kernfs: fix ino wrap-around detection (e23f568a) · Commits · 戴 / test

When the 32bit ino wraps around, kernfs increments the generation number to distinguish reused ino instances. The wrap-around detection tests whether the allocated ino is lower than what the cursor but the cursor is pointing to the next ino to allocate so the condition never triggers. Fix it by remembering the last ino and comparing against that. Signed-off-by:

Tejun Heo <tj@kernel.org> Reviewed-by:

Greg Kroah-Hartman <gregkh@linuxfoundation.org> Fixes: ("kernfs: implement i_generation") Cc: Namhyung Kim <namhyung@kernel.org> Cc: stable@vger.kernel.org # v4.14+

fs/kernfs/dir.c

+2 −3

Original line number	Diff line number	Diff line
		@@ -622,7 +622,6 @@ static struct kernfs_node __kernfs_new_node(struct kernfs_root root,
		{
		struct kernfs_node *kn;
		u32 gen;
		int cursor;
		int ret;

		name = kstrdup_const(name, GFP_KERNEL);
		@@ -635,11 +634,11 @@ static struct kernfs_node __kernfs_new_node(struct kernfs_root root,

		idr_preload(GFP_KERNEL);
		spin_lock(&kernfs_idr_lock);
		cursor = idr_get_cursor(&root->ino_idr);
		ret = idr_alloc_cyclic(&root->ino_idr, kn, 1, 0, GFP_ATOMIC);
		if (ret >= 0 && ret < cursor)
		if (ret >= 0 && ret < root->last_ino)
		root->next_generation++;
		gen = root->next_generation;
		root->last_ino = ret;
		spin_unlock(&kernfs_idr_lock);
		idr_preload_end();
		if (ret < 0)

include/linux/kernfs.h

+1 −0

Original line number	Diff line number	Diff line
		@@ -187,6 +187,7 @@ struct kernfs_root {

		/* private fields, do not use outside kernfs proper */
		struct idr ino_idr;
		u32 last_ino;
		u32 next_generation;
		struct kernfs_syscall_ops *syscall_ops;

Admin message