From: Al Viro <viro@zeniv.linux.org.uk>
To: alexjlzheng@gmail.com
Cc: paul@paul-moore.com, jmorris@namei.org, serge@hallyn.com,
greg@kroah.com, chrisw@osdl.org,
linux-security-module@vger.kernel.org,
linux-kernel@vger.kernel.org,
Jinliang Zheng <alexjlzheng@tencent.com>
Subject: [PATCH 1/8] securityfs: don't pin dentries twice, once is enough...
Date: Fri, 9 May 2025 05:37:57 +0100 [thread overview]
Message-ID: <20250509043757.GL2023217@ZenIV> (raw)
In-Reply-To: <20250509032326.GJ2023217@ZenIV>
From 5c463d47c814e16adb6e997a05ca5625df41152d Mon Sep 17 00:00:00 2001
From: Al Viro <viro@zeniv.linux.org.uk>
Date: Thu, 8 May 2025 23:38:01 -0400
Subject: [PATCH 1/8] securityfs: don't pin dentries twice, once is enough...
incidentally, securityfs_recursive_remove() is broken without that -
it leaks dentries, since simple_recursive_removal() does not expect
anything of that sort. It could be worked around by dput() in
remove_one() callback, but it's easier to just drop that double-get
stuff.
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
---
security/inode.c | 2 --
1 file changed, 2 deletions(-)
diff --git a/security/inode.c b/security/inode.c
index da3ab44c8e57..58cc60c50498 100644
--- a/security/inode.c
+++ b/security/inode.c
@@ -159,7 +159,6 @@ static struct dentry *securityfs_create_dentry(const char *name, umode_t mode,
inode->i_fop = fops;
}
d_instantiate(dentry, inode);
- dget(dentry);
inode_unlock(dir);
return dentry;
@@ -306,7 +305,6 @@ void securityfs_remove(struct dentry *dentry)
simple_rmdir(dir, dentry);
else
simple_unlink(dir, dentry);
- dput(dentry);
}
inode_unlock(dir);
simple_release_fs(&mount, &mount_count);
--
2.39.5
next prev parent reply other threads:[~2025-05-09 4:38 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-05-08 14:04 [PATCH v3] securityfs: fix missing of d_delete() in securityfs_remove() alexjlzheng
2025-05-09 1:55 ` Fan Wu
2025-05-09 2:45 ` Jinliang Zheng
2025-05-09 3:23 ` Al Viro
2025-05-09 4:37 ` Al Viro
2025-05-09 4:46 ` Al Viro
2025-05-12 21:19 ` Paul Moore
2025-05-12 22:24 ` Al Viro
2025-05-13 0:10 ` Fan Wu
2025-05-09 4:37 ` Al Viro [this message]
2025-05-13 23:13 ` [PATCH 1/8] securityfs: don't pin dentries twice, once is enough Paul Moore
2025-05-09 4:38 ` [PATCH 2/8] securityfs: pin filesystem only for objects directly in root Al Viro
2025-05-09 4:39 ` [PATCH 3/8] fix locking in efi_secret_unlink() Al Viro
2025-05-09 4:39 ` [PATCH 4/8] make securityfs_remove() remove the entire subtree Al Viro
2025-05-09 4:40 ` [PATCH 5/8] efi_secret: clean securityfs use up Al Viro
2025-05-09 4:40 ` [PATCH 6/8] ima_fs: don't bother with removal of files in directory we'll be removing Al Viro
2025-05-09 4:41 ` [PATCH 7/8] ima_fs: get rid of lookup-by-dentry stuff Al Viro
2025-05-09 4:41 ` [PATCH 8/8] evm_secfs: clear securityfs interactions Al Viro
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250509043757.GL2023217@ZenIV \
--to=viro@zeniv.linux.org.uk \
--cc=alexjlzheng@gmail.com \
--cc=alexjlzheng@tencent.com \
--cc=chrisw@osdl.org \
--cc=greg@kroah.com \
--cc=jmorris@namei.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=paul@paul-moore.com \
--cc=serge@hallyn.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.