From 159f5bdadcdda638aad5a234b58d6031aa4ef8aa Mon Sep 17 00:00:00 2001 From: Johannes Berg Date: Thu, 21 Dec 2023 15:04:45 +0100 Subject: debugfs: initialize cancellations earlier Tetsuo Handa pointed out that in the (now reverted) lockdep commit I initialized the data too late. The same is true for the cancellation data, it must be initialized before the cmpxchg(), otherwise it may be done twice and possibly even overwriting data in there already when there's a race. Fix that, which also requires destroying the mutex in case we lost the race. Fixes: 8c88a474357e ("debugfs: add API to allow debugfs operations cancellation") Reported-by: Tetsuo Handa Signed-off-by: Johannes Berg Link: https://lore.kernel.org/r/20231221150444.1e47a0377f80.If7e8ba721ba2956f12c6e8405e7d61e154aa7ae7@changeid Signed-off-by: Greg Kroah-Hartman --- fs/debugfs/file.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'fs/debugfs') diff --git a/fs/debugfs/file.c b/fs/debugfs/file.c index 5063434be0fc..6d7c1a49581f 100644 --- a/fs/debugfs/file.c +++ b/fs/debugfs/file.c @@ -104,12 +104,14 @@ int debugfs_file_get(struct dentry *dentry) ~DEBUGFS_FSDATA_IS_REAL_FOPS_BIT); refcount_set(&fsd->active_users, 1); init_completion(&fsd->active_users_drained); + INIT_LIST_HEAD(&fsd->cancellations); + mutex_init(&fsd->cancellations_mtx); + if (cmpxchg(&dentry->d_fsdata, d_fsd, fsd) != d_fsd) { + mutex_destroy(&fsd->cancellations_mtx); kfree(fsd); fsd = READ_ONCE(dentry->d_fsdata); } - INIT_LIST_HEAD(&fsd->cancellations); - mutex_init(&fsd->cancellations_mtx); } /* -- cgit