superrob1500
/
mirror-linux
mirror of https://github.com/torvalds/linux
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

convert pstore 

object creation by d_alloc_name()+d_add() in pstore_mkfile(), removal -
via normal VFS codepaths (with ->unlink() using simple_unlink()) or
in pstore_put_backend_records() via locked_recursive_removal()

Replace d_add() with d_make_persistent()+dput() - that's what really
happens there.  The reference that goes into record->dentry is valid
only until the unlink (and explicitly cleared by pstore_unlink()).

Reviewed-by: Kees Cook <kees@kernel.org>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
pull/1354/merge
Al Viro 2024-05-09 03:01:37 -04:00
parent 5a8993a15a
commit eec876df5e
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
fs/pstore/inode.c
View File

@ -373,7 +373,7 @@ int pstore_mkfile(struct dentry *root, struct pstore_record *record)
if (!dentry)
return -ENOMEM;
private->dentry = dentry;
private->dentry = dentry; // borrowed
private->record = record;
inode->i_size = private->total_size = size;
inode->i_private = private;
@ -382,7 +382,8 @@ int pstore_mkfile(struct dentry *root, struct pstore_record *record)
inode_set_mtime_to_ts(inode,
inode_set_ctime_to_ts(inode, record->time));
d_add(dentry, no_free_ptr(inode));
d_make_persistent(dentry, no_free_ptr(inode));
dput(dentry);
list_add(&(no_free_ptr(private))->list, &records_list);
@ -465,7 +466,7 @@ static void pstore_kill_sb(struct super_block *sb)
guard(mutex)(&pstore_sb_lock);
WARN_ON(pstore_sb && pstore_sb != sb);
kill_litter_super(sb);
kill_anon_super(sb);
pstore_sb = NULL;
guard(mutex)(&records_list_lock);