This is a note to let you know that I've just added the patch titled eventfs: Warn if an eventfs_inode is freed without is_freed being set to the 6.7-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: eventfs-warn-if-an-eventfs_inode-is-freed-without-is_freed-being-set.patch and it can be found in the queue-6.7 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable@xxxxxxxxxxxxxxx> know about it. >From SRS0=eEWY=JP=rostedt.homelinux.com=rostedt@xxxxxxxxxx Tue Feb 6 12:34:58 2024 From: Steven Rostedt <rostedt@xxxxxxxxxxx> Date: Tue, 06 Feb 2024 06:32:18 -0500 Subject: eventfs: Warn if an eventfs_inode is freed without is_freed being set To: linux-kernel@xxxxxxxxxxxxxxx, stable@xxxxxxxxxxxxxxx Cc: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>, Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>, Sasha Levin <sashal@xxxxxxxxxx>, Masami Hiramatsu <mhiramat@xxxxxxxxxx>, Mark Rutland <mark.rutland@xxxxxxx>, Mathieu Desnoyers <mathieu.desnoyers@xxxxxxxxxxxx>, Christian Brauner <brauner@xxxxxxxxxx>, Al Viro <viro@xxxxxxxxxxxxxxxxxx>, Ajay Kaher <ajay.kaher@xxxxxxxxxxxx> Message-ID: <20240206113401.324608021@xxxxxxxxxxxxxxxxxxxxx> From: "Steven Rostedt (Google)" <rostedt@xxxxxxxxxxx> commit 5a49f996046ba947466bc7461e4b19c4d1daf978 upstream. There should never be a case where an evenfs_inode is being freed without is_freed being set. Add a WARN_ON_ONCE() if it ever happens. That would mean there was one too many put_ei()s. Link: https://lore.kernel.org/linux-trace-kernel/20240201161616.843551963@xxxxxxxxxxx Cc: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx> Cc: Masami Hiramatsu <mhiramat@xxxxxxxxxx> Cc: Mark Rutland <mark.rutland@xxxxxxx> Cc: Mathieu Desnoyers <mathieu.desnoyers@xxxxxxxxxxxx> Cc: Christian Brauner <brauner@xxxxxxxxxx> Cc: Al Viro <viro@xxxxxxxxxxxxxxxxxx> Cc: Ajay Kaher <ajay.kaher@xxxxxxxxxxxx> Signed-off-by: Steven Rostedt (Google) <rostedt@xxxxxxxxxxx> Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> --- fs/tracefs/event_inode.c | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) --- a/fs/tracefs/event_inode.c +++ b/fs/tracefs/event_inode.c @@ -73,6 +73,9 @@ enum { static void release_ei(struct kref *ref) { struct eventfs_inode *ei = container_of(ref, struct eventfs_inode, kref); + + WARN_ON_ONCE(!ei->is_freed); + kfree(ei->entry_attrs); kfree_const(ei->name); kfree_rcu(ei, rcu); @@ -84,6 +87,14 @@ static inline void put_ei(struct eventfs kref_put(&ei->kref, release_ei); } +static inline void free_ei(struct eventfs_inode *ei) +{ + if (ei) { + ei->is_freed = 1; + put_ei(ei); + } +} + static inline struct eventfs_inode *get_ei(struct eventfs_inode *ei) { if (ei) @@ -679,7 +690,7 @@ struct eventfs_inode *eventfs_create_dir /* Was the parent freed? */ if (list_empty(&ei->list)) { - put_ei(ei); + free_ei(ei); ei = NULL; } return ei; @@ -770,7 +781,7 @@ struct eventfs_inode *eventfs_create_eve return ei; fail: - put_ei(ei); + free_ei(ei); tracefs_failed_creating(dentry); return ERR_PTR(-ENOMEM); } @@ -801,9 +812,8 @@ static void eventfs_remove_rec(struct ev list_for_each_entry(ei_child, &ei->children, list) eventfs_remove_rec(ei_child, level + 1); - ei->is_freed = 1; list_del(&ei->list); - put_ei(ei); + free_ei(ei); } /** Patches currently in stable-queue which might be from rostedt@xxxxxxxxxx are queue-6.7/eventfs-keep-all-directory-links-at-1.patch queue-6.7/eventfs-save-directory-inodes-in-the-eventfs_inode-structure.patch queue-6.7/tracefs-zero-out-the-tracefs_inode-when-allocating-it.patch queue-6.7/eventfs-read-ei-entries-before-ei-children-in-eventfs_iterate.patch queue-6.7/eventfs-remove-lookup-parameter-from-create_dir-file_dentry.patch queue-6.7/eventfs-remove-fsnotify-functions-from-lookup.patch queue-6.7/eventfs-stop-using-dcache_readdir-for-getdents.patch queue-6.7/tracefs-avoid-using-the-ei-dentry-pointer-unnecessarily.patch queue-6.7/eventfs-initialize-the-tracefs-inode-properly.patch queue-6.7/eventfs-do-ctx-pos-update-for-all-iterations-in-eventfs_iterate.patch queue-6.7/tracefs-dentry-lookup-crapectomy.patch queue-6.7/eventfs-have-the-inodes-all-for-files-and-directories-all-be-the-same.patch queue-6.7/eventfs-use-kcalloc-instead-of-kzalloc.patch queue-6.7/eventfs-shortcut-eventfs_iterate-by-skipping-entries-already-read.patch queue-6.7/eventfs-do-not-create-dentries-nor-inodes-in-iterate_shared.patch queue-6.7/eventfs-have-eventfs_iterate-stop-immediately-if-ei-is_freed-is-set.patch queue-6.7/eventfs-restructure-eventfs_inode-structure-to-be-more-condensed.patch queue-6.7/eventfs-warn-if-an-eventfs_inode-is-freed-without-is_freed-being-set.patch queue-6.7/eventfs-get-rid-of-dentry-pointers-without-refcounts.patch queue-6.7/eventfs-remove-unused-d_parent-pointer-field.patch queue-6.7/eventfs-clean-up-dentry-ops-and-add-revalidate-function.patch