mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2025-01-17 10:46:33 +00:00
Revert "fuse: in fuse_flush only wait if someone wants the return code"
This reverts commit 5a8bee63b10f6f2f52f6d22e109a4a147409842a. Jürg Billeter reports the following regression: Since v6.3-rc1 commit 5a8bee63b1 ("fuse: in fuse_flush only wait if someone wants the return code") `fput()` is called asynchronously if a file is closed as part of a process exiting, i.e., if there was no explicit `close()` before exit. If the file was open for writing, also `put_write_access()` is called asynchronously as part of the async `fput()`. If that newly written file is an executable, attempting to `execve()` the new file can fail with `ETXTBSY` if it's called after the writer process exited but before the async `fput()` has run. Reported-and-tested-by: "Jürg Billeter" <j@bitron.ch> Cc: <stable@vger.kernel.org> # v6.3 Link: https://lore.kernel.org/all/4f66cded234462964899f2a661750d6798a57ec0.camel@bitron.ch/ Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
This commit is contained in:
parent
2ccdd1b13c
commit
91ec6c8559
@ -19,7 +19,6 @@
|
||||
#include <linux/uio.h>
|
||||
#include <linux/fs.h>
|
||||
#include <linux/filelock.h>
|
||||
#include <linux/file.h>
|
||||
|
||||
static int fuse_send_open(struct fuse_mount *fm, u64 nodeid,
|
||||
unsigned int open_flags, int opcode,
|
||||
@ -479,36 +478,48 @@ static void fuse_sync_writes(struct inode *inode)
|
||||
fuse_release_nowrite(inode);
|
||||
}
|
||||
|
||||
struct fuse_flush_args {
|
||||
struct fuse_args args;
|
||||
struct fuse_flush_in inarg;
|
||||
struct work_struct work;
|
||||
struct file *file;
|
||||
};
|
||||
|
||||
static int fuse_do_flush(struct fuse_flush_args *fa)
|
||||
static int fuse_flush(struct file *file, fl_owner_t id)
|
||||
{
|
||||
int err;
|
||||
struct inode *inode = file_inode(fa->file);
|
||||
struct inode *inode = file_inode(file);
|
||||
struct fuse_mount *fm = get_fuse_mount(inode);
|
||||
struct fuse_file *ff = file->private_data;
|
||||
struct fuse_flush_in inarg;
|
||||
FUSE_ARGS(args);
|
||||
int err;
|
||||
|
||||
if (fuse_is_bad(inode))
|
||||
return -EIO;
|
||||
|
||||
if (ff->open_flags & FOPEN_NOFLUSH && !fm->fc->writeback_cache)
|
||||
return 0;
|
||||
|
||||
err = write_inode_now(inode, 1);
|
||||
if (err)
|
||||
goto out;
|
||||
return err;
|
||||
|
||||
inode_lock(inode);
|
||||
fuse_sync_writes(inode);
|
||||
inode_unlock(inode);
|
||||
|
||||
err = filemap_check_errors(fa->file->f_mapping);
|
||||
err = filemap_check_errors(file->f_mapping);
|
||||
if (err)
|
||||
goto out;
|
||||
return err;
|
||||
|
||||
err = 0;
|
||||
if (fm->fc->no_flush)
|
||||
goto inval_attr_out;
|
||||
|
||||
err = fuse_simple_request(fm, &fa->args);
|
||||
memset(&inarg, 0, sizeof(inarg));
|
||||
inarg.fh = ff->fh;
|
||||
inarg.lock_owner = fuse_lock_owner_id(fm->fc, id);
|
||||
args.opcode = FUSE_FLUSH;
|
||||
args.nodeid = get_node_id(inode);
|
||||
args.in_numargs = 1;
|
||||
args.in_args[0].size = sizeof(inarg);
|
||||
args.in_args[0].value = &inarg;
|
||||
args.force = true;
|
||||
|
||||
err = fuse_simple_request(fm, &args);
|
||||
if (err == -ENOSYS) {
|
||||
fm->fc->no_flush = 1;
|
||||
err = 0;
|
||||
@ -521,57 +532,9 @@ inval_attr_out:
|
||||
*/
|
||||
if (!err && fm->fc->writeback_cache)
|
||||
fuse_invalidate_attr_mask(inode, STATX_BLOCKS);
|
||||
|
||||
out:
|
||||
fput(fa->file);
|
||||
kfree(fa);
|
||||
return err;
|
||||
}
|
||||
|
||||
static void fuse_flush_async(struct work_struct *work)
|
||||
{
|
||||
struct fuse_flush_args *fa = container_of(work, typeof(*fa), work);
|
||||
|
||||
fuse_do_flush(fa);
|
||||
}
|
||||
|
||||
static int fuse_flush(struct file *file, fl_owner_t id)
|
||||
{
|
||||
struct fuse_flush_args *fa;
|
||||
struct inode *inode = file_inode(file);
|
||||
struct fuse_mount *fm = get_fuse_mount(inode);
|
||||
struct fuse_file *ff = file->private_data;
|
||||
|
||||
if (fuse_is_bad(inode))
|
||||
return -EIO;
|
||||
|
||||
if (ff->open_flags & FOPEN_NOFLUSH && !fm->fc->writeback_cache)
|
||||
return 0;
|
||||
|
||||
fa = kzalloc(sizeof(*fa), GFP_KERNEL);
|
||||
if (!fa)
|
||||
return -ENOMEM;
|
||||
|
||||
fa->inarg.fh = ff->fh;
|
||||
fa->inarg.lock_owner = fuse_lock_owner_id(fm->fc, id);
|
||||
fa->args.opcode = FUSE_FLUSH;
|
||||
fa->args.nodeid = get_node_id(inode);
|
||||
fa->args.in_numargs = 1;
|
||||
fa->args.in_args[0].size = sizeof(fa->inarg);
|
||||
fa->args.in_args[0].value = &fa->inarg;
|
||||
fa->args.force = true;
|
||||
fa->file = get_file(file);
|
||||
|
||||
/* Don't wait if the task is exiting */
|
||||
if (current->flags & PF_EXITING) {
|
||||
INIT_WORK(&fa->work, fuse_flush_async);
|
||||
schedule_work(&fa->work);
|
||||
return 0;
|
||||
}
|
||||
|
||||
return fuse_do_flush(fa);
|
||||
}
|
||||
|
||||
int fuse_fsync_common(struct file *file, loff_t start, loff_t end,
|
||||
int datasync, int opcode)
|
||||
{
|
||||
|
Loading…
x
Reference in New Issue
Block a user