On Thu, Jun 12, 2025 at 10:43 AM Fan Wu <wufan@xxxxxxxxxx> wrote: > > On Wed, Jun 11, 2025 at 8:12 PM Al Viro <viro@xxxxxxxxxxxxxxxxxx> wrote: > > > > ... and use securityfs_remove() instead of securityfs_recursive_remove() > > > > Signed-off-by: Al Viro <viro@xxxxxxxxxxxxxxxxxx> > > --- > > security/ipe/fs.c | 32 ++++++++++++-------------------- > > security/ipe/policy_fs.c | 4 ++-- > > 2 files changed, 14 insertions(+), 22 deletions(-) > > > > Acked-by: Fan Wu <wufan@xxxxxxxxxx> > > These changes look good to me. I ran our ipe test suite and it works well. > > However, I didn't try fault injection to trigger the dentry creation > failure. I will try it later. > I tried tracing the reference count with and without this patch set. I found that without the patch, there were indeed dentry leaks in the ipe policy folder, and this patch set has successfully fixed them. -Fan
