| To: | Al Viro <viro@xxxxxxxxxxxxxxxxxx> |
|---|---|
| Subject: | Re: inode_permission NULL pointer dereference in 3.13-rc1 |
| From: | Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx> |
| Date: | Fri, 29 Nov 2013 16:18:36 -0800 |
| Cc: | Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx>, Dave Chinner <david@xxxxxxxxxxxxx>, Christoph Hellwig <hch@xxxxxxxxxxxxx>, linux-fsdevel <linux-fsdevel@xxxxxxxxxxxxxxx>, xfs@xxxxxxxxxxx |
| Delivered-to: | xfs@xxxxxxxxxxx |
| Dkim-signature: | v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=Af1WjUxaycR/6/Ui36tgSmlRqo8zPzf6WGskMB9/04A=; b=MGDQ3DG7AgJCIshPplNfdkPpSi2hg0w/XytwgLnFu5gOc8i8XfX1yBfyvw2+YoBp0w ltX57mjaKFri0i4kIkc2u8USVl6XU/tUhUzFJMHd9OxRcV6l38GYSzaP+ymiKna/0MvX +lxLAggFviy/ASHdUlgR1wujeVbfI3wJ1u7o1DzqE+TgbLsnofQzuEvlWJ/+9fjcopiL PH4FYbwShR1syAEHUMn2imdbpHiJ+hW4ltoANMTpoGQbJKk42oHtwRbZDWClUZSY0gS4 xoI/uJYgm5S9QhTpXKwN8pGQnM5ZXh8xJCkj/vmn4XXSEtypfBB5HXmOPZV9CqQxkD6E PIZA== |
| Dkim-signature: | v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux-foundation.org; s=google; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=Af1WjUxaycR/6/Ui36tgSmlRqo8zPzf6WGskMB9/04A=; b=Vli4R+3eJDA0lfzdsUplkJSl2jFSwi8DVNQ2cmPkZyX3iPWUycKm76/AQu/6stClKz UySHBgT4qsNVfNGMfYe0ewKBtGoKLud4F+KAC0LxzshfetwTImJr/evoTZ1B4Td7ylK0 bFhofp/XPqr8SEGo7K/g2kRXCzPVr5XK0gX3Y= |
| In-reply-to: | <20131129235537.GX10323@xxxxxxxxxxxxxxxxxx> |
| References: | <20131128225102.GS10988@dastard> <20131128234441.GQ10323@xxxxxxxxxxxxxxxxxx> <CA+55aFxLZxy75fO4ZXO4Stiu1sMx1q=eJ7HSk-UTCX61jPrirA@xxxxxxxxxxxxxx> <20131129024121.GS10323@xxxxxxxxxxxxxxxxxx> <20131129035939.GT10323@xxxxxxxxxxxxxxxxxx> <20131129040658.GU10323@xxxxxxxxxxxxxxxxxx> <20131129041416.GV10323@xxxxxxxxxxxxxxxxxx> <20131129065941.GW10323@xxxxxxxxxxxxxxxxxx> <20131129194438.GA11052@xxxxxxxxx> <CA+55aFxgPQq_1n8Pv6gmMk+=yX9YkA10y6EpS1ECY8OB8-wFig@xxxxxxxxxxxxxx> <20131129235537.GX10323@xxxxxxxxxxxxxxxxxx> |
| Sender: | linus971@xxxxxxxxx |
On Fri, Nov 29, 2013 at 3:55 PM, Al Viro <viro@xxxxxxxxxxxxxxxxxx> wrote:
>
> Look at the end of vfs_rmdir(); d_delete() in there will turn dentry
> negative if nobody else hold references to it. So yes, dentry of
> directory *can* go negative under you, unless you've grabbed a reference.
> Which we do not do in RCU mode, obviously.
Ugh. Right you are. I thought we tried to avoid that, but clearly we don't.
I wonder if we could try to avoid it, just unhash and kill the dentry.
And then do this all at dentry release time instead (so after the
appropriate RCU grace period). Because it really would be lovely if
d_inode was stable.
But I guess we might have filesystems that expect the synchronous
d_iput() for last use, and maybe there's even some performance
advantage to re-using the dentry for some loads..
Linus
|
| Previous by Date: | Re: inode_permission NULL pointer dereference in 3.13-rc1, Al Viro |
|---|---|
| Next by Date: | [GIT PULL] Re: inode_permission NULL pointer dereference in 3.13-rc1, Theodore Ts'o |
| Previous by Thread: | Re: inode_permission NULL pointer dereference in 3.13-rc1, Al Viro |
| Next by Thread: | [GIT PULL] Re: inode_permission NULL pointer dereference in 3.13-rc1, Theodore Ts'o |
| Indexes: | [Date] [Thread] [Top] [All Lists] |