[PATCH] mm: zcache: zcache_cleancache_flush_fs fix

[Piotr Sarna]

This patch fixes "mm: zcache: core functions added" patch,
available at https://lkml.org/lkml/2013/7/20/90.
It regards incorrect implementation of zcache_cleancache_flush_fs().

Function above should be effective only if cleancache pool referred
by pool_id is valid. This issue is checked by testing whether zpool
points to NULL.

Unfortunately, if filesystem mount fails, such pool is never created
and fs/super.c calls cleancache_invalidate_fs() function with pool_id
parameter set to -1. This results in assigning zpool with pools[-1],
which causes zpool to be not NULL and thus whole function hangs on
uninitialized read-write lock.

To prevent that behaviour, pool_id should be checked for being positive
before assigning zpool variable with pools[pool_id].

Signed-off-by: Piotr Sarna <p.sarna@xxxxxxxxxxxxxxxxxxx>
Acked-by: Bartlomiej Zolnierkiewicz <b.zolnierkie@xxxxxxxxxxx>
Signed-off-by: Kyungmin Park <kyungmin.park@xxxxxxxxxxx>
---
 mm/zcache.c |    6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/mm/zcache.c b/mm/zcache.c
index a2408e8..7e6d2e7 100644
--- a/mm/zcache.c
+++ b/mm/zcache.c
@@ -600,8 +600,12 @@ static void zcache_cleancache_flush_fs(int pool_id)
 	struct zcache_rb_entry *entry = NULL;
 	struct rb_node *node;
 	unsigned long flags1, flags2;
-	struct zcache_pool *zpool = zcache.pools[pool_id];
+	struct zcache_pool *zpool;
+
+	if (pool_id < 0)
+		return;
 
+	zpool = zcache.pools[pool_id];
 	if (!zpool)
 		return;
 
-- 
1.7.9.5

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/