aboutsummaryrefslogtreecommitdiffstats
path: root/fs
diff options
context:
space:
mode:
authorSteven Whitehouse <swhiteho@redhat.com>2008-12-19 10:43:05 -0500
committerSteven Whitehouse <swhiteho@redhat.com>2009-01-05 02:39:19 -0500
commit88a19ad066c1aab2f9713beb670525fcc06e1c09 (patch)
tree2d967c8f553a9dd862dc92fb085e5af1be859956 /fs
parentfefc03bfedeff2002f14e848ecb7c0cd77ee0b15 (diff)
GFS2: Fix use-after-free bug on umount (try #2)
This should solve the issue with the previous attempt at fixing this. Signed-off-by: Steven Whitehouse <swhiteho@redhat.com>
Diffstat (limited to 'fs')
-rw-r--r--fs/gfs2/ops_fstype.c20
-rw-r--r--fs/gfs2/ops_super.c1
2 files changed, 12 insertions, 9 deletions
diff --git a/fs/gfs2/ops_fstype.c b/fs/gfs2/ops_fstype.c
index 4cae60f4a175..f91eebdde581 100644
--- a/fs/gfs2/ops_fstype.c
+++ b/fs/gfs2/ops_fstype.c
@@ -1263,17 +1263,21 @@ static int gfs2_get_sb_meta(struct file_system_type *fs_type, int flags,
1263static void gfs2_kill_sb(struct super_block *sb) 1263static void gfs2_kill_sb(struct super_block *sb)
1264{ 1264{
1265 struct gfs2_sbd *sdp = sb->s_fs_info; 1265 struct gfs2_sbd *sdp = sb->s_fs_info;
1266 if (sdp) { 1266
1267 gfs2_meta_syncfs(sdp); 1267 if (sdp == NULL) {
1268 dput(sdp->sd_root_dir); 1268 kill_block_super(sb);
1269 dput(sdp->sd_master_dir); 1269 return;
1270 sdp->sd_root_dir = NULL;
1271 sdp->sd_master_dir = NULL;
1272 } 1270 }
1271
1272 gfs2_meta_syncfs(sdp);
1273 dput(sdp->sd_root_dir);
1274 dput(sdp->sd_master_dir);
1275 sdp->sd_root_dir = NULL;
1276 sdp->sd_master_dir = NULL;
1273 shrink_dcache_sb(sb); 1277 shrink_dcache_sb(sb);
1274 kill_block_super(sb); 1278 kill_block_super(sb);
1275 if (sdp) 1279 gfs2_delete_debugfs_file(sdp);
1276 gfs2_delete_debugfs_file(sdp); 1280 kfree(sdp);
1277} 1281}
1278 1282
1279struct file_system_type gfs2_fs_type = { 1283struct file_system_type gfs2_fs_type = {
diff --git a/fs/gfs2/ops_super.c b/fs/gfs2/ops_super.c
index 08837a728635..777783deddcb 100644
--- a/fs/gfs2/ops_super.c
+++ b/fs/gfs2/ops_super.c
@@ -182,7 +182,6 @@ static void gfs2_put_super(struct super_block *sb)
182 182
183 /* At this point, we're through participating in the lockspace */ 183 /* At this point, we're through participating in the lockspace */
184 gfs2_sys_fs_del(sdp); 184 gfs2_sys_fs_del(sdp);
185 kfree(sdp);
186} 185}
187 186
188/** 187/**