From: Joel Becker <Joel.Becker@oracle.com>
To: Louis Rilling <Louis.Rilling@kerlabs.com>
Cc: linux-kernel@vger.kernel.org, ocfs2-devel@oss.oracle.com
Subject: [Ocfs2-devel] configfs: Q: item leak in a failing configfs_attach_group()?
Date: Wed, 25 Jun 2008 19:12:09 -0700 [thread overview]
Message-ID: <20080626021208.GA21801@ca-server1.us.oracle.com> (raw)
In-Reply-To: <20080625095527.GB32036@hawkmoon.kerlabs.com>
On Wed, Jun 25, 2008 at 11:55:27AM +0200, Louis Rilling wrote:
> Back to the two solutions that I've suggested (copy-pasted below), which one
> would you prefer?
God, this is all ugly. You've found so many ugly cases :-(
> If I'm right, two kinds of solutions for issue 1 (new item created while
> attaching a default group hierarchy):
> i/ tag new directories with CONFIGFS_USET_NEW before calling d_instantiate, and
> validate the whole group+default groups hierarchy in a second pass by clearing
> CONFIGFS_USET_NEW
I think this is the right way. We can't d_instantiate() later,
because lower callers use dentry->d_inode, and trying to work around
that would be even uglier!
But can't we just propagate CONFIGFS_USET_MKDIR? That's what's
happening actually. Just set it down in the paths. Then, change like
so:
if (group)
ret = configfs_attach_group(parent_item, item, dentry);
else
ret = configfs_attach_item(parent_item, item, dentry);
spin_lock(&configfs_dirent_lock);
sd->s_type &= ~CONFIGFS_USET_IN_MKDIR;
+ if (!ret)
+ configfs_clear_mkdir_flag(dentry);
spin_unlock(&configfs_dirent_lock);
Right?
> For issue 2/ (detach_item() called without locking the detached item's inode),
> locking the inode before calling detach_item() (as is done from
> configfs_rmdir()), plus a solution for 1/ should be sufficient.
Make sure you lock/unlock in the right place (mirror the
teardown path).
Joel
--
A good programming language should have features that make the
kind of people who use the phrase "software engineering" shake
their heads disapprovingly.
- Paul Graham
Joel Becker
Principal Software Developer
Oracle
E-mail: joel.becker at oracle.com
Phone: (650) 506-8127
WARNING: multiple messages have this Message-ID (diff)
From: Joel Becker <Joel.Becker@oracle.com>
To: Louis Rilling <Louis.Rilling@kerlabs.com>
Cc: linux-kernel@vger.kernel.org, ocfs2-devel@oss.oracle.com
Subject: Re: configfs: Q: item leak in a failing configfs_attach_group()?
Date: Wed, 25 Jun 2008 19:12:09 -0700 [thread overview]
Message-ID: <20080626021208.GA21801@ca-server1.us.oracle.com> (raw)
In-Reply-To: <20080625095527.GB32036@hawkmoon.kerlabs.com>
On Wed, Jun 25, 2008 at 11:55:27AM +0200, Louis Rilling wrote:
> Back to the two solutions that I've suggested (copy-pasted below), which one
> would you prefer?
God, this is all ugly. You've found so many ugly cases :-(
> If I'm right, two kinds of solutions for issue 1 (new item created while
> attaching a default group hierarchy):
> i/ tag new directories with CONFIGFS_USET_NEW before calling d_instantiate, and
> validate the whole group+default groups hierarchy in a second pass by clearing
> CONFIGFS_USET_NEW
I think this is the right way. We can't d_instantiate() later,
because lower callers use dentry->d_inode, and trying to work around
that would be even uglier!
But can't we just propagate CONFIGFS_USET_MKDIR? That's what's
happening actually. Just set it down in the paths. Then, change like
so:
if (group)
ret = configfs_attach_group(parent_item, item, dentry);
else
ret = configfs_attach_item(parent_item, item, dentry);
spin_lock(&configfs_dirent_lock);
sd->s_type &= ~CONFIGFS_USET_IN_MKDIR;
+ if (!ret)
+ configfs_clear_mkdir_flag(dentry);
spin_unlock(&configfs_dirent_lock);
Right?
> For issue 2/ (detach_item() called without locking the detached item's inode),
> locking the inode before calling detach_item() (as is done from
> configfs_rmdir()), plus a solution for 1/ should be sufficient.
Make sure you lock/unlock in the right place (mirror the
teardown path).
Joel
--
A good programming language should have features that make the
kind of people who use the phrase "software engineering" shake
their heads disapprovingly.
- Paul Graham
Joel Becker
Principal Software Developer
Oracle
E-mail: joel.becker@oracle.com
Phone: (650) 506-8127
next prev parent reply other threads:[~2008-06-26 2:12 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-06-24 14:16 [Ocfs2-devel] configfs: Q: item leak in a failing configfs_attach_group()? Louis Rilling
2008-06-24 14:16 ` Louis Rilling
2008-06-24 17:10 ` [Ocfs2-devel] " Joel Becker
2008-06-24 17:10 ` Joel Becker
2008-06-24 18:04 ` [Ocfs2-devel] " Louis Rilling
2008-06-24 18:04 ` Louis Rilling
2008-06-24 21:34 ` [Ocfs2-devel] " Joel Becker
2008-06-24 21:34 ` Joel Becker
2008-06-25 9:55 ` [Ocfs2-devel] " Louis Rilling
2008-06-25 9:55 ` Louis Rilling
2008-06-25 20:20 ` [Ocfs2-devel] " Joel Becker
2008-06-25 20:20 ` Joel Becker
2008-06-25 20:29 ` [Ocfs2-devel] " Joel Becker
2008-06-25 20:29 ` Joel Becker
2008-06-26 2:12 ` Joel Becker [this message]
2008-06-26 2:12 ` Joel Becker
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20080626021208.GA21801@ca-server1.us.oracle.com \
--to=joel.becker@oracle.com \
--cc=Louis.Rilling@kerlabs.com \
--cc=linux-kernel@vger.kernel.org \
--cc=ocfs2-devel@oss.oracle.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.