On Thu, Jun 12, 2025 at 10:43 AM Fan Wu <wu...@kernel.org> wrote: > > On Wed, Jun 11, 2025 at 8:12 PM Al Viro <v...@zeniv.linux.org.uk> wrote: > > > > ... and use securityfs_remove() instead of securityfs_recursive_remove() > > > > Signed-off-by: Al Viro <v...@zeniv.linux.org.uk> > > --- > > security/ipe/fs.c | 32 ++++++++++++-------------------- > > security/ipe/policy_fs.c | 4 ++-- > > 2 files changed, 14 insertions(+), 22 deletions(-) > > > > Acked-by: Fan Wu <wu...@kernel.org> > > These changes look good to me. I ran our ipe test suite and it works well. > > However, I didn't try fault injection to trigger the dentry creation > failure. I will try it later. >
I tried tracing the reference count with and without this patch set. I found that without the patch, there were indeed dentry leaks in the ipe policy folder, and this patch set has successfully fixed them. -Fan
