diff options
author | Al Viro <viro@zeniv.linux.org.uk> | 2012-01-10 22:24:48 -0500 |
---|---|---|
committer | Al Viro <viro@zeniv.linux.org.uk> | 2012-01-11 00:19:58 -0500 |
commit | 8753333266be67ff3a984ac1f6566d31c260bee4 (patch) | |
tree | 27a8565988791e2971d631e19c7a9a0057386668 /fs/autofs4/inode.c | |
parent | 4041bcdc7bef06a2fb29c57394c713a74bd13b08 (diff) |
autofs4: catatonic_mode vs. notify_daemon race
we need to hold ->wq_mutex while we are forming the packet to send,
lest we have autofs4_catatonic_mode() setting wq->name.name to NULL
just as autofs4_notify_daemon() decides to memcpy() from it...
We do have check for catatonic mode immediately after that (under
->wq_mutex, as it ought to be) and packet won't be actually sent,
but it'll be too late for us if we oops on that memcpy() from NULL...
Fix is obvious - just extend the area covered by ->wq_mutex over
that switch and check whether it's catatonic *before* doing anything
else.
Acked-by: Ian Kent <raven@themaw.net>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'fs/autofs4/inode.c')
0 files changed, 0 insertions, 0 deletions