summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorYan Zheng <yanzheng@21cn.com>2007-10-08 21:16:20 +0200
committerLinus Torvalds <torvalds@woody.linux-foundation.org>2007-10-08 21:58:14 +0200
commit87e2831c3fa39cbf6f7ab676bb5aef039b9659e2 (patch)
tree88e1a3fca607a0643a7f6e60aef80a2bc04323c3
parentfix page release issue in filemap_fault (diff)
downloadlinux-87e2831c3fa39cbf6f7ab676bb5aef039b9659e2.tar.xz
linux-87e2831c3fa39cbf6f7ab676bb5aef039b9659e2.zip
AIO: fix cleanup in io_submit_one(...)
When IOCB_FLAG_RESFD flag is set and iocb->aio_resfd is incorrect, statement 'goto out_put_req' is executed. At label 'out_put_req', aio_put_req(..) is called, which requires 'req->ki_filp' set. Signed-off-by: Yan Zheng<yanzheng@21cn.com> Cc: Zach Brown <zach.brown@oracle.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
-rw-r--r--fs/aio.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/fs/aio.c b/fs/aio.c
index dbe699e9828c..ea2e19820381 100644
--- a/fs/aio.c
+++ b/fs/aio.c
@@ -1562,6 +1562,7 @@ int fastcall io_submit_one(struct kioctx *ctx, struct iocb __user *user_iocb,
fput(file);
return -EAGAIN;
}
+ req->ki_filp = file;
if (iocb->aio_flags & IOCB_FLAG_RESFD) {
/*
* If the IOCB_FLAG_RESFD flag of aio_flags is set, get an
@@ -1576,7 +1577,6 @@ int fastcall io_submit_one(struct kioctx *ctx, struct iocb __user *user_iocb,
}
}
- req->ki_filp = file;
ret = put_user(req->ki_key, &user_iocb->aio_key);
if (unlikely(ret)) {
dprintk("EFAULT: aio_key\n");