From: Miklos Szeredi Date: Tue, 17 Oct 2006 07:10:08 +0000 (-0700) Subject: [PATCH] fuse: locking fix for nlookup X-Git-Tag: firefly_0821_release~31522^2~47^2~145 X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=8da5ff23ce0a84d9845b01e6fe5047e17836bf5a;p=firefly-linux-kernel-4.4.55.git [PATCH] fuse: locking fix for nlookup An inode could be returned by independent parallel lookups, in this case an update of the lookup counter could be lost resulting in a memory leak in userspace. Signed-off-by: Miklos Szeredi Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds --- diff --git a/fs/fuse/dir.c b/fs/fuse/dir.c index a8f65c11aa2c..7ecfe95795cd 100644 --- a/fs/fuse/dir.c +++ b/fs/fuse/dir.c @@ -163,7 +163,9 @@ static int fuse_dentry_revalidate(struct dentry *entry, struct nameidata *nd) fuse_send_forget(fc, req, outarg.nodeid, 1); return 0; } + spin_lock(&fc->lock); fi->nlookup ++; + spin_unlock(&fc->lock); } fuse_put_request(fc, req); if (err || (outarg.attr.mode ^ inode->i_mode) & S_IFMT) diff --git a/fs/fuse/inode.c b/fs/fuse/inode.c index 8e106163aaed..e9114237f31f 100644 --- a/fs/fuse/inode.c +++ b/fs/fuse/inode.c @@ -195,7 +195,9 @@ struct inode *fuse_iget(struct super_block *sb, unsigned long nodeid, } fi = get_fuse_inode(inode); + spin_lock(&fc->lock); fi->nlookup ++; + spin_unlock(&fc->lock); fuse_change_attributes(inode, attr); return inode; }