Commit 87873c86 authored by Sebastian Siewior's avatar Sebastian Siewior Committed by Paul Mackerras

[POWERPC] spufs: Fix error handling in spufs_fill_dir()

The error path in spufs_fill_dir() is broken. If d_alloc_name() or
spufs_new_file() fails, spufs_prune_dir() is getting called. At this time
dir->inode is not set and a NULL pointer is dereferenced by mutex_lock().
This bugfix replaces spufs_prune_dir() with a shorter version that does
not touch dir->inode but simply removes all children.
Signed-off-by: default avatarSebastian Siewior <bigeasy@linux.vnet.ibm.com>
Signed-off-by: default avatarJeremy Kerr <jk@ozlabs.org>
Acked-by: default avatarArnd Bergmann <arnd.bergmann@de.ibm.com>
Signed-off-by: default avatarPaul Mackerras <paulus@samba.org>
parent 5e1e9ba6
...@@ -177,7 +177,7 @@ static int spufs_rmdir(struct inode *parent, struct dentry *dir) ...@@ -177,7 +177,7 @@ static int spufs_rmdir(struct inode *parent, struct dentry *dir)
static int spufs_fill_dir(struct dentry *dir, struct tree_descr *files, static int spufs_fill_dir(struct dentry *dir, struct tree_descr *files,
int mode, struct spu_context *ctx) int mode, struct spu_context *ctx)
{ {
struct dentry *dentry; struct dentry *dentry, *tmp;
int ret; int ret;
while (files->name && files->name[0]) { while (files->name && files->name[0]) {
...@@ -193,7 +193,20 @@ static int spufs_fill_dir(struct dentry *dir, struct tree_descr *files, ...@@ -193,7 +193,20 @@ static int spufs_fill_dir(struct dentry *dir, struct tree_descr *files,
} }
return 0; return 0;
out: out:
spufs_prune_dir(dir); /*
* remove all children from dir. dir->inode is not set so don't
* just simply use spufs_prune_dir() and panic afterwards :)
* dput() looks like it will do the right thing:
* - dec parent's ref counter
* - remove child from parent's child list
* - free child's inode if possible
* - free child
*/
list_for_each_entry_safe(dentry, tmp, &dir->d_subdirs, d_u.d_child) {
dput(dentry);
}
shrink_dcache_parent(dir);
return ret; return ret;
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment