In case of FUSE_NOTIFY_RESEND and FUSE_NOTIFY_INC_EPOCH fuse_copy_finish() isn't called.
Fix by always calling fuse_copy_finish() after fuse_notify(). It's a no-op if called a second time.
Fixes: 760eac73f9f6 ("fuse: Introduce a new notification type for resend pending requests") Fixes: 2396356a945b ("fuse: add more control over cache invalidation behaviour") Cc: stable@vger.kernel.org # v6.9 Signed-off-by: Miklos Szeredi mszeredi@redhat.com --- fs/fuse/dev.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/fuse/dev.c b/fs/fuse/dev.c index df793003eb0c..85d05a5e40e9 100644 --- a/fs/fuse/dev.c +++ b/fs/fuse/dev.c @@ -2178,7 +2178,7 @@ static ssize_t fuse_dev_do_write(struct fuse_dev *fud, */ if (!oh.unique) { err = fuse_notify(fc, oh.error, nbytes - sizeof(oh), cs); - goto out; + goto copy_finish; }
err = -EINVAL;
On Tue, Sep 2, 2025 at 7:44 AM Miklos Szeredi mszeredi@redhat.com wrote:
In case of FUSE_NOTIFY_RESEND and FUSE_NOTIFY_INC_EPOCH fuse_copy_finish() isn't called.
Fix by always calling fuse_copy_finish() after fuse_notify(). It's a no-op if called a second time.
Fixes: 760eac73f9f6 ("fuse: Introduce a new notification type for resend pending requests") Fixes: 2396356a945b ("fuse: add more control over cache invalidation behaviour") Cc: stable@vger.kernel.org # v6.9 Signed-off-by: Miklos Szeredi mszeredi@redhat.com
Reviewed-by: Joanne Koong joannelkoong@gmail.com
fs/fuse/dev.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/fuse/dev.c b/fs/fuse/dev.c index df793003eb0c..85d05a5e40e9 100644 --- a/fs/fuse/dev.c +++ b/fs/fuse/dev.c @@ -2178,7 +2178,7 @@ static ssize_t fuse_dev_do_write(struct fuse_dev *fud, */ if (!oh.unique) { err = fuse_notify(fc, oh.error, nbytes - sizeof(oh), cs);
goto out;
goto copy_finish; } err = -EINVAL;-- 2.49.0
linux-stable-mirror@lists.linaro.org
-
Joanne Koong -
Miklos Szeredi