[PATCH] proc_check_root() locking fix

From: Maneesh Soni <maneesh@in.ibm.com> The patch fixes locking in proc_check_root(). It brings is_subdir() call under vfsmount_lock. Holding vfsmount_lock will ensure mnt_mountpoint dentry is intact and the dentry does not go away while it is being checked in is_subdir().

[PATCH] proc_check_root() locking fix
From: Maneesh Soni <maneesh@in.ibm.com> The patch fixes locking in proc_check_root(). It brings is_subdir() call under vfsmount_lock. Holding vfsmount_lock will ensure mnt_mountpoint dentry is intact and the dentry does not go away while it is being checked in is_subdir().
541f40bd · Andrew Morton · Linus Torvalds · b5a660ee · 541f40bd
Commit 541f40bd authored Feb 03, 2004 by Andrew Morton Committed by Linus Torvalds Feb 03, 2004
Show whitespace changes
Inline Side-by-side

Showing with 3 additions and 4 deletions

fs/proc/base.c fs/proc/base.c +3 -4

No files found.
--- a/fs/proc/base.c
+++ b/fs/proc/base.c
@@ -425,17 +425,15 @@ static int proc_check_root(struct inode *inode)
 	mnt = vfsmnt;
 	while (vfsmnt != our_vfsmnt) {
-		if (vfsmnt == vfsmnt->mnt_parent) {
+		if (vfsmnt == vfsmnt->mnt_parent)
-			spin_unlock(&vfsmount_lock);
 			goto out;
-		}
 		de = vfsmnt->mnt_mountpoint;
 		vfsmnt = vfsmnt->mnt_parent;
 	}
-	spin_unlock(&vfsmount_lock);
 	if (!is_subdir(de, base))
 		goto out;
+	spin_unlock(&vfsmount_lock);
 exit:
 	dput(base);
@@ -444,6 +442,7 @@ static int proc_check_root(struct inode *inode)
 	mntput(mnt);
 	return res;
 out:
+	spin_unlock(&vfsmount_lock);
 	res = -EACCES;
 	goto exit;
 }