Re: [PATCH 07/18] fs_context: fix double free of legacy_fs_context data

Eric Biggers wrote: > Why isn't this done in the same place that ->init_fs_context() would otherwise > be called? It logically does the same thing, right? Fair point. How about the attached incremental change? It breaks the legacy context initialisation out into its own init function and

Re: [PATCH 07/18] fs_context: fix double free of legacy_fs_context data

Eric Biggers wrote: > Why isn't this done in the same place that ->init_fs_context() would otherwise > be called? It logically does the same thing, right? Fair point. How about the attached incremental change? It breaks the legacy context initialisation out into its own init function and

Re: [PATCH 07/18] fs_context: fix double free of legacy_fs_context data

On Mon, Jul 09, 2018 at 06:17:41PM -0700, Eric Biggers wrote: > On Mon, Jul 09, 2018 at 01:31:09PM +0100, David Howells wrote: > > Eric Biggers wrote: > > > > > sys_fsmount() calls fc->ops->free() to free the data, zeroes > > > ->fs_private, then proceeds to reuse the context. But

Re: [PATCH 07/18] fs_context: fix double free of legacy_fs_context data

On Mon, Jul 09, 2018 at 06:17:41PM -0700, Eric Biggers wrote: > On Mon, Jul 09, 2018 at 01:31:09PM +0100, David Howells wrote: > > Eric Biggers wrote: > > > > > sys_fsmount() calls fc->ops->free() to free the data, zeroes > > > ->fs_private, then proceeds to reuse the context. But

Re: [PATCH 07/18] fs_context: fix double free of legacy_fs_context data

On Mon, Jul 09, 2018 at 01:31:09PM +0100, David Howells wrote: > Eric Biggers wrote: > > > sys_fsmount() calls fc->ops->free() to free the data, zeroes > > ->fs_private, then proceeds to reuse the context. But legacy_fs_context > > doesn't use ->fs_private, so we need to handle zeroing it too;

Re: [PATCH 07/18] fs_context: fix double free of legacy_fs_context data

On Mon, Jul 09, 2018 at 01:31:09PM +0100, David Howells wrote: > Eric Biggers wrote: > > > sys_fsmount() calls fc->ops->free() to free the data, zeroes > > ->fs_private, then proceeds to reuse the context. But legacy_fs_context > > doesn't use ->fs_private, so we need to handle zeroing it too;

Re: [PATCH 07/18] fs_context: fix double free of legacy_fs_context data

Eric Biggers wrote: > sys_fsmount() calls fc->ops->free() to free the data, zeroes > ->fs_private, then proceeds to reuse the context. But legacy_fs_context > doesn't use ->fs_private, so we need to handle zeroing it too; otherwise > there's a double free of

Re: [PATCH 07/18] fs_context: fix double free of legacy_fs_context data

Eric Biggers wrote: > sys_fsmount() calls fc->ops->free() to free the data, zeroes > ->fs_private, then proceeds to reuse the context. But legacy_fs_context > doesn't use ->fs_private, so we need to handle zeroing it too; otherwise > there's a double free of

[PATCH 07/18] fs_context: fix double free of legacy_fs_context data

From: Eric Biggers sys_fsmount() calls fc->ops->free() to free the data, zeroes ->fs_private, then proceeds to reuse the context. But legacy_fs_context doesn't use ->fs_private, so we need to handle zeroing it too; otherwise there's a double free of legacy_fs_context::{legacy_data,secdata}.

[PATCH 07/18] fs_context: fix double free of legacy_fs_context data

From: Eric Biggers sys_fsmount() calls fc->ops->free() to free the data, zeroes ->fs_private, then proceeds to reuse the context. But legacy_fs_context doesn't use ->fs_private, so we need to handle zeroing it too; otherwise there's a double free of legacy_fs_context::{legacy_data,secdata}.