* [PATCH] fix a leak in fcntl_dirnotify()
@ 2025-07-12 17:18 Al Viro
2025-07-14 8:14 ` Christian Brauner
0 siblings, 1 reply; 3+ messages in thread
From: Al Viro @ 2025-07-12 17:18 UTC (permalink / raw)
To: linux-fsdevel; +Cc: Christian Brauner
[into #fixes, unless somebody objects]
Lifetime of new_dn_mark is controlled by that of its ->fsn_mark,
pointed to by new_fsn_mark. Unfortunately, a failure exit had
been inserted between the allocation of new_dn_mark and the
call of fsnotify_init_mark(), ending up with a leak.
Fixes: 1934b212615d "file: reclaim 24 bytes from f_owner"
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
---
diff --git a/fs/notify/dnotify/dnotify.c b/fs/notify/dnotify/dnotify.c
index c4cdaf5fa7ed..9fb73bafd41d 100644
--- a/fs/notify/dnotify/dnotify.c
+++ b/fs/notify/dnotify/dnotify.c
@@ -308,6 +308,10 @@ int fcntl_dirnotify(int fd, struct file *filp, unsigned int arg)
goto out_err;
}
+ error = file_f_owner_allocate(filp);
+ if (error)
+ goto out_err;
+
/* new fsnotify mark, we expect most fcntl calls to add a new mark */
new_dn_mark = kmem_cache_alloc(dnotify_mark_cache, GFP_KERNEL);
if (!new_dn_mark) {
@@ -315,10 +319,6 @@ int fcntl_dirnotify(int fd, struct file *filp, unsigned int arg)
goto out_err;
}
- error = file_f_owner_allocate(filp);
- if (error)
- goto out_err;
-
/* set up the new_fsn_mark and new_dn_mark */
new_fsn_mark = &new_dn_mark->fsn_mark;
fsnotify_init_mark(new_fsn_mark, dnotify_group);
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH] fix a leak in fcntl_dirnotify()
2025-07-12 17:18 [PATCH] fix a leak in fcntl_dirnotify() Al Viro
@ 2025-07-14 8:14 ` Christian Brauner
2025-07-14 15:07 ` Al Viro
0 siblings, 1 reply; 3+ messages in thread
From: Christian Brauner @ 2025-07-14 8:14 UTC (permalink / raw)
To: Al Viro; +Cc: linux-fsdevel
On Sat, Jul 12, 2025 at 06:18:43PM +0100, Al Viro wrote:
> [into #fixes, unless somebody objects]
>
> Lifetime of new_dn_mark is controlled by that of its ->fsn_mark,
> pointed to by new_fsn_mark. Unfortunately, a failure exit had
> been inserted between the allocation of new_dn_mark and the
> call of fsnotify_init_mark(), ending up with a leak.
>
> Fixes: 1934b212615d "file: reclaim 24 bytes from f_owner"
> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
> ---
I'll grab this into vfs.fixes and send it with the batch I have in
there this week.
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] fix a leak in fcntl_dirnotify()
2025-07-14 8:14 ` Christian Brauner
@ 2025-07-14 15:07 ` Al Viro
0 siblings, 0 replies; 3+ messages in thread
From: Al Viro @ 2025-07-14 15:07 UTC (permalink / raw)
To: Christian Brauner; +Cc: linux-fsdevel
On Mon, Jul 14, 2025 at 10:14:38AM +0200, Christian Brauner wrote:
> On Sat, Jul 12, 2025 at 06:18:43PM +0100, Al Viro wrote:
> > [into #fixes, unless somebody objects]
> >
> > Lifetime of new_dn_mark is controlled by that of its ->fsn_mark,
> > pointed to by new_fsn_mark. Unfortunately, a failure exit had
> > been inserted between the allocation of new_dn_mark and the
> > call of fsnotify_init_mark(), ending up with a leak.
> >
> > Fixes: 1934b212615d "file: reclaim 24 bytes from f_owner"
> > Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
> > ---
>
> I'll grab this into vfs.fixes and send it with the batch I have in
> there this week.
OK... Again, the only things I've got in the vicinity are post-rc1
fodder, so I've no preferences re which branch does that go through.
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2025-07-14 15:07 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-07-12 17:18 [PATCH] fix a leak in fcntl_dirnotify() Al Viro
2025-07-14 8:14 ` Christian Brauner
2025-07-14 15:07 ` Al Viro
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).