[PATCH 2/4] spufs: fix gang directory lifetimes
Christian Brauner
brauner at kernel.org
Thu Mar 13 19:28:12 AEDT 2025
On Thu, Mar 13, 2025 at 04:29:01AM +0000, Al Viro wrote:
> prior to "[POWERPC] spufs: Fix gang destroy leaks" we used to have
> a problem with gang lifetimes - creation of a gang returns opened
> gang directory, which normally gets removed when that gets closed,
> but if somebody has created a context belonging to that gang and
> kept it alive until the gang got closed, removal failed and we
> ended up with a leak.
>
> Unfortunately, it had been fixed the wrong way. Dentry of gang
> directory was no longer pinned, and rmdir on close was gone.
> One problem was that failure of open kept calling simple_rmdir()
> as cleanup, which meant an unbalanced dput(). Another bug was
> in the success case - gang creation incremented link count on
> root directory, but that was no longer undone when gang got
> destroyed.
>
> Fix consists of
> * reverting the commit in question
> * adding a counter to gang, protected by ->i_rwsem
> of gang directory inode.
> * having it set to 1 at creation time, dropped
> in both spufs_dir_close() and spufs_gang_close() and bumped
> in spufs_create_context(), provided that it's not 0.
> * using simple_recursive_removal() to take the gang
> directory out when counter reaches zero.
>
> Fixes: 877907d37da9 "[POWERPC] spufs: Fix gang destroy leaks"
> Signed-off-by: Al Viro <viro at zeniv.linux.org.uk>
> ---
Reviewed-by: Christian Brauner <brauner at kernel.org>
More information about the Linuxppc-dev
mailing list