forked from Minki/linux
AIO: fix cleanup in io_submit_one(...)
When IOCB_FLAG_RESFD flag is set and iocb->aio_resfd is incorrect, statement 'goto out_put_req' is executed. At label 'out_put_req', aio_put_req(..) is called, which requires 'req->ki_filp' set. Signed-off-by: Yan Zheng<yanzheng@21cn.com> Cc: Zach Brown <zach.brown@oracle.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
This commit is contained in:
parent
745ad48e8c
commit
87e2831c3f
2
fs/aio.c
2
fs/aio.c
@ -1562,6 +1562,7 @@ int fastcall io_submit_one(struct kioctx *ctx, struct iocb __user *user_iocb,
|
||||
fput(file);
|
||||
return -EAGAIN;
|
||||
}
|
||||
req->ki_filp = file;
|
||||
if (iocb->aio_flags & IOCB_FLAG_RESFD) {
|
||||
/*
|
||||
* If the IOCB_FLAG_RESFD flag of aio_flags is set, get an
|
||||
@ -1576,7 +1577,6 @@ int fastcall io_submit_one(struct kioctx *ctx, struct iocb __user *user_iocb,
|
||||
}
|
||||
}
|
||||
|
||||
req->ki_filp = file;
|
||||
ret = put_user(req->ki_key, &user_iocb->aio_key);
|
||||
if (unlikely(ret)) {
|
||||
dprintk("EFAULT: aio_key\n");
|
||||
|
Loading…
Reference in New Issue
Block a user