Commit 53ce9a33 authored by Niels de Vos's avatar Niels de Vos Committed by Miklos Szeredi

fuse: readdirplus: fix dentry leak

In case d_lookup() returns a dentry with d_inode == NULL, the dentry is not
returned with dput(). This results in triggering a BUG() in
shrink_dcache_for_umount_subtree():

  BUG: Dentry ...{i=0,n=...} still in use (1) [unmount of fuse fuse]

[SzM: need to d_drop() as well]
Reported-by: default avatarJustin Clift <jclift@redhat.com>
Signed-off-by: default avatarNiels de Vos <ndevos@redhat.com>
Signed-off-by: default avatarMiklos Szeredi <mszeredi@suse.cz>
Tested-by: default avatarBrian Foster <bfoster@redhat.com>
Tested-by: default avatarNiels de Vos <ndevos@redhat.com>
CC: stable@vger.kernel.org
parent ad81f054
...@@ -1227,9 +1227,15 @@ static int fuse_direntplus_link(struct file *file, ...@@ -1227,9 +1227,15 @@ static int fuse_direntplus_link(struct file *file,
name.hash = full_name_hash(name.name, name.len); name.hash = full_name_hash(name.name, name.len);
dentry = d_lookup(parent, &name); dentry = d_lookup(parent, &name);
if (dentry && dentry->d_inode) { if (dentry) {
inode = dentry->d_inode; inode = dentry->d_inode;
if (get_node_id(inode) == o->nodeid) { if (!inode) {
d_drop(dentry);
} else if (get_node_id(inode) != o->nodeid) {
err = d_invalidate(dentry);
if (err)
goto out;
} else {
struct fuse_inode *fi; struct fuse_inode *fi;
fi = get_fuse_inode(inode); fi = get_fuse_inode(inode);
spin_lock(&fc->lock); spin_lock(&fc->lock);
...@@ -1242,9 +1248,6 @@ static int fuse_direntplus_link(struct file *file, ...@@ -1242,9 +1248,6 @@ static int fuse_direntplus_link(struct file *file,
*/ */
goto found; goto found;
} }
err = d_invalidate(dentry);
if (err)
goto out;
dput(dentry); dput(dentry);
dentry = NULL; dentry = NULL;
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment