Commit ba8df43c authored by Ian Kent's avatar Ian Kent Committed by Linus Torvalds

[PATCH] autofs4: panic after mount fail

Resolve the panic on failed mount of an autofs filesystem originally
reported by Mao Bibo.

It addresses two issues that happen after the mount fail.  The first a NULL
pointer reference to a field (pipe) in the autofs superblock info structure
and second the lack of super block cleanup by the autofs and autofs4
modules.
Signed-off-by: default avatarIan Kent <raven@themaw.net>
Signed-off-by: default avatarAndrew Morton <akpm@osdl.org>
Signed-off-by: default avatarLinus Torvalds <torvalds@osdl.org>
parent 6a34b57b
...@@ -25,6 +25,14 @@ void autofs_kill_sb(struct super_block *sb) ...@@ -25,6 +25,14 @@ void autofs_kill_sb(struct super_block *sb)
struct autofs_sb_info *sbi = autofs_sbi(sb); struct autofs_sb_info *sbi = autofs_sbi(sb);
unsigned int n; unsigned int n;
/*
* In the event of a failure in get_sb_nodev the superblock
* info is not present so nothing else has been setup, so
* just exit when we are called from deactivate_super.
*/
if (!sbi)
return;
if ( !sbi->catatonic ) if ( !sbi->catatonic )
autofs_catatonic_mode(sbi); /* Free wait queues, close pipe */ autofs_catatonic_mode(sbi); /* Free wait queues, close pipe */
...@@ -136,7 +144,8 @@ int autofs_fill_super(struct super_block *s, void *data, int silent) ...@@ -136,7 +144,8 @@ int autofs_fill_super(struct super_block *s, void *data, int silent)
s->s_fs_info = sbi; s->s_fs_info = sbi;
sbi->magic = AUTOFS_SBI_MAGIC; sbi->magic = AUTOFS_SBI_MAGIC;
sbi->catatonic = 0; sbi->pipe = NULL;
sbi->catatonic = 1;
sbi->exp_timeout = 0; sbi->exp_timeout = 0;
sbi->oz_pgrp = process_group(current); sbi->oz_pgrp = process_group(current);
autofs_initialize_hash(&sbi->dirhash); autofs_initialize_hash(&sbi->dirhash);
...@@ -180,6 +189,7 @@ int autofs_fill_super(struct super_block *s, void *data, int silent) ...@@ -180,6 +189,7 @@ int autofs_fill_super(struct super_block *s, void *data, int silent)
if ( !pipe->f_op || !pipe->f_op->write ) if ( !pipe->f_op || !pipe->f_op->write )
goto fail_fput; goto fail_fput;
sbi->pipe = pipe; sbi->pipe = pipe;
sbi->catatonic = 0;
/* /*
* Success! Install the root dentry now to indicate completion. * Success! Install the root dentry now to indicate completion.
...@@ -198,6 +208,8 @@ int autofs_fill_super(struct super_block *s, void *data, int silent) ...@@ -198,6 +208,8 @@ int autofs_fill_super(struct super_block *s, void *data, int silent)
iput(root_inode); iput(root_inode);
fail_free: fail_free:
kfree(sbi); kfree(sbi);
s->s_fs_info = NULL;
kill_anon_super(s);
fail_unlock: fail_unlock:
return -EINVAL; return -EINVAL;
} }
......
...@@ -41,6 +41,7 @@ void autofs_catatonic_mode(struct autofs_sb_info *sbi) ...@@ -41,6 +41,7 @@ void autofs_catatonic_mode(struct autofs_sb_info *sbi)
wq = nwq; wq = nwq;
} }
fput(sbi->pipe); /* Close the pipe */ fput(sbi->pipe); /* Close the pipe */
sbi->pipe = NULL;
autofs_hash_dputall(&sbi->dirhash); /* Remove all dentry pointers */ autofs_hash_dputall(&sbi->dirhash); /* Remove all dentry pointers */
} }
......
...@@ -99,6 +99,9 @@ static void autofs4_force_release(struct autofs_sb_info *sbi) ...@@ -99,6 +99,9 @@ static void autofs4_force_release(struct autofs_sb_info *sbi)
struct dentry *this_parent = sbi->sb->s_root; struct dentry *this_parent = sbi->sb->s_root;
struct list_head *next; struct list_head *next;
if (!sbi->sb->s_root)
return;
spin_lock(&dcache_lock); spin_lock(&dcache_lock);
repeat: repeat:
next = this_parent->d_subdirs.next; next = this_parent->d_subdirs.next;
...@@ -146,6 +149,14 @@ void autofs4_kill_sb(struct super_block *sb) ...@@ -146,6 +149,14 @@ void autofs4_kill_sb(struct super_block *sb)
{ {
struct autofs_sb_info *sbi = autofs4_sbi(sb); struct autofs_sb_info *sbi = autofs4_sbi(sb);
/*
* In the event of a failure in get_sb_nodev the superblock
* info is not present so nothing else has been setup, so
* just exit when we are called from deactivate_super.
*/
if (!sbi)
return;
sb->s_fs_info = NULL; sb->s_fs_info = NULL;
if ( !sbi->catatonic ) if ( !sbi->catatonic )
...@@ -310,7 +321,8 @@ int autofs4_fill_super(struct super_block *s, void *data, int silent) ...@@ -310,7 +321,8 @@ int autofs4_fill_super(struct super_block *s, void *data, int silent)
s->s_fs_info = sbi; s->s_fs_info = sbi;
sbi->magic = AUTOFS_SBI_MAGIC; sbi->magic = AUTOFS_SBI_MAGIC;
sbi->pipefd = -1; sbi->pipefd = -1;
sbi->catatonic = 0; sbi->pipe = NULL;
sbi->catatonic = 1;
sbi->exp_timeout = 0; sbi->exp_timeout = 0;
sbi->oz_pgrp = process_group(current); sbi->oz_pgrp = process_group(current);
sbi->sb = s; sbi->sb = s;
...@@ -388,6 +400,7 @@ int autofs4_fill_super(struct super_block *s, void *data, int silent) ...@@ -388,6 +400,7 @@ int autofs4_fill_super(struct super_block *s, void *data, int silent)
goto fail_fput; goto fail_fput;
sbi->pipe = pipe; sbi->pipe = pipe;
sbi->pipefd = pipefd; sbi->pipefd = pipefd;
sbi->catatonic = 0;
/* /*
* Success! Install the root dentry now to indicate completion. * Success! Install the root dentry now to indicate completion.
...@@ -412,6 +425,8 @@ int autofs4_fill_super(struct super_block *s, void *data, int silent) ...@@ -412,6 +425,8 @@ int autofs4_fill_super(struct super_block *s, void *data, int silent)
kfree(ino); kfree(ino);
fail_free: fail_free:
kfree(sbi); kfree(sbi);
s->s_fs_info = NULL;
kill_anon_super(s);
fail_unlock: fail_unlock:
return -EINVAL; return -EINVAL;
} }
......
...@@ -41,10 +41,8 @@ void autofs4_catatonic_mode(struct autofs_sb_info *sbi) ...@@ -41,10 +41,8 @@ void autofs4_catatonic_mode(struct autofs_sb_info *sbi)
wake_up_interruptible(&wq->queue); wake_up_interruptible(&wq->queue);
wq = nwq; wq = nwq;
} }
if (sbi->pipe) { fput(sbi->pipe); /* Close the pipe */
fput(sbi->pipe); /* Close the pipe */ sbi->pipe = NULL;
sbi->pipe = NULL;
}
} }
static int autofs4_write(struct file *file, const void *addr, int bytes) static int autofs4_write(struct file *file, const void *addr, int bytes)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment