ovl: fix reference counting in ovl_mmap error path
authorChristian König <christian.koenig@amd.com>
Fri, 23 Apr 2021 21:28:54 +0000 (14:28 -0700)
committerLinus Torvalds <torvalds@linux-foundation.org>
Fri, 23 Apr 2021 21:42:39 +0000 (14:42 -0700)
mmap_region() now calls fput() on the vma->vm_file.

Fix this by using vma_set_file() so it doesn't need to be handled
manually here any more.

Link: https://lkml.kernel.org/r/20210421132012.82354-2-christian.koenig@amd.com
Fixes: 1527f926fd04 ("mm: mmap: fix fput in error path v2")
Signed-off-by: Christian König <christian.koenig@amd.com>
Reviewed-by: Daniel Vetter <daniel.vetter@ffwll.ch>
Cc: Jan Harkes <jaharkes@cs.cmu.edu>
Cc: Miklos Szeredi <miklos@szeredi.hu>
Cc: Jason Gunthorpe <jgg@ziepe.ca>
Cc: <stable@vger.kernel.org> [5.11+]
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
fs/overlayfs/file.c

index dbfb35fb0ff7921aa4cad53104b583b1cc69dbc9..3847cdc069b557f1a0bf4336fc247ff7a2174a28 100644 (file)
@@ -430,20 +430,11 @@ static int ovl_mmap(struct file *file, struct vm_area_struct *vma)
        if (WARN_ON(file != vma->vm_file))
                return -EIO;
 
-       vma->vm_file = get_file(realfile);
+       vma_set_file(vma, realfile);
 
        old_cred = ovl_override_creds(file_inode(file)->i_sb);
        ret = call_mmap(vma->vm_file, vma);
        revert_creds(old_cred);
-
-       if (ret) {
-               /* Drop reference count from new vm_file value */
-               fput(realfile);
-       } else {
-               /* Drop reference count from previous vm_file value */
-               fput(file);
-       }
-
        ovl_file_accessed(file);
 
        return ret;