summaryrefslogtreecommitdiffstats
path: root/fs/fuse
diff options
context:
space:
mode:
authorMiklos Szeredi <mszeredi@redhat.com>2022-04-20 16:05:41 +0200
committerMiklos Szeredi <mszeredi@redhat.com>2022-07-21 16:02:45 +0200
commit035ff33cf4db101250fb980a3941bf078f37a544 (patch)
tree0fda3aa19a62f49540903c49112ec03bc58e3c5d /fs/fuse
parentLinux 5.19-rc1 (diff)
downloadlinux-035ff33cf4db101250fb980a3941bf078f37a544.tar.xz
linux-035ff33cf4db101250fb980a3941bf078f37a544.zip
fuse: write inode in fuse_release()
A race between write(2) and close(2) allows pages to be dirtied after fuse_flush -> write_inode_now(). If these pages are not flushed from fuse_release(), then there might not be a writable open file later. So any remaining dirty pages must be written back before the file is released. This is a partial revert of the blamed commit. Reported-by: syzbot+6e1efbd8efaaa6860e91@syzkaller.appspotmail.com Fixes: 36ea23374d1f ("fuse: write inode in fuse_vma_close() instead of fuse_release()") Cc: <stable@vger.kernel.org> # v5.16 Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Diffstat (limited to 'fs/fuse')
-rw-r--r--fs/fuse/file.c9
1 files changed, 9 insertions, 0 deletions
diff --git a/fs/fuse/file.c b/fs/fuse/file.c
index 05caa2b9272e..60885ff9157c 100644
--- a/fs/fuse/file.c
+++ b/fs/fuse/file.c
@@ -338,6 +338,15 @@ static int fuse_open(struct inode *inode, struct file *file)
static int fuse_release(struct inode *inode, struct file *file)
{
+ struct fuse_conn *fc = get_fuse_conn(inode);
+
+ /*
+ * Dirty pages might remain despite write_inode_now() call from
+ * fuse_flush() due to writes racing with the close.
+ */
+ if (fc->writeback_cache)
+ write_inode_now(inode, 1);
+
fuse_release_common(file, false);
/* return value is ignored by VFS */