2.0.36: a terrible bug in isofs

Mikulas Patocka (mikulas@artax.karlin.mff.cuni.cz)
Sun, 13 Dec 1998 12:29:02 +0100 (MET)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Andi Kleen: "Re: [PATCH] Support new egcs/pgcc -mpentium(pro) options"
Previous message: Barrett G. Lyon: "Re: Linux login security approaches"

There's a bug in isofs in 2.0 kernels. Look at the end of read_super. When
check_disk_change fails, the filesystem does some bad calls:

buffer that is already released is released again, superblock is unlocked
again and root inode that was igot is not iput. This inode is blocking any
mounts of device and system must be rebooted.

I think there's no need to call check_disk_change in read_super, so this
patch should fix it.

--- linux-2.0.36-clean/fs/isofs/inode.c Sun Nov 15 19:33:13 1998
+++ linux-2.0.36/fs/isofs/inode.c Sun Dec 13 12:17:17 1998
@@ -542,22 +542,17 @@
printk("get root inode failed\n");
if (s->u.isofs_sb.s_nls_iocharset)
unload_nls(s->u.isofs_sb.s_nls_iocharset);
if (opt.iocharset) kfree(opt.iocharset);
MOD_DEC_USE_COUNT;
return NULL;
}

- if(!check_disk_change(s->s_dev)) {
- return s;
- }
- if (s->u.isofs_sb.s_nls_iocharset)
- unload_nls(s->u.isofs_sb.s_nls_iocharset);
- if (opt.iocharset) kfree(opt.iocharset);
+ return s;

out: /* Kick out for various error conditions */
brelse(bh);
s->s_dev = 0;
unlock_super(s);
MOD_DEC_USE_COUNT;
return NULL;
}

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Andi Kleen: "Re: [PATCH] Support new egcs/pgcc -mpentium(pro) options"
Previous message: Barrett G. Lyon: "Re: Linux login security approaches"