On Wed, 6 May 2015 17:35:47 -0700 Josh Triplett <josh@xxxxxxxxxxxxxxxx> wrote:
> If devpts failed to initialize, it would store an ERR_PTR in the global
> devpts_mnt. A subsequent open of /dev/ptmx would call devpts_new_index,
> which would dereference devpts_mnt and crash.
>
> Avoid storing invalid values in devpts_mnt; leave it NULL instead.
> Make both devpts_new_index and devpts_pty_new fail gracefully with
> ENODEV in that case, which then becomes the return value to the
> userspace open call on /dev/ptmx.
It looks like the system is pretty crippled if init_devptr_fs() fails.
Can the user actually get access to consoles and do useful things in
this situation? Maybe it would be better to just give up and panic?
> @@ -676,12 +689,15 @@ static int __init init_devpts_fs(void)
> struct ctl_table_header *table;
>
> if (!err) {
> + static struct vfsmount *mnt;
static is weird. I assume this was a braino?
> table = register_sysctl_table(pty_root_table);
> - devpts_mnt = kern_mount(&devpts_fs_type);
> - if (IS_ERR(devpts_mnt)) {
> - err = PTR_ERR(devpts_mnt);
> + mnt = kern_mount(&devpts_fs_type);
> + if (IS_ERR(mnt)) {
> + err = PTR_ERR(mnt);
> unregister_filesystem(&devpts_fs_type);
> unregister_sysctl_table(table);
> + } else {
> + devpts_mnt = mnt;
> }
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@xxxxxxxxx. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>