From: Andrew Deason Date: Wed, 22 Feb 2012 21:40:20 +0000 (-0600) Subject: LINUX: Use afs_convert_code in afs_notify_change X-Git-Tag: upstream/1.8.0_pre1^2~2729 X-Git-Url: https://git.michaelhowe.org/gitweb/?a=commitdiff_plain;h=634c6f184b17e30ade86c0a838ab55ddddc730d6;p=packages%2Fo%2Fopenafs.git LINUX: Use afs_convert_code in afs_notify_change afs_notify_change currently just returns "-code". This can cause a panic if the error code is negative, since we will return a positive error code, which may get interpreted as a valid pointer value in higher levels. Specifically, if we hit afs_notify_change via something like this code path: do_sys_open -> do_filp_open -> open_namei -> may_open -> do_truncate -> notify_change -> afs_notify_change (via inode->i_op->setattr) the positive error value will be interpreted by do_sys_open as a valid 'struct file' pointer, and will be dereferenced. So pass the return value through afs_convert_code, like all of the other vnode ops, so we ensure we return an error properly. Change-Id: I941cc2d77d5a96cf86dfe133d30af4ccf6e9f2cb Reviewed-on: http://gerrit.openafs.org/6776 Reviewed-by: Derrick Brashear Tested-by: BuildBot --- diff --git a/src/afs/LINUX/osi_vnodeops.c b/src/afs/LINUX/osi_vnodeops.c index 1754a5cf7..9caaf5a2a 100644 --- a/src/afs/LINUX/osi_vnodeops.c +++ b/src/afs/LINUX/osi_vnodeops.c @@ -960,7 +960,7 @@ afs_notify_change(struct dentry *dp, struct iattr *iattrp) } AFS_GUNLOCK(); crfree(credp); - return -code; + return afs_convert_code(code); } static int diff --git a/src/afs/LINUX24/osi_vnodeops.c b/src/afs/LINUX24/osi_vnodeops.c index aebc05131..5821a7499 100644 --- a/src/afs/LINUX24/osi_vnodeops.c +++ b/src/afs/LINUX24/osi_vnodeops.c @@ -964,7 +964,7 @@ afs_notify_change(struct dentry *dp, struct iattr *iattrp) } AFS_GUNLOCK(); crfree(credp); - return -code; + return afs_convert_code(code); } /* Validate a dentry. Return 1 if unchanged, 0 if VFS layer should re-evaluate.