Skip to content

Commit

Permalink
Btrfs: fix error cases for ioctl transactions
Browse files Browse the repository at this point in the history 
Fix leak of vfsmount write reference and open_ioctl_trans reference on
ENOMEM.  Clean up the error paths while we're at it.

Signed-off-by: Sage Weil <sage@newdream.net>
Signed-off-by: Chris Mason <chris.mason@oracle.com>
  • Loading branch information
Sage Weil authored and Chris Mason committed Sep 29, 2009
1 parent 3baf0be commit 1ab86ae
Showing 1 changed file with 22 additions and 19 deletions.
41 changes: 22 additions & 19 deletions fs/btrfs/ioctl.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1232,15 +1232,15 @@ static long btrfs_ioctl_trans_start(struct file *file)
struct inode *inode = fdentry(file)->d_inode;
struct btrfs_root *root = BTRFS_I(inode)->root;
struct btrfs_trans_handle *trans;
int ret = 0;
int ret;

ret = -EPERM;
if (!capable(CAP_SYS_ADMIN))
return -EPERM;
goto out;

if (file->private_data) {
ret = -EINPROGRESS;
ret = -EINPROGRESS;
if (file->private_data)
goto out;
}

ret = mnt_want_write(file->f_path.mnt);
if (ret)
Expand All @@ -1250,12 +1250,19 @@ static long btrfs_ioctl_trans_start(struct file *file)
root->fs_info->open_ioctl_trans++;
mutex_unlock(&root->fs_info->trans_mutex);

ret = -ENOMEM;
trans = btrfs_start_ioctl_transaction(root, 0);
if (trans)
file->private_data = trans;
else
ret = -ENOMEM;
/*printk(KERN_INFO "btrfs_ioctl_trans_start on %p\n", file);*/
if (!trans)
goto out_drop;

file->private_data = trans;
return 0;

out_drop:
mutex_lock(&root->fs_info->trans_mutex);
root->fs_info->open_ioctl_trans--;
mutex_unlock(&root->fs_info->trans_mutex);
mnt_drop_write(file->f_path.mnt);
out:
return ret;
}
Expand All @@ -1271,24 +1278,20 @@ long btrfs_ioctl_trans_end(struct file *file)
struct inode *inode = fdentry(file)->d_inode;
struct btrfs_root *root = BTRFS_I(inode)->root;
struct btrfs_trans_handle *trans;
int ret = 0;

trans = file->private_data;
if (!trans) {
ret = -EINVAL;
goto out;
}
btrfs_end_transaction(trans, root);
if (!trans)
return -EINVAL;
file->private_data = NULL;

btrfs_end_transaction(trans, root);

mutex_lock(&root->fs_info->trans_mutex);
root->fs_info->open_ioctl_trans--;
mutex_unlock(&root->fs_info->trans_mutex);

mnt_drop_write(file->f_path.mnt);

out:
return ret;
return 0;
}

long btrfs_ioctl(struct file *file, unsigned int
Expand Down

0 comments on commit 1ab86ae

Please sign in to comment.