This patch fixes incorrect error path in proc_get_inode(),
when module can't be get due to being unloaded.
When try_module_get() fails, this function puts de(!) and
still returns inode with non-getted de.
There are still unresolved known bugs in proc yet to be fixed:
- proc_dir_entry tree is managed without any serialization
- create_proc_entry() doesn't setup de->owner anyhow,
so setting it later manually is inatomic.
- looks like almost all modules do not care whether
it's de->owner is set...
Signed-Off-By: Denis Lunev <[email protected]>
Signed-Off-By: Kirill Korotaev <[email protected]>
--- ./fs/proc/inode.c.procino 2005-09-30 13:17:21.000000000 +0400
+++ ./fs/proc/inode.c 2005-09-30 13:17:55.000000000 +0400
@@ -205,10 +205,13 @@ struct inode *proc_get_inode(struct supe
WARN_ON(de && de->deleted);
+ if (de != NULL && !try_module_get(de->owner))
+ goto out_mod;
+
inode = iget(sb, ino);
if (!inode)
- goto out_fail;
-
+ goto out_ino;
+
PROC_I(inode)->pde = de;
if (de) {
if (de->mode) {
@@ -220,20 +223,20 @@ struct inode *proc_get_inode(struct supe
inode->i_size = de->size;
if (de->nlink)
inode->i_nlink = de->nlink;
- if (!try_module_get(de->owner))
- goto out_fail;
if (de->proc_iops)
inode->i_op = de->proc_iops;
if (de->proc_fops)
inode->i_fop = de->proc_fops;
}
-out:
return inode;
-out_fail:
+out_ino:
+ if (de != NULL)
+ module_put(de->owner);
+out_mod:
de_put(de);
- goto out;
+ return NULL;
}
int proc_fill_super(struct super_block *s, void *data, int silent)
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
| |
 |