| To: | xfs-dev <xfs-dev@xxxxxxx>, xfs-oss <xfs@xxxxxxxxxxx> |
|---|---|
| Subject: | [PATCH] Fix use after free when closing log/rt devices |
| From: | Lachlan McIlroy <lachlan@xxxxxxx> |
| Date: | Fri, 27 Jun 2008 15:14:46 +1000 |
| Reply-to: | lachlan@xxxxxxx |
| Sender: | xfs-bounce@xxxxxxxxxxx |
| User-agent: | Thunderbird 2.0.0.14 (X11/20080421) |
The call to xfs_free_buftarg() will free the memory used by it's argument
so we need to save the bdev to pass to xfs_blkdev_put()
Lachlan
--- fs/xfs/linux-2.6/xfs_super.c_1.432 2008-06-27 14:51:17.000000000 +1000
+++ fs/xfs/linux-2.6/xfs_super.c 2008-06-27 14:59:26.000000000 +1000
@@ -781,13 +781,17 @@ STATIC void
xfs_close_devices(
struct xfs_mount *mp)
{
+ struct block_device *bdev;
+
if (mp->m_logdev_targp && mp->m_logdev_targp != mp->m_ddev_targp) {
+ bdev = mp->m_logdev_targp->bt_bdev;
xfs_free_buftarg(mp->m_logdev_targp);
- xfs_blkdev_put(mp->m_logdev_targp->bt_bdev);
+ xfs_blkdev_put(bdev);
}
if (mp->m_rtdev_targp) {
+ bdev = mp->m_rtdev_targp->bt_bdev;
xfs_free_buftarg(mp->m_rtdev_targp);
- xfs_blkdev_put(mp->m_rtdev_targp->bt_bdev);
+ xfs_blkdev_put(bdev);
}
xfs_free_buftarg(mp->m_ddev_targp);
}
|
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Re: [PATCH] disable queue flag test in barrier check, Timothy Shimmin |
|---|---|
| Next by Date: | Re: [PATCH] Fix use after free when closing log/rt devices, Christoph Hellwig |
| Previous by Thread: | TAKE 982343 - fix up the _ACL_TYPE refs when CONFIG_XFS_POSIX_ACL not set., Tim Shimmin |
| Next by Thread: | Re: [PATCH] Fix use after free when closing log/rt devices, Christoph Hellwig |
| Indexes: | [Date] [Thread] [Top] [All Lists] |