2_fs_type = { | 1283 | struct file_system_type gfs2_fs_type = { |
diff --git a/fs/gfs2/ops_super.c b/fs/gfs2/ops_super.c index 08837a728635..777783deddcb 100644 --- a/fs/gfs2/ops_super.c +++ b/fs/gfs2/ops_super.c | |||
@@ -182,7 +182,6 @@ static void gfs2_put_super(struct super_block *sb) | |||
182 | 182 | ||
183 | /* At this point, we're through participating in the lockspace */ | 183 | /* At this point, we're through participating in the lockspace */ |
184 | gfs2_sys_fs_del(sdp); | 184 | gfs2_sys_fs_del(sdp); |
185 | kfree(sdp); | ||
186 | } | 185 | } |
187 | 186 | ||
188 | /** | 187 | /** |