Re: [PATCH 6.6.y v2 2/3] ksmbd: add durable scavenger timer

Next message: Baolin Wang: "Re: [PATCH v1 5/5] mm/shmem: optimize file read with folio batching"
Previous message: bot+bpf-ci: "Re: [RFC PATCH bpf-next v7 07/11] mm/bpf: Add bpf_try_to_free_mem_cgroup_pages kfunc"
In reply to: Namjae Jeon: "Re: [PATCH 6.6.y v2 2/3] ksmbd: add durable scavenger timer"
Next in thread: Namjae Jeon: "Re: [PATCH 6.6.y v2 2/3] ksmbd: add durable scavenger timer"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Alva Lan

Date: Mon May 25 2026 - 23:09:28 EST

On 5/26/2026 10:22 AM, Namjae Jeon wrote:

@@ -817,6 +968,7 @@ int ksmbd_reopen_durable_fd(struct ksmbd_work
*work, struct ksmbd_file *fp)
}
up_write(&ci->m_lock);
+ fp->f_state = FP_NEW;
__open_id(&work->sess->file_table, fp, OPEN_ID_TYPE_VOLATILE_ID);
You seem to have missed this change above.

I remove this line for:
fp->f_state = FP_NEW was moved the beginning of ksmbd_reopen_durable_fd ()
in upstream commit 235e32320a47 ("ksmbd: fix use-after-free in __ksmbd_close_fd() via durable scavenger")
in v7.1. This upstream commit 235e32320a47 have been backported into v6.6 [1] before this patch,
some code snippets:
@@ -855,9 +867,23 @@ int ksmbd_reopen_durable_fd(struct ksmbd_work *work, struct ksmbd_file *fp)
return -EBADF;
}

- fp->conn = work->conn;
+ old_f_state = fp->f_state;
+ fp->f_state = FP_NEW;
+ __open_id(&work->sess->file_table, fp, OPEN_ID_TYPE_VOLATILE_ID);
+ if (!has_file_id(fp->volatile_id)) {
+ fp->f_state = old_f_state;
+ return -EBADF;
+ }
+
+ fp->conn = conn;
fp->tcon = work->tcon;

[1] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=0000a7780e0e446a28a273572f6ea8f7f582f694

int ksmbd_validate_name_reconnect(struct ksmbd_share_config *share,
@@ -934,6 +1085,8 @@ int ksmbd_init_file_cache(void)
if (!filp_cache)
goto out;

+ init_waitqueue_head(&dh_wq);
+
return 0;