From 254ae43ab8d7877c980fca3636624e0777a70fa4 Mon Sep 17 00:00:00 2001 From: Masatake YAMATO Date: Wed, 28 May 2008 14:45:10 +0900 Subject: dlm: check for null in device_write If `device_write' method is called via "dlm-control", file->private_data is NULL. (See ctl_device_open() in user.c. ) Through proc->flags is read. Signed-off-by: Masatake YAMATO Signed-off-by: David Teigland --- fs/dlm/user.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'fs/dlm') diff --git a/fs/dlm/user.c b/fs/dlm/user.c index ebbcf38fd33b..1aa76b32d056 100644 --- a/fs/dlm/user.c +++ b/fs/dlm/user.c @@ -538,7 +538,7 @@ static ssize_t device_write(struct file *file, const char __user *buf, /* do we really need this? can a write happen after a close? */ if ((kbuf->cmd == DLM_USER_LOCK || kbuf->cmd == DLM_USER_UNLOCK) && - test_bit(DLM_PROC_FLAGS_CLOSING, &proc->flags)) + (proc && test_bit(DLM_PROC_FLAGS_CLOSING, &proc->flags))) return -EINVAL; sigfillset(&allsigs); -- cgit v1.2.3-70-g09d2 From 329fc4c37212588091b64bdf09afaeb18642aae2 Mon Sep 17 00:00:00 2001 From: David Teigland Date: Tue, 20 May 2008 12:18:10 -0500 Subject: dlm: fix basts for granted CW waiting PR/CW The fix in commit 3650925893469ccb03dbcc6a440c5d363350f591 was addressing the case of a granted PR lock with waiting PR and CW locks. It's a special case that requires forcing a CW bast. However, that forced CW bast was incorrectly applying to a second condition where the granted lock was CW. So, the holder of a CW lock could receive an extraneous CW bast instead of a PR bast. This fix narrows the original special case to what was intended. Signed-off-by: David Teigland --- fs/dlm/lock.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'fs/dlm') diff --git a/fs/dlm/lock.c b/fs/dlm/lock.c index 2d3d1027ce2b..7ba9586a0943 100644 --- a/fs/dlm/lock.c +++ b/fs/dlm/lock.c @@ -1782,7 +1782,8 @@ static void grant_pending_locks(struct dlm_rsb *r) list_for_each_entry_safe(lkb, s, &r->res_grantqueue, lkb_statequeue) { if (lkb->lkb_bastfn && lock_requires_bast(lkb, high, cw)) { - if (cw && high == DLM_LOCK_PR) + if (cw && high == DLM_LOCK_PR && + lkb->lkb_grmode == DLM_LOCK_PR) queue_bast(r, lkb, DLM_LOCK_CW); else queue_bast(r, lkb, high); -- cgit v1.2.3-70-g09d2 From 311f6fc77c51926dbdfbeab0a5d88d70f01fa3f4 Mon Sep 17 00:00:00 2001 From: Masatake YAMATO Date: Fri, 27 Jun 2008 08:35:03 -0500 Subject: dlm: release socket on error It seems that `sock' allocated by sock_create_kern in tcp_connect_to_sock() of dlm/fs/lowcomms.c is not released if dlm_nodeid_to_addr an error. Acked-by: Christine Caulfield Signed-off-by: Masatake YAMATO Signed-off-by: David Teigland --- fs/dlm/lowcomms.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'fs/dlm') diff --git a/fs/dlm/lowcomms.c b/fs/dlm/lowcomms.c index 637018c891ef..3962262f991a 100644 --- a/fs/dlm/lowcomms.c +++ b/fs/dlm/lowcomms.c @@ -891,8 +891,10 @@ static void tcp_connect_to_sock(struct connection *con) goto out_err; memset(&saddr, 0, sizeof(saddr)); - if (dlm_nodeid_to_addr(con->nodeid, &saddr)) + if (dlm_nodeid_to_addr(con->nodeid, &saddr)) { + sock_release(sock); goto out_err; + } sock->sk->sk_user_data = con; con->rx_action = receive_from_sock; -- cgit v1.2.3-70-g09d2 From 18c60c0a3b16fc7d6a55497a228602ad8509f838 Mon Sep 17 00:00:00 2001 From: Benny Halevy Date: Mon, 30 Jun 2008 19:59:14 +0300 Subject: dlm: fix uninitialized variable for search_rsb_list callers gcc 4.3.0 correctly emits the following warning. search_rsb_list does not *r_ret if no dlm_rsb is found and _search_rsb may pass the uninitialized value upstream on the error path when both calls to search_rsb_list return non-zero error. The fix sets *r_ret to NULL on search_rsb_list's not-found path. Signed-off-by: Benny Halevy Signed-off-by: David Teigland --- fs/dlm/lock.c | 1 + 1 file changed, 1 insertion(+) (limited to 'fs/dlm') diff --git a/fs/dlm/lock.c b/fs/dlm/lock.c index 7ba9586a0943..724ddac91538 100644 --- a/fs/dlm/lock.c +++ b/fs/dlm/lock.c @@ -363,6 +363,7 @@ static int search_rsb_list(struct list_head *head, char *name, int len, if (len == r->res_length && !memcmp(name, r->res_name, len)) goto found; } + *r_ret = NULL; return -EBADR; found: -- cgit v1.2.3-70-g09d2