[LogFS] Prevent mempool_destroy NULL pointer dereference
authorJoern Engel <joern@logfs.org>
Thu, 15 Apr 2010 06:03:57 +0000 (08:03 +0200)
committerJoern Engel <joern@logfs.org>
Thu, 15 Apr 2010 06:03:57 +0000 (08:03 +0200)
It would probably be better to just accept NULL pointers in
mempool_destroy().  But for the current -rc series let's keep things
simple.

This patch was lost in the cracks for a while.
Kevin Cernekee <cernekee@gmail.com> had to rediscover the problem and
send a similar patch because of it. :(

Signed-off-by: Joern Engel <joern@logfs.org>
fs/logfs/logfs.h
fs/logfs/readwrite.c
fs/logfs/segment.c
fs/logfs/super.c

index c9929eed80b13497f095791b65b47c681eece2b1..0a3df1a0c93687932b729174c10a4960ec48265b 100644 (file)
@@ -727,4 +727,10 @@ static inline struct logfs_area *get_area(struct super_block *sb,
        return logfs_super(sb)->s_area[(__force u8)gc_level];
 }
 
+static inline void logfs_mempool_destroy(mempool_t *pool)
+{
+       if (pool)
+               mempool_destroy(pool);
+}
+
 #endif
index 7e0c39c49719580e069234c5499197841e5e9e2f..aca6c56a107ac488b389c7ef1a1ded326e788ea5 100644 (file)
@@ -2243,8 +2243,6 @@ void logfs_cleanup_rw(struct super_block *sb)
        struct logfs_super *super = logfs_super(sb);
 
        destroy_meta_inode(super->s_segfile_inode);
-       if (super->s_block_pool)
-               mempool_destroy(super->s_block_pool);
-       if (super->s_shadow_pool)
-               mempool_destroy(super->s_shadow_pool);
+       logfs_mempool_destroy(super->s_block_pool);
+       logfs_mempool_destroy(super->s_shadow_pool);
 }
index 02db22ebbf130df64b12c205929cd7bc6d5c51a8..8c82fe05d3e114ce823cec76dd3ce40f5babc515 100644 (file)
@@ -912,7 +912,7 @@ err:
        for (i--; i >= 0; i--)
                free_area(super->s_area[i]);
        free_area(super->s_journal_area);
-       mempool_destroy(super->s_alias_pool);
+       logfs_mempool_destroy(super->s_alias_pool);
        return -ENOMEM;
 }
 
index d6e1f4fc3115bb1a84ca263ca4d709798f5b1b6a..d4531eb46d0a7b989b474e5dc29249c981592eaa 100644 (file)
@@ -517,8 +517,8 @@ static void logfs_kill_sb(struct super_block *sb)
        if (super->s_erase_page)
                __free_page(super->s_erase_page);
        super->s_devops->put_device(sb);
-       mempool_destroy(super->s_btree_pool);
-       mempool_destroy(super->s_alias_pool);
+       logfs_mempool_destroy(super->s_btree_pool);
+       logfs_mempool_destroy(super->s_alias_pool);
        kfree(super);
        log_super("LogFS: Finished unmounting\n");
 }