diff options
author | Oleg Kanatov <okanatov@gmail.com> | 2022-10-28 14:22:54 +0200 |
---|---|---|
committer | Dave Kleikamp <dave.kleikamp@oracle.com> | 2022-11-10 22:22:23 +0100 |
commit | a60dca73a1a8079d867b2c2e9549440346c1ba83 (patch) | |
tree | 0dd5dbe6120024a988fd4b08217b57ae05b3f2c8 | |
parent | jfs: Fix a typo in function jfs_umount (diff) | |
download | linux-a60dca73a1a8079d867b2c2e9549440346c1ba83.tar.xz linux-a60dca73a1a8079d867b2c2e9549440346c1ba83.zip |
jfs: makes diUnmount/diMount in jfs_mount_rw atomic
jfs_mount_rw can call diUnmount and then diMount. These calls change the
imap pointer. Between these two calls there may be calls of function
jfs_lookup(). The jfs_lookup() function calls jfs_iget(), which, in turn
calls diRead(). The latter references the imap pointer. That may cause
diRead() to refer to a pointer freed in diUnmount(). This commit makes
the calls to diUnmount()/diMount() atomic so that nothing will read the
imap pointer until the whole remount is completed.
Signed-off-by: Oleg Kanatov <okanatov@gmail.com>
Signed-off-by: Dave Kleikamp <dave.kleikamp@oracle.com>
-rw-r--r-- | fs/jfs/jfs_imap.c | 2 | ||||
-rw-r--r-- | fs/jfs/jfs_mount.c | 4 |
2 files changed, 5 insertions, 1 deletions
diff --git a/fs/jfs/jfs_imap.c b/fs/jfs/jfs_imap.c index 799d3837e7c2..390cbfce391f 100644 --- a/fs/jfs/jfs_imap.c +++ b/fs/jfs/jfs_imap.c @@ -310,8 +310,8 @@ int diRead(struct inode *ip) iagno = INOTOIAG(ip->i_ino); /* read the iag */ - imap = JFS_IP(ipimap)->i_imap; IREAD_LOCK(ipimap, RDWRLOCK_IMAP); + imap = JFS_IP(ipimap)->i_imap; rc = diIAGRead(imap, iagno, &mp); IREAD_UNLOCK(ipimap); if (rc) { diff --git a/fs/jfs/jfs_mount.c b/fs/jfs/jfs_mount.c index 48d1f70f786c..b83aae56a1f2 100644 --- a/fs/jfs/jfs_mount.c +++ b/fs/jfs/jfs_mount.c @@ -234,11 +234,15 @@ int jfs_mount_rw(struct super_block *sb, int remount) truncate_inode_pages(sbi->ipimap->i_mapping, 0); truncate_inode_pages(sbi->ipbmap->i_mapping, 0); + + IWRITE_LOCK(sbi->ipimap, RDWRLOCK_IMAP); diUnmount(sbi->ipimap, 1); if ((rc = diMount(sbi->ipimap))) { + IWRITE_UNLOCK(sbi->ipimap); jfs_err("jfs_mount_rw: diMount failed!"); return rc; } + IWRITE_UNLOCK(sbi->ipimap); dbUnmount(sbi->ipbmap, 1); if ((rc = dbMount(sbi->ipbmap))) { |