diff options
| author | Daniel Rosenberg <drosen@google.com> | 2017-02-22 14:41:58 -0800 |
|---|---|---|
| committer | Mister Oyster <oysterized@gmail.com> | 2017-04-13 12:32:22 +0200 |
| commit | 22adcaca396bd5ae6272aa0c56a7ae01b1d7a9e1 (patch) | |
| tree | 2fc14f951916d479a74048ea20eb7ad624f18565 | |
| parent | 1fad8a35b86020febe1110119f2fa1829ab5f63b (diff) | |
| download | android_kernel_m2note-22adcaca396bd5ae6272aa0c56a7ae01b1d7a9e1.tar.gz | |
ANDROID: sdcardfs: Don't bother deleting freelist
There is no point deleting entries from dlist, as
that is a temporary list on the stack from which
contains only entries that are being deleted.
Not all code paths set up dlist, so those that
don't were performing invalid accesses in
hash_del_rcu. As an additional means to prevent
any other issue, we null out the list entries when
we allocate from the cache.
Signed-off-by: Daniel Rosenberg <drosen@google.com>
Bug: 35666680
Change-Id: Ibb1e28c08c3a600c29418d39ba1c0f3db3bf31e5
| -rwxr-xr-x | fs/sdcardfs/packagelist.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/fs/sdcardfs/packagelist.c b/fs/sdcardfs/packagelist.c index 221ad11cb..21eb2d317 100755 --- a/fs/sdcardfs/packagelist.c +++ b/fs/sdcardfs/packagelist.c @@ -178,6 +178,8 @@ static struct hashtable_entry *alloc_hashtable_entry(const struct qstr *key, GFP_KERNEL); if (!ret) return NULL; + INIT_HLIST_NODE(&ret->dlist); + INIT_HLIST_NODE(&ret->hlist); if (!qstr_copy(key, &ret->key)) { kmem_cache_free(hashtable_entry_cachep, ret); @@ -326,7 +328,6 @@ static int insert_userid_exclude_entry(const struct qstr *key, userid_t value) static void free_hashtable_entry(struct hashtable_entry *entry) { kfree(entry->key.name); - hash_del_rcu(&entry->dlist); kmem_cache_free(hashtable_entry_cachep, entry); } |