fsnotify: Allocate overflow events with proper type

Commit 7053aee26a35 "fsnotify: do not share events between notification groups" used overflow event statically allocated in a group with the size of the generic notification event. This causes problems because some code looks at type specific parts of event structure and gets confused by a random data it sees there and causes crashes. Fix the problem by allocating overflow event with type corresponding to the group type so code cannot get confused. Signed-off-by: Jan Kara <jack@suse.cz>
author: Jan Kara <jack@suse.cz> 2014-02-21 13:14:11 -0500
committer: Jan Kara <jack@suse.cz> 2014-02-25 05:18:06 -0500
commit: ff57cd5863cf3014c1c5ed62ce2715294f065b17 (patch)
tree: c9bc7bd04326afc92d85a476d28453218c40e14e /fs/notify/inotify
parent: 482ef06c5e946aae360f247dc69471ec031e09d2 (diff)
1 files changed, 12 insertions, 0 deletions
diff --git a/fs/notify/inotify/inotify_user.c b/fs/notify/inotify/inotify_user.c
index 6528b5a54ca0..78a2ca3966c3 100644
--- a/fs/notify/inotify/inotify_user.c
+++ b/fs/notify/inotify/inotify_user.c
@@ -633,11 +633,23 @@ static int inotify_update_watch(struct fsnotify_group *group, struct inode *inod
 static struct fsnotify_group *inotify_new_group(unsigned int max_events)
 {
        struct fsnotify_group *group;
+        struct inotify_event_info *oevent;
        group = fsnotify_alloc_group(&inotify_fsnotify_ops);
        if (IS_ERR(group))
                return group;
+        oevent = kmalloc(sizeof(struct inotify_event_info), GFP_KERNEL);
+        if (unlikely(!oevent)) {
+                fsnotify_destroy_group(group);
+                return ERR_PTR(-ENOMEM);
+        }
+        group->overflow_event = &oevent->fse;
+        fsnotify_init_event(group->overflow_event, NULL, FS_Q_OVERFLOW);
+        oevent->wd = -1;
+        oevent->sync_cookie = 0;
+        oevent->name_len = 0;
        group->max_events = max_events;
        spin_lock_init(&group->inotify_data.idr_lock);
author	Jan Kara <jack@suse.cz>	2014-02-21 13:14:11 -0500
committer	Jan Kara <jack@suse.cz>	2014-02-25 05:18:06 -0500
commit	ff57cd5863cf3014c1c5ed62ce2715294f065b17 (patch)
tree	c9bc7bd04326afc92d85a476d28453218c40e14e /fs/notify/inotify
parent	482ef06c5e946aae360f247dc69471ec031e09d2 (diff)

diff --git a/fs/notify/inotify/inotify_user.c b/fs/notify/inotify/inotify_user.c index 6528b5a54ca0..78a2ca3966c3 100644 --- a/fs/notify/inotify/inotify_user.c +++ b/fs/notify/inotify/inotify_user.c
@@ -633,11 +633,23 @@ static int inotify_update_watch(struct fsnotify_group group, struct inode inod
633	static struct fsnotify_group *inotify_new_group(unsigned int max_events)	633	static struct fsnotify_group *inotify_new_group(unsigned int max_events)
634	{	634	{
635	struct fsnotify_group *group;	635	struct fsnotify_group *group;
		636	struct inotify_event_info *oevent;
636		637
637	group = fsnotify_alloc_group(&inotify_fsnotify_ops);	638	group = fsnotify_alloc_group(&inotify_fsnotify_ops);
638	if (IS_ERR(group))	639	if (IS_ERR(group))
639	return group;	640	return group;
640		641
		642	oevent = kmalloc(sizeof(struct inotify_event_info), GFP_KERNEL);
		643	if (unlikely(!oevent)) {
		644	fsnotify_destroy_group(group);
		645	return ERR_PTR(-ENOMEM);
		646	}
		647	group->overflow_event = &oevent->fse;
		648	fsnotify_init_event(group->overflow_event, NULL, FS_Q_OVERFLOW);
		649	oevent->wd = -1;
		650	oevent->sync_cookie = 0;
		651	oevent->name_len = 0;
		652
641	group->max_events = max_events;	653	group->max_events = max_events;
642		654
643	spin_lock_init(&group->inotify_data.idr_lock);	655	spin_lock_init(&group->inotify_data.idr_lock);