drm_mode_create_lease_ioctl(): fix open-coded filp_clone_open()

Failure of ->open() should *not* be followed by fput().  Fixed by
using filp_clone_open(), which gets the cleanups right.

Cc: stable@vger.kernel.org
Acked-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>

diff --git a/drivers/gpu/drm/drm_lease.c b/drivers/gpu/drm/drm_lease.c
index 50c73c0..d638c0f 100644 (file)
--- a/drivers/gpu/drm/drm_lease.c
+++ b/drivers/gpu/drm/drm_lease.c
@@ -553,24 +553,13 @@ int drm_mode_create_lease_ioctl(struct drm_device *dev,
 
        /* Clone the lessor file to create a new file for us */
        DRM_DEBUG_LEASE("Allocating lease file\n");
-       path_get(&lessor_file->f_path);
-       lessee_file = alloc_file(&lessor_file->f_path,
-                                lessor_file->f_mode,
-                                fops_get(lessor_file->f_inode->i_fop));
-
+       lessee_file = filp_clone_open(lessor_file);
        if (IS_ERR(lessee_file)) {
                ret = PTR_ERR(lessee_file);
                goto out_lessee;
        }
 
-       /* Initialize the new file for DRM */
-       DRM_DEBUG_LEASE("Initializing the file with %p\n", lessee_file->f_op->open);
-       ret = lessee_file->f_op->open(lessee_file->f_inode, lessee_file);
-       if (ret)
-               goto out_lessee_file;
-
        lessee_priv = lessee_file->private_data;
-
        /* Change the file to a master one */
        drm_master_put(&lessee_priv->master);
        lessee_priv->master = lessee;
@@ -588,9 +577,6 @@ int drm_mode_create_lease_ioctl(struct drm_device *dev,
        DRM_DEBUG_LEASE("drm_mode_create_lease_ioctl succeeded\n");
        return 0;
 
-out_lessee_file:
-       fput(lessee_file);
-
 out_lessee:
        drm_master_put(&lessee);
 

diff --git a/fs/internal.h b/fs/internal.h
index 980d005..5645b4e 100644 (file)
--- a/fs/internal.h
+++ b/fs/internal.h
@@ -127,7 +127,6 @@ int do_fchownat(int dfd, const char __user *filename, uid_t user, gid_t group,
 
 extern int open_check_o_direct(struct file *f);
 extern int vfs_open(const struct path *, struct file *, const struct cred *);
-extern struct file *filp_clone_open(struct file *);
 
 /*
  * inode.c

diff --git a/include/linux/fs.h b/include/linux/fs.h
index 5c91108..aa9b4c1 100644 (file)
--- a/include/linux/fs.h
+++ b/include/linux/fs.h
@@ -2422,6 +2422,7 @@ extern struct file *filp_open(const char *, int, umode_t);
 extern struct file *file_open_root(struct dentry *, struct vfsmount *,
                                   const char *, int, umode_t);
 extern struct file * dentry_open(const struct path *, int, const struct cred *);
+extern struct file *filp_clone_open(struct file *);
 extern int filp_close(struct file *, fl_owner_t id);
 
 extern struct filename *getname_flags(const char __user *, int, int *);