Re: [PATCH 1/2] hfs: fix potential refcnt problem of nls module
From: Andrew Morton
Date: Wed Apr 18 2018 - 15:42:58 EST
On Tue, 17 Apr 2018 15:05:32 +0800 Chengguang Xu <cgxu519@xxxxxxx> wrote:
> When specifying iocharset/codepage multiple times in a mount,
> current option parsing will cause inaccurate refcount of nls
> module. Hence, call unload_nls for previous one in this case.
>
> ...
>
> --- a/fs/hfs/super.c
> +++ b/fs/hfs/super.c
> @@ -329,8 +329,10 @@ static int parse_options(char *options, struct hfs_sb_info *hsb)
> return 0;
> }
> p = match_strdup(&args[0]);
> - if (p)
> + if (p) {
> + unload_nls(hsb->nls_disk);
> hsb->nls_disk = load_nls(p);
> + }
> if (!hsb->nls_disk) {
> pr_err("unable to load codepage \"%s\"\n", p);
> kfree(p);
> @@ -344,8 +346,10 @@ static int parse_options(char *options, struct hfs_sb_info *hsb)
> return 0;
> }
> p = match_strdup(&args[0]);
> - if (p)
> + if (p) {
> + unload_nls(hsb->nls_io);
> hsb->nls_io = load_nls(p);
> + }
> if (!hsb->nls_io) {
> pr_err("unable to load iocharset \"%s\"\n", p);
> kfree(p);
Confused.
break;
: case opt_codepage:
: if (hsb->nls_disk) {
: pr_err("unable to change codepage\n");
: return 0;
: }
Here, hsb->nls_disk is known to be zero.
: p = match_strdup(&args[0]);
: if (p) {
: unload_nls(hsb->nls_disk);
So this will always do unload_nls(0).
: hsb->nls_disk = load_nls(p);
: }
And the same applies to your opt_iocharset change.