LINUX: Use afs_convert_code in afs_notify_change

afs_notify_change currently just returns "-code". This can cause a
panic if the error code is negative, since we will return a positive
error code, which may get interpreted as a valid pointer value in
higher levels.

Specifically, if we hit afs_notify_change via something like this code
path:

do_sys_open -> do_filp_open -> open_namei -> may_open -> do_truncate
-> notify_change -> afs_notify_change (via inode->i_op->setattr)

the positive error value will be interpreted by do_sys_open as a valid
'struct file' pointer, and will be dereferenced.

So pass the return value through afs_convert_code, like all of the
other vnode ops, so we ensure we return an error properly.

Change-Id: I941cc2d77d5a96cf86dfe133d30af4ccf6e9f2cb
Reviewed-on: http://gerrit.openafs.org/6776
Reviewed-by: Derrick Brashear <shadow@dementix.org>
Tested-by: BuildBot <buildbot@rampaginggeek.com>

diff --git a/src/afs/LINUX/osi_vnodeops.c b/src/afs/LINUX/osi_vnodeops.c
index 1754a5cf7f49baf1b298305d2eb59b05e32578a8..9caaf5a2a7b81615c1050e4e902ab85df1958d1b 100644 (file)
--- a/src/afs/LINUX/osi_vnodeops.c
+++ b/src/afs/LINUX/osi_vnodeops.c
@@ -960,7 +960,7 @@ afs_notify_change(struct dentry *dp, struct iattr *iattrp)
     }
     AFS_GUNLOCK();
     crfree(credp);
-    return -code;
+    return afs_convert_code(code);
 }
 
 static int

diff --git a/src/afs/LINUX24/osi_vnodeops.c b/src/afs/LINUX24/osi_vnodeops.c
index aebc05131514a542741fbba1a2e50b31d2a0fe4b..5821a749997997b6b7f01d5799c39b9a9a3b8ce8 100644 (file)
--- a/src/afs/LINUX24/osi_vnodeops.c
+++ b/src/afs/LINUX24/osi_vnodeops.c
@@ -964,7 +964,7 @@ afs_notify_change(struct dentry *dp, struct iattr *iattrp)
     }
     AFS_GUNLOCK();
     crfree(credp);
-    return -code;
+    return afs_convert_code(code);
 }
 
 /* Validate a dentry. Return 1 if unchanged, 0 if VFS layer should re-evaluate.