objects are created in fuse_ctl_add_dentry() by d_alloc_name()+d_add(),
removed by simple_remove_by_name().
What we return is a borrowed reference - it is valid until the call of
fuse_ctl_remove_conn() and we depend upon the exclusion (on fuse_mutex)
for safety. Return value is used only within the caller
(fuse_ctl_add_conn()).
Replace d_add() with d_make_persistent() + dput(). dput() is paired
with d_alloc_name() and return value is the result of d_make_persistent().
Signed-off-by: Al Viro <v...@zeniv.linux.org.uk>
---
fs/fuse/control.c | 12 +++++++++---
1 file changed, 9 insertions(+), 3 deletions(-)
diff --git a/fs/fuse/control.c b/fs/fuse/control.c
index 31fa816d0189..adcb81e04802 100644
--- a/fs/fuse/control.c
+++ b/fs/fuse/control.c
@@ -234,8 +234,14 @@ static struct dentry *fuse_ctl_add_dentry(struct dentry
*parent,
inode->i_fop = fop;
set_nlink(inode, nlink);
inode->i_private = fc;
- d_add(dentry, inode);
-
+ d_make_persistent(dentry, inode);
+ dput(dentry);
+
+ /*
+ * We are returning a borrowed reference here - it's only good while
+ * fuse_mutex is held. Actually it's d_make_persistent() return
+ * value...
+ */
return dentry;
}
@@ -345,7 +351,7 @@ static void fuse_ctl_kill_sb(struct super_block *sb)
fuse_control_sb = NULL;
mutex_unlock(&fuse_mutex);
- kill_litter_super(sb);
+ kill_anon_super(sb);
}
static struct file_system_type fuse_ctl_fs_type = {
--
2.47.3
