ClabureDB: Classified Bug-Reports Database

Project: Linux Kernel

Showing error 1875

User:	Jiri Slaby
Error type:	Invalid Pointer Dereference
Error type description:	A pointer which is invalid is being dereferenced
File location:	fs/proc/root.c
Line in file:	76
Project:	Linux Kernel
Project version:	2.6.28
Tools:	Smatch (1.59)
Entered:	2013-09-11 08:47:26 UTC
Source:

  1/*
  2 *  linux/fs/proc/root.c
  3 *
  4 *  Copyright (C) 1991, 1992 Linus Torvalds
  5 *
  6 *  proc root directory handling functions
  7 */
  8
  9#include <asm/uaccess.h>
 10
 11#include <linux/errno.h>
 12#include <linux/time.h>
 13#include <linux/proc_fs.h>
 14#include <linux/stat.h>
 15#include <linux/init.h>
 16#include <linux/sched.h>
 17#include <linux/module.h>
 18#include <linux/bitops.h>
 19#include <linux/smp_lock.h>
 20#include <linux/mount.h>
 21#include <linux/pid_namespace.h>
 22
 23#include "internal.h"
 24
 25static int proc_test_super(struct super_block *sb, void *data)
 26{
 27        return sb->s_fs_info == data;
 28}
 29
 30static int proc_set_super(struct super_block *sb, void *data)
 31{
 32        struct pid_namespace *ns;
 33
 34        ns = (struct pid_namespace *)data;
 35        sb->s_fs_info = get_pid_ns(ns);
 36        return set_anon_super(sb, NULL);
 37}
 38
 39static int proc_get_sb(struct file_system_type *fs_type,
 40        int flags, const char *dev_name, void *data, struct vfsmount *mnt)
 41{
 42        int err;
 43        struct super_block *sb;
 44        struct pid_namespace *ns;
 45        struct proc_inode *ei;
 46
 47        if (proc_mnt) {
 48                /* Seed the root directory with a pid so it doesn't need
 49                 * to be special in base.c.  I would do this earlier but
 50                 * the only task alive when /proc is mounted the first time
 51                 * is the init_task and it doesn't have any pids.
 52                 */
 53                ei = PROC_I(proc_mnt->mnt_sb->s_root->d_inode);
 54                if (!ei->pid)
 55                        ei->pid = find_get_pid(1);
 56        }
 57
 58        if (flags & MS_KERNMOUNT)
 59                ns = (struct pid_namespace *)data;
 60        else
 61                ns = current->nsproxy->pid_ns;
 62
 63        sb = sget(fs_type, proc_test_super, proc_set_super, ns);
 64        if (IS_ERR(sb))
 65                return PTR_ERR(sb);
 66
 67        if (!sb->s_root) {
 68                sb->s_flags = flags;
 69                err = proc_fill_super(sb);
 70                if (err) {
 71                        up_write(&sb->s_umount);
 72                        deactivate_super(sb);
 73                        return err;
 74                }
 75
 76                ei = PROC_I(sb->s_root->d_inode);
 77                if (!ei->pid) {
 78                        rcu_read_lock();
 79                        ei->pid = get_pid(find_pid_ns(1, ns));
 80                        rcu_read_unlock();
 81                }
 82
 83                sb->s_flags |= MS_ACTIVE;
 84                ns->proc_mnt = mnt;
 85        }
 86
 87        return simple_set_mnt(mnt, sb);
 88}
 89
 90static void proc_kill_sb(struct super_block *sb)
 91{
 92        struct pid_namespace *ns;
 93
 94        ns = (struct pid_namespace *)sb->s_fs_info;
 95        kill_anon_super(sb);
 96        put_pid_ns(ns);
 97}
 98
 99static struct file_system_type proc_fs_type = {
100        .name                = "proc",
101        .get_sb                = proc_get_sb,
102        .kill_sb        = proc_kill_sb,
103};
104
105void __init proc_root_init(void)
106{
107        int err;
108
109        proc_init_inodecache();
110        err = register_filesystem(&proc_fs_type);
111        if (err)
112                return;
113        proc_mnt = kern_mount_data(&proc_fs_type, &init_pid_ns);
114        err = PTR_ERR(proc_mnt);
115        if (IS_ERR(proc_mnt)) {
116                unregister_filesystem(&proc_fs_type);
117                return;
118        }
119
120        proc_symlink("mounts", NULL, "self/mounts");
121
122        proc_net_init();
123
124#ifdef CONFIG_SYSVIPC
125        proc_mkdir("sysvipc", NULL);
126#endif
127        proc_mkdir("fs", NULL);
128        proc_mkdir("driver", NULL);
129        proc_mkdir("fs/nfsd", NULL); /* somewhere for the nfsd filesystem to be mounted */
130#if defined(CONFIG_SUN_OPENPROMFS) || defined(CONFIG_SUN_OPENPROMFS_MODULE)
131        /* just give it a mountpoint */
132        proc_mkdir("openprom", NULL);
133#endif
134        proc_tty_init();
135#ifdef CONFIG_PROC_DEVICETREE
136        proc_device_tree_init();
137#endif
138        proc_mkdir("bus", NULL);
139        proc_sys_init();
140}
141
142static int proc_root_getattr(struct vfsmount *mnt, struct dentry *dentry, struct kstat *stat
143)
144{
145        generic_fillattr(dentry->d_inode, stat);
146        stat->nlink = proc_root.nlink + nr_processes();
147        return 0;
148}
149
150static struct dentry *proc_root_lookup(struct inode * dir, struct dentry * dentry, struct nameidata *nd)
151{
152        if (!proc_lookup(dir, dentry, nd)) {
153                return NULL;
154        }
155        
156        return proc_pid_lookup(dir, dentry, nd);
157}
158
159static int proc_root_readdir(struct file * filp,
160        void * dirent, filldir_t filldir)
161{
162        unsigned int nr = filp->f_pos;
163        int ret;
164
165        lock_kernel();
166
167        if (nr < FIRST_PROCESS_ENTRY) {
168                int error = proc_readdir(filp, dirent, filldir);
169                if (error <= 0) {
170                        unlock_kernel();
171                        return error;
172                }
173                filp->f_pos = FIRST_PROCESS_ENTRY;
174        }
175        unlock_kernel();
176
177        ret = proc_pid_readdir(filp, dirent, filldir);
178        return ret;
179}
180
181/*
182 * The root /proc directory is special, as it has the
183 * <pid> directories. Thus we don't use the generic
184 * directory handling functions for that..
185 */
186static const struct file_operations proc_root_operations = {
187        .read                 = generic_read_dir,
188        .readdir         = proc_root_readdir,
189};
190
191/*
192 * proc root can do almost nothing..
193 */
194static const struct inode_operations proc_root_inode_operations = {
195        .lookup                = proc_root_lookup,
196        .getattr        = proc_root_getattr,
197};
198
199/*
200 * This is the root "inode" in the /proc tree..
201 */
202struct proc_dir_entry proc_root = {
203        .low_ino        = PROC_ROOT_INO, 
204        .namelen        = 5, 
205        .name                = "/proc",
206        .mode                = S_IFDIR | S_IRUGO | S_IXUGO, 
207        .nlink                = 2, 
208        .count                = ATOMIC_INIT(1),
209        .proc_iops        = &proc_root_inode_operations, 
210        .proc_fops        = &proc_root_operations,
211        .parent                = &proc_root,
212};
213
214int pid_ns_prepare_proc(struct pid_namespace *ns)
215{
216        struct vfsmount *mnt;
217
218        mnt = kern_mount_data(&proc_fs_type, ns);
219        if (IS_ERR(mnt))
220                return PTR_ERR(mnt);
221
222        return 0;
223}
224
225void pid_ns_release_proc(struct pid_namespace *ns)
226{
227        mntput(ns->proc_mnt);
228}
229
230EXPORT_SYMBOL(proc_symlink);
231EXPORT_SYMBOL(proc_mkdir);
232EXPORT_SYMBOL(create_proc_entry);
233EXPORT_SYMBOL(proc_create_data);
234EXPORT_SYMBOL(remove_proc_entry);