android_kernel_motorola_sm6225/fs/hfs
Eric Sandeen d6ddf55440 [PATCH] hfs_fill_super returns success even if no root inode
http://kernelfun.blogspot.com/2006/11/mokb-14-11-2006-linux-26x-selinux.html

mount that image...
fs: filesystem was not cleanly unmounted, running fsck.hfs is recommended.  mounting read-only.
hfs: get root inode failed.
BUG: unable to handle kernel NULL pointer dereference at virtual address 00000018
 printing eip
...
EIP is at superblock_doinit+0x21/0x767
...
 [] selinux_sb_kern_mount+0xc/0x4b
 [] vfs_kern_mount+0x99/0xf6
 [] do_kern_mount+0x2d/0x3e
 [] do_mount+0x5fa/0x66d
 [] sys_mount+0x77/0xae
 [] syscall_call+0x7/0xb
DWARF2 unwinder stuck at syscall_call+0x7/0xb

hfs_fill_super() returns success even if
  root_inode = hfs_iget(sb, &fd.search_key->cat, &rec);
or
  sb->s_root = d_alloc_root(root_inode);

fails.  This superblock finds its way to superblock_doinit() which does:

        struct dentry *root = sb->s_root;
        struct inode *inode = root->d_inode;

and boom.  Need to make sure the error cases return an error, I think.

[akpm@osdl.org: return -ENOMEM on oom]
Signed-off-by: Eric Sandeen <sandeen@redhat.com>
Cc: Roman Zippel <zippel@linux-m68k.org>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-11-16 11:43:38 -08:00
..
attr.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
bfind.c [PATCH] hfs: cleanup HFS prints 2006-01-18 19:20:23 -08:00
bitmap.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
bnode.c [PATCH] fs: Conversions from kmalloc+memset to k(z|c)alloc 2006-09-27 08:26:10 -07:00
brec.c [PATCH] hfs: cleanup HFS prints 2006-01-18 19:20:23 -08:00
btree.c [PATCH] fs: Conversions from kmalloc+memset to k(z|c)alloc 2006-09-27 08:26:10 -07:00
btree.h Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
catalog.c [PATCH] hfs: cleanup HFS prints 2006-01-18 19:20:23 -08:00
dir.c [PATCH] r/o bind mounts: monitor zeroing of i_nlink 2006-10-01 00:39:30 -07:00
extent.c [PATCH] hfs: don't dirty unchanged inode 2005-08-01 21:38:00 -07:00
hfs.h [PATCH] hfs: NLS support 2005-09-07 16:57:50 -07:00
hfs_fs.h [PATCH] mark address_space_operations const 2006-06-28 14:59:04 -07:00
inode.c [PATCH] Streamline generic_file_* interfaces and filemap cleanups 2006-10-01 00:39:28 -07:00
Makefile Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
mdb.c [PATCH] hfs: cleanup HFS prints 2006-01-18 19:20:23 -08:00
part_tbl.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
string.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
super.c [PATCH] hfs_fill_super returns success even if no root inode 2006-11-16 11:43:38 -08:00
sysdep.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
trans.c [PATCH] hfs: NLS support 2005-09-07 16:57:50 -07:00