From: Mathias Krause <minipli@xxxxxxxxxxxxxx>
commit 12c20c65d0460cf34f9a665d8f0c0d77d45a3829 upstream.
Commit 77a06c33a22d ("eventfs: Test for ei->is_freed when accessing
ei->dentry") added another check, testing if the parent was freed after
we released the mutex. If so, the function returns NULL. However, all
callers expect it to either return a valid pointer or an error pointer,
at least since commit 5264a2f4bb3b ("tracing: Fix a NULL vs IS_ERR() bug
in event_subsystem_dir()"). Returning NULL will therefore fail the error
condition check in the caller.
Fix this by substituting the NULL return value with a fitting error
pointer.
Cc: Masami Hiramatsu <mhiramat@xxxxxxxxxx>
Cc: Mathieu Desnoyers <mathieu.desnoyers@xxxxxxxxxxxx>
Cc: stable@xxxxxxxxxxxxxxx
Fixes: 77a06c33a22d ("eventfs: Test for ei->is_freed when accessing ei->dentry")
Link: https://lore.kernel.org/20240723122522.2724-1-minipli@xxxxxxxxxxxxxx
Reviewed-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>
Reviewed-by: Ajay Kaher <ajay.kaher@xxxxxxxxxxxx>
Signed-off-by: Mathias Krause <minipli@xxxxxxxxxxxxxx>
Signed-off-by: Steven Rostedt (Google) <rostedt@xxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>
---
fs/tracefs/event_inode.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- a/fs/tracefs/event_inode.c
+++ b/fs/tracefs/event_inode.c
@@ -806,7 +806,7 @@ struct eventfs_inode *eventfs_create_dir
/* Was the parent freed? */
if (list_empty(&ei->list)) {
cleanup_ei(ei);
- ei = NULL;
+ ei = ERR_PTR(-EBUSY);
}
return ei;
}
Patches currently in stable-queue which might be from minipli@xxxxxxxxxxxxxx are
queue-6.6/tracefs-use-generic-inode-rcu-for-synchronizing-freeing.patch
queue-6.6/eventfs-don-t-return-null-in-eventfs_create_dir.patch
queue-6.6/tracefs-fix-inode-allocation.patch
queue-6.6/eventfs-use-srcu-for-freeing-eventfs_inodes.patch
