diff options
author | David Teigland <teigland@redhat.com> | 2009-06-18 20:20:24 +0200 |
---|---|---|
committer | David Teigland <teigland@redhat.com> | 2009-06-18 20:42:42 +0200 |
commit | c78a87d0a1fc885dfdbe21fd5e07787691dfb068 (patch) | |
tree | 73f6056f87cd9183e04f3b9f6a4245876cf0cb23 /mm/mmap.c | |
parent | dlm: Fix uninitialised variable warning in lock.c (diff) | |
download | linux-c78a87d0a1fc885dfdbe21fd5e07787691dfb068.tar.xz linux-c78a87d0a1fc885dfdbe21fd5e07787691dfb068.zip |
dlm: fix plock use-after-free
Fix a regression from the original addition of nfs lock support
586759f03e2e9031ac5589912a51a909ed53c30a. When a synchronous
(non-nfs) plock completes, the waiting thread will wake up and
free the op struct. This races with the user thread in
dev_write() which goes on to read the op's callback field to
check if the lock is async and needs a callback. This check
can happen on the freed op. The fix is to note the callback
value before the op can be freed.
Signed-off-by: David Teigland <teigland@redhat.com>
Diffstat (limited to 'mm/mmap.c')
0 files changed, 0 insertions, 0 deletions