diff options
author | Jeff Mahoney <jeffm@suse.com> | 2007-04-11 23:28:46 -0700 |
---|---|---|
committer | Linus Torvalds <torvalds@woody.linux-foundation.org> | 2007-04-12 15:31:42 -0700 |
commit | c3724b129b5a1a1789a2dc5348685a236ae02479 (patch) | |
tree | d664a2d672b62c9bde71992cdd8e1b7904f5e3d0 /fs | |
parent | 6d205f120547043de663315698dcf5f0eaa31b5c (diff) | |
download | kernel_samsung_smdk4412-c3724b129b5a1a1789a2dc5348685a236ae02479.zip kernel_samsung_smdk4412-c3724b129b5a1a1789a2dc5348685a236ae02479.tar.gz kernel_samsung_smdk4412-c3724b129b5a1a1789a2dc5348685a236ae02479.tar.bz2 |
[PATCH] autofs4: fix race in unhashed dentry code
Commit f50b6f8691cae2e0064c499dd3ef3f31142987f0 introduced a race in
autofs4 between autofs_lookup_unhashed() and autofs_dentry_release().
autofs_dentry_release() ends up clearing the ->dentry and ->inode members
of autofs_info before removing it from the rehash list. The list is
protected by the rehash lock in both functions, but since
autofs_dentry_release() starts tearing the autofs_info struct down before
removing it from the list, autofs_lookup_unhashed() can get a autofs_info
with a NULL dentry.
This patch moves the clearing of ->dentry and ->inode after the removal
from the rehash list.
Signed-off-by: Jeff Mahoney <jeffm@suse.com>
Acked-by: Ian Kent <raven@themaw.net>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'fs')
-rw-r--r-- | fs/autofs4/root.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/fs/autofs4/root.c b/fs/autofs4/root.c index b463104..d0e9b3a 100644 --- a/fs/autofs4/root.c +++ b/fs/autofs4/root.c @@ -470,9 +470,6 @@ void autofs4_dentry_release(struct dentry *de) if (inf) { struct autofs_sb_info *sbi = autofs4_sbi(de->d_sb); - inf->dentry = NULL; - inf->inode = NULL; - if (sbi) { spin_lock(&sbi->rehash_lock); if (!list_empty(&inf->rehash)) @@ -480,6 +477,9 @@ void autofs4_dentry_release(struct dentry *de) spin_unlock(&sbi->rehash_lock); } + inf->dentry = NULL; + inf->inode = NULL; + autofs4_free_ino(inf); } } |