Commit 9886e836 authored by David Howells's avatar David Howells Committed by Linus Torvalds

AFS: Stop readlink() on AFS crashing due to NULL 'file' ptr

kAFS crashes when asked to read a symbolic link because page_getlink()
passes a NULL file pointer to read_mapping_page(), but afs_readpage()
expects a file pointer from which to extract a key.

Modify afs_readpage() to request the appropriate key from the calling
process's keyrings if a file struct is not supplied with one attached.
Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
Acked-by: default avatarAnton Blanchard <anton@samba.org>
Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
parent 1e23502c
...@@ -134,9 +134,16 @@ static int afs_readpage(struct file *file, struct page *page) ...@@ -134,9 +134,16 @@ static int afs_readpage(struct file *file, struct page *page)
inode = page->mapping->host; inode = page->mapping->host;
ASSERT(file != NULL); if (file) {
key = file->private_data; key = file->private_data;
ASSERT(key != NULL); ASSERT(key != NULL);
} else {
key = afs_request_key(AFS_FS_S(inode->i_sb)->volume->cell);
if (IS_ERR(key)) {
ret = PTR_ERR(key);
goto error_nokey;
}
}
_enter("{%x},{%lu},{%lu}", key_serial(key), inode->i_ino, page->index); _enter("{%x},{%lu},{%lu}", key_serial(key), inode->i_ino, page->index);
...@@ -207,12 +214,17 @@ static int afs_readpage(struct file *file, struct page *page) ...@@ -207,12 +214,17 @@ static int afs_readpage(struct file *file, struct page *page)
unlock_page(page); unlock_page(page);
} }
if (!file)
key_put(key);
_leave(" = 0"); _leave(" = 0");
return 0; return 0;
error: error:
SetPageError(page); SetPageError(page);
unlock_page(page); unlock_page(page);
if (!file)
key_put(key);
error_nokey:
_leave(" = %d", ret); _leave(" = %d", ret);
return ret; return ret;
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment