Re: [PATCH] mqueue: sys_mq_open: do not call mnt_drop_write() ifread-only

From: Andrew Morton
Date: Tue Mar 19 2013 - 17:09:46 EST

Next message: Eric W. Biederman: "Re: [PATCH v3 17/21] vmcore: check NT_VMCORE_PAD as a mark indicating the end of ELF note buffer"
Previous message: Eric W. Biederman: "Re: [PATCH v3 13/21] kexec: allocate vmcoreinfo note buffer on page-size boundary"
In reply to: Vladimir Davydov: "[PATCH] mqueue: sys_mq_open: do not call mnt_drop_write() if read-only"
Next in thread: Vladimir Davydov: "Re: [PATCH] mqueue: sys_mq_open: do not call mnt_drop_write() ifread-only"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 19 Mar 2013 13:31:18 +0400 Vladimir Davydov <vdavydov@xxxxxxxxxxxxx> wrote:

> mnt_drop_write() must be called only if mnt_want_write() succeeded,
> otherwise the mnt_writers counter will diverge.
>
> ...
>
> --- a/ipc/mqueue.c
> +++ b/ipc/mqueue.c
> @@ -840,7 +840,8 @@ out_putfd:
> fd = error;
> }
> mutex_unlock(&root->d_inode->i_mutex);
> - mnt_drop_write(mnt);
> + if (!ro)
> + mnt_drop_write(mnt);
> out_putname:
> putname(name);
> return fd;

huh, that's been there for a while. What were the runtime-visible
effects of the bug?
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Eric W. Biederman: "Re: [PATCH v3 17/21] vmcore: check NT_VMCORE_PAD as a mark indicating the end of ELF note buffer"
Previous message: Eric W. Biederman: "Re: [PATCH v3 13/21] kexec: allocate vmcoreinfo note buffer on page-size boundary"
In reply to: Vladimir Davydov: "[PATCH] mqueue: sys_mq_open: do not call mnt_drop_write() if read-only"
Next in thread: Vladimir Davydov: "Re: [PATCH] mqueue: sys_mq_open: do not call mnt_drop_write() ifread-only"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]