tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

fuse: abort on fatal signal during sync init

When sync init is used and the server exits for some reason (error, crash)
while processing FUSE_INIT, the filesystem creation will hang. The reason
is that while all other threads will exit, the mounting thread (or process)
will keep the device fd open, which will prevent an abort from happening.

This is a regression from the async mount case, where the mount was done
first, and the FUSE_INIT processing afterwards, in which case there's no
such recursive syscall keeping the fd open.

Fixes: dfb84c330794 ("fuse: allow synchronous FUSE_INIT")
Cc: stable@vger.kernel.org # v6.18
Reviewed-by: Joanne Koong <joannelkoong@gmail.com>
Reviewed-by: Bernd Schubert <bernd@bsbernd.com>
Reviewed-by: "Darrick J. Wong" <djwong@kernel.org>
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>

Miklos Szeredi 204aa22a 5a6baf20

+9 -1
+7 -1
fs/fuse/dev.c
··· 570 570 if (!err) 571 571 return; 572 572 573 + if (req->args->abort_on_kill) { 574 + fuse_abort_conn(fc); 575 + return; 576 + } 577 + 573 578 if (test_bit(FR_URING, &req->flags)) 574 579 removed = fuse_uring_remove_pending_req(req); 575 580 else ··· 681 676 fuse_force_creds(req); 682 677 683 678 __set_bit(FR_WAITING, &req->flags); 684 - __set_bit(FR_FORCE, &req->flags); 679 + if (!args->abort_on_kill) 680 + __set_bit(FR_FORCE, &req->flags); 685 681 } else { 686 682 WARN_ON(args->nocreds); 687 683 req = fuse_get_req(idmap, fm, false);
+1
fs/fuse/fuse_i.h
··· 345 345 bool is_ext:1; 346 346 bool is_pinned:1; 347 347 bool invalidate_vmap:1; 348 + bool abort_on_kill:1; 348 349 struct fuse_in_arg in_args[4]; 349 350 struct fuse_arg out_args[2]; 350 351 void (*end)(struct fuse_mount *fm, struct fuse_args *args, int error);
+1
fs/fuse/inode.c
··· 1551 1551 int err; 1552 1552 1553 1553 if (fm->fc->sync_init) { 1554 + ia->args.abort_on_kill = true; 1554 1555 err = fuse_simple_request(fm, &ia->args); 1555 1556 /* Ignore size of init reply */ 1556 1557 if (err > 0)