Miklos Szeredi 6becdb601b fuse: fix control dir setup and teardown ... syzbot is reporting NULL pointer dereference at fuse_ctl_remove_conn() [1]. Since fc->ctl_ndents is incremented by fuse_ctl_add_conn() when new_inode() failed, fuse_ctl_remove_conn() reaches an inode-less dentry and tries to clear d_inode(dentry)->i_private field. Fix by only adding the dentry to the array after being fully set up. When tearing down the control directory, do d_invalidate() on it to get rid of any mounts that might have been added. [1] https://syzkaller.appspot.com/bug?id=f396d863067238959c91c0b7cfc10b163638cac6 Reported-by: syzbot <syzbot+32c236387d66c4516827@syzkaller.appspotmail.com> Fixes: bafa96541b ("[PATCH] fuse: add control filesystem") Cc: <stable@vger.kernel.org> # v2.6.18 Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>		2018-05-31 12:26:10 +02:00
..
acl.c	fuse: Support fuse filesystems outside of init_user_ns	2018-03-20 17:11:44 +01:00
control.c	fuse: fix control dir setup and teardown	2018-05-31 12:26:10 +02:00
cuse.c	fuse: Support fuse filesystems outside of init_user_ns	2018-03-20 17:11:44 +01:00
dev.c	fuse: fix congested state leak on aborted connections	2018-05-31 12:26:10 +02:00
dir.c	fuse: honor AT_STATX_FORCE_SYNC	2018-03-20 17:11:44 +01:00
file.c	vfs: do bulk POLL* -> EPOLL* replacement	2018-02-11 14:34:03 -08:00
fuse_i.h	fuse: Ensure posix acls are translated outside of init_user_ns	2018-05-31 12:26:10 +02:00
inode.c	fuse: Allow fully unprivileged mounts	2018-05-31 12:26:10 +02:00
Kconfig	fuse: Add posix ACL support	2016-10-01 07:32:32 +02:00
Makefile	fuse: Use generic xattr ops	2016-10-01 07:32:32 +02:00
xattr.c	fuse: Ensure posix acls are translated outside of init_user_ns	2018-05-31 12:26:10 +02:00