Commit 28356a16 authored by Steve French's avatar Steve French

[CIFS] Fix oops on failed cifs mount (in kthread_stop)

If the cifs demultiplex thread wakes up and exits
(zeroing server->tsk) before kthread_stop is called, the
cifs_mount code could pass a null pointer to kthread_stop

Thanks to akpm, Dave Young and Shaggy for suggesting
earlier versions of this patch.

CC: akpm@linux-foundatior.org
Signed-off-by: default avatarDave Young <hidave.darkstar@gmail.com>
Signed-off-by: default avatarDave Kleikamp <shaggy@linux.vnet.ibm.com>
Signed-off-by: default avatarSteve French <sfrench@us.ibm.com>
parent ad9ddd66
...@@ -2069,8 +2069,15 @@ cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb, ...@@ -2069,8 +2069,15 @@ cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb,
srvTcp->tcpStatus = CifsExiting; srvTcp->tcpStatus = CifsExiting;
spin_unlock(&GlobalMid_Lock); spin_unlock(&GlobalMid_Lock);
if (srvTcp->tsk) { if (srvTcp->tsk) {
struct task_struct *tsk;
/* If we could verify that kthread_stop would
always wake up processes blocked in
tcp in recv_mesg then we could remove the
send_sig call */
send_sig(SIGKILL,srvTcp->tsk,1); send_sig(SIGKILL,srvTcp->tsk,1);
kthread_stop(srvTcp->tsk); tsk = srvTcp->tsk;
if(tsk)
kthread_stop(srvTcp->tsk);
} }
} }
/* If find_unc succeeded then rc == 0 so we can not end */ /* If find_unc succeeded then rc == 0 so we can not end */
...@@ -2085,8 +2092,11 @@ cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb, ...@@ -2085,8 +2092,11 @@ cifs_mount(struct super_block *sb, struct cifs_sb_info *cifs_sb,
/* if the socketUseCount is now zero */ /* if the socketUseCount is now zero */
if ((temp_rc == -ESHUTDOWN) && if ((temp_rc == -ESHUTDOWN) &&
(pSesInfo->server) && (pSesInfo->server->tsk)) { (pSesInfo->server) && (pSesInfo->server->tsk)) {
struct task_struct *tsk;
send_sig(SIGKILL,pSesInfo->server->tsk,1); send_sig(SIGKILL,pSesInfo->server->tsk,1);
kthread_stop(pSesInfo->server->tsk); tsk = pSesInfo->server->tsk;
if(tsk)
kthread_stop(tsk);
} }
} else } else
cFYI(1, ("No session or bad tcon")); cFYI(1, ("No session or bad tcon"));
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment