From mboxrd@z Thu Jan 1 00:00:00 1970 From: David Howells Subject: [PATCH 14/18] autofs4: Fix wait validation [ver #4] Date: Thu, 13 Jan 2011 21:55:14 +0000 Message-ID: <20110113215514.19406.4625.stgit@warthog.procyon.org.uk> References: <20110113215359.19406.37232.stgit@warthog.procyon.org.uk> Mime-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 7bit Cc: dhowells@redhat.com, autofs@linux.kernel.org, linux-fsdevel@vger.kernel.org To: viro@zeniv.linux.org.uk, raven@themaw.net, npiggin@kernel.dk Return-path: Received: from mx1.redhat.com ([209.132.183.28]:48099 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1757389Ab1AMVzY (ORCPT ); Thu, 13 Jan 2011 16:55:24 -0500 In-Reply-To: <20110113215359.19406.37232.stgit@warthog.procyon.org.uk> Sender: linux-fsdevel-owner@vger.kernel.org List-ID: From: Ian Kent It is possible for the check in wait.c:validate_request() to return an incorrect result if the dentry that was mounted upon has changed during the callback. Signed-off-by: Ian Kent Signed-off-by: David Howells --- fs/autofs4/waitq.c | 17 ++++++++++++++++- 1 files changed, 16 insertions(+), 1 deletions(-) diff --git a/fs/autofs4/waitq.c b/fs/autofs4/waitq.c index c5f8459..5601005 100644 --- a/fs/autofs4/waitq.c +++ b/fs/autofs4/waitq.c @@ -309,6 +309,9 @@ static int validate_request(struct autofs_wait_queue **wait, * completed while we waited on the mutex ... */ if (notify == NFY_MOUNT) { + struct dentry *new = NULL; + int valid = 1; + /* * If the dentry was successfully mounted while we slept * on the wait queue mutex we can return success. If it @@ -316,8 +319,20 @@ static int validate_request(struct autofs_wait_queue **wait, * a multi-mount with no mount at it's base) we can * continue on and create a new request. */ + if (!IS_ROOT(dentry)) { + if (dentry->d_inode && d_unhashed(dentry)) { + struct dentry *parent = dentry->d_parent; + new = d_lookup(parent, &dentry->d_name); + if (new) + dentry = new; + } + } if (have_submounts(dentry)) - return 0; + valid = 0; + + if (new) + dput(new); + return valid; } return 1;