From: Dmitry Bazhenov Date: Fri, 5 May 2006 21:46:49 +0000 (+0100) Subject: [JFFS2] Fix race in setting file attributes X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=422138dd68202fbd8ca9fb0df65e92d733249374;p=GitHub%2FLineageOS%2Fandroid_kernel_motorola_exynos9610.git [JFFS2] Fix race in setting file attributes It seems like there is a potential race in the function jffs2_do_setattr() in the case when attributes of a symlink are updated. The symlink metadata is read without having f->sem locked. The following patch should fix the race. Signed-off-by: Dmitry Bazhenov Signed-off-by: David Woodhouse --- diff --git a/fs/jffs2/fs.c b/fs/jffs2/fs.c index 09e5d10b8840..ea1f37d4fc58 100644 --- a/fs/jffs2/fs.c +++ b/fs/jffs2/fs.c @@ -56,15 +56,20 @@ static int jffs2_do_setattr (struct inode *inode, struct iattr *iattr) mdatalen = sizeof(dev); D1(printk(KERN_DEBUG "jffs2_setattr(): Writing %d bytes of kdev_t\n", mdatalen)); } else if (S_ISLNK(inode->i_mode)) { + down(&f->sem); mdatalen = f->metadata->size; mdata = kmalloc(f->metadata->size, GFP_USER); - if (!mdata) + if (!mdata) { + up(&f->sem); return -ENOMEM; + } ret = jffs2_read_dnode(c, f, f->metadata, mdata, 0, mdatalen); if (ret) { + up(&f->sem); kfree(mdata); return ret; } + up(&f->sem); D1(printk(KERN_DEBUG "jffs2_setattr(): Writing %d bytes of symlink target\n", mdatalen)); }