vfs: Fix error handling in do_remount()

In do_remount() when we fail to allocate an fs_context object, the code
jumps to the call to put_fs_context(), which then oopses as fc == -ENOMEM.

Fix this by jumping to the return statement after that instead.

Fixes: 37744f3d21f8 ("vfs: Implement a filesystem superblock creation/configuration context")
Reported-by: syzbot+cefb6ac96fc431886ec2@syzkaller.appspotmail.com
Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>

diff --git a/fs/namespace.c b/fs/namespace.c
index 7fb265914535919f81a8bcd1fc7d5e414dac071d..a78b2d1cef08f5d85ffb41ee8a13414a4939c97e 100644 (file)
--- a/fs/namespace.c
+++ b/fs/namespace.c
@@ -2400,7 +2400,7 @@ static int do_remount(struct path *path, int ms_flags, int sb_flags,
                                FS_CONTEXT_FOR_RECONFIGURE);
        err = PTR_ERR(fc);
        if (IS_ERR(fc))
-               goto err_fc;
+               goto err;
 
        err = parse_monolithic_mount_data(fc, data, data_size);
        if (err < 0)
@@ -2426,6 +2426,7 @@ static int do_remount(struct path *path, int ms_flags, int sb_flags,
        up_write(&sb->s_umount);
 err_fc:
        put_fs_context(fc);
+err:
        return err;
 }