android_kernel_xiaomi_sm8350/fs/hfs
Eric Sandeen d6ddf55440 [PATCH] hfs_fill_super returns success even if no root inode
http://kernelfun.blogspot.com/2006/11/mokb-14-11-2006-linux-26x-selinux.html

mount that image...
fs: filesystem was not cleanly unmounted, running fsck.hfs is recommended.  mounting read-only.
hfs: get root inode failed.
BUG: unable to handle kernel NULL pointer dereference at virtual address 00000018
 printing eip
...
EIP is at superblock_doinit+0x21/0x767
...
 [] selinux_sb_kern_mount+0xc/0x4b
 [] vfs_kern_mount+0x99/0xf6
 [] do_kern_mount+0x2d/0x3e
 [] do_mount+0x5fa/0x66d
 [] sys_mount+0x77/0xae
 [] syscall_call+0x7/0xb
DWARF2 unwinder stuck at syscall_call+0x7/0xb

hfs_fill_super() returns success even if
  root_inode = hfs_iget(sb, &fd.search_key->cat, &rec);
or
  sb->s_root = d_alloc_root(root_inode);

fails.  This superblock finds its way to superblock_doinit() which does:

        struct dentry *root = sb->s_root;
        struct inode *inode = root->d_inode;

and boom.  Need to make sure the error cases return an error, I think.

[akpm@osdl.org: return -ENOMEM on oom]
Signed-off-by: Eric Sandeen <sandeen@redhat.com>
Cc: Roman Zippel <zippel@linux-m68k.org>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-11-16 11:43:38 -08:00
..
attr.c
bfind.c [PATCH] hfs: cleanup HFS prints 2006-01-18 19:20:23 -08:00
bitmap.c
bnode.c [PATCH] fs: Conversions from kmalloc+memset to k(z|c)alloc 2006-09-27 08:26:10 -07:00
brec.c [PATCH] hfs: cleanup HFS prints 2006-01-18 19:20:23 -08:00
btree.c [PATCH] fs: Conversions from kmalloc+memset to k(z|c)alloc 2006-09-27 08:26:10 -07:00
btree.h
catalog.c [PATCH] hfs: cleanup HFS prints 2006-01-18 19:20:23 -08:00
dir.c [PATCH] r/o bind mounts: monitor zeroing of i_nlink 2006-10-01 00:39:30 -07:00
extent.c
hfs_fs.h [PATCH] mark address_space_operations const 2006-06-28 14:59:04 -07:00
hfs.h
inode.c [PATCH] Streamline generic_file_* interfaces and filemap cleanups 2006-10-01 00:39:28 -07:00
Makefile
mdb.c [PATCH] hfs: cleanup HFS prints 2006-01-18 19:20:23 -08:00
part_tbl.c
string.c
super.c [PATCH] hfs_fill_super returns success even if no root inode 2006-11-16 11:43:38 -08:00
sysdep.c
trans.c