From: Al Viro <viro@ZenIV.linux.org.uk>
To: Andrew Morton <akpm@linux-foundation.org>
Cc: Djalal Harouni <tixxdz@opendz.org>,
Hugh Dickins <hughd@google.com>,
Minchan Kim <minchan.kim@gmail.com>,
KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>,
Wu Fengguang <fengguang.wu@intel.com>,
linux-mm@kvack.org, linux-kernel@vger.kernel.org,
"J. Bruce Fields" <bfields@fieldses.org>,
Neil Brown <neilb@suse.de>,
Mikulas Patocka <mikulas@artax.karlin.mff.cuni.cz>,
Christoph Hellwig <hch@infradead.org>,
Theodore Ts'o <tytso@mit.edu>,
linux-ext4@vger.kernel.org
Subject: Re: [PATCH] mm: add missing mutex lock arround notify_change
Date: Sat, 17 Dec 2011 22:10:28 +0000 [thread overview]
Message-ID: <20111217221028.GZ2203@ZenIV.linux.org.uk> (raw)
In-Reply-To: <20111217214137.GY2203@ZenIV.linux.org.uk>
On Sat, Dec 17, 2011 at 09:41:37PM +0000, Al Viro wrote:
> xfs and ext4_ioctl() need to be fixed; XFS fix follows, ext4 I'd rather left
> to ext4 folks - I don't know how wide an area needs i_mutex there
Oh, for fsck sake... People, this is *obviously* broken - if nothing else,
removing suid after modifying the file contents is too late. Moreover,
this mext_inode_double_lock() thing is asking for trouble; it's deadlock-free
only because nothing else takes i_mutex on more than one non-directory inode
and does that as the innermost lock. Start calling it for directories
(or have somebody cut'n'paste it and use it for directories) and you've got
a nice, shiny deadlock... BTW, is ordering really needed in
double_down_write_data_sem()? IOW, can we get contention between several
callers of that thing?
>From my reading of that code, all call chains leading to this sucker
are guaranteed to already hold i_mutex on both inodes. If that is true,
we don't need any ordering in double_down_write_data_sem() at all...
AFAICS, the minimal fix is to move file_remove_suid() call into
ext4_move_extents(), just after we have acquired i_mutex in there.
Moreover, I think it should be done to *both* files, since both have
contents modified. And I see no point in making that conditional...
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Fight unfair telecom internet charges in Canada: sign http://stopthemeter.ca/
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
WARNING: multiple messages have this Message-ID (diff)
From: Al Viro <viro@ZenIV.linux.org.uk>
To: Andrew Morton <akpm@linux-foundation.org>
Cc: Djalal Harouni <tixxdz@opendz.org>,
Hugh Dickins <hughd@google.com>,
Minchan Kim <minchan.kim@gmail.com>,
KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>,
Wu Fengguang <fengguang.wu@intel.com>,
linux-mm@kvack.org, linux-kernel@vger.kernel.org,
"J. Bruce Fields" <bfields@fieldses.org>,
Neil Brown <neilb@suse.de>,
Mikulas Patocka <mikulas@artax.karlin.mff.cuni.cz>,
Christoph Hellwig <hch@infradead.org>,
"Theodore Ts'o" <tytso@mit.edu>,
linux-ext4@vger.kernel.org
Subject: Re: [PATCH] mm: add missing mutex lock arround notify_change
Date: Sat, 17 Dec 2011 22:10:28 +0000 [thread overview]
Message-ID: <20111217221028.GZ2203@ZenIV.linux.org.uk> (raw)
In-Reply-To: <20111217214137.GY2203@ZenIV.linux.org.uk>
On Sat, Dec 17, 2011 at 09:41:37PM +0000, Al Viro wrote:
> xfs and ext4_ioctl() need to be fixed; XFS fix follows, ext4 I'd rather left
> to ext4 folks - I don't know how wide an area needs i_mutex there
Oh, for fsck sake... People, this is *obviously* broken - if nothing else,
removing suid after modifying the file contents is too late. Moreover,
this mext_inode_double_lock() thing is asking for trouble; it's deadlock-free
only because nothing else takes i_mutex on more than one non-directory inode
and does that as the innermost lock. Start calling it for directories
(or have somebody cut'n'paste it and use it for directories) and you've got
a nice, shiny deadlock... BTW, is ordering really needed in
double_down_write_data_sem()? IOW, can we get contention between several
callers of that thing?
>From my reading of that code, all call chains leading to this sucker
are guaranteed to already hold i_mutex on both inodes. If that is true,
we don't need any ordering in double_down_write_data_sem() at all...
AFAICS, the minimal fix is to move file_remove_suid() call into
ext4_move_extents(), just after we have acquired i_mutex in there.
Moreover, I think it should be done to *both* files, since both have
contents modified. And I see no point in making that conditional...
next prev parent reply other threads:[~2011-12-17 22:10 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-12-16 11:25 [PATCH] mm: add missing mutex lock arround notify_change Djalal Harouni
2011-12-16 11:25 ` Djalal Harouni
2011-12-16 20:55 ` Andrew Morton
2011-12-16 20:55 ` Andrew Morton
2011-12-16 21:54 ` Djalal Harouni
2011-12-16 21:54 ` Djalal Harouni
2011-12-17 21:41 ` Al Viro
2011-12-17 21:41 ` Al Viro
2011-12-17 22:10 ` Al Viro [this message]
2011-12-17 22:10 ` Al Viro
2011-12-20 22:09 ` Ted Ts'o
2011-12-20 22:09 ` Ted Ts'o
2011-12-20 22:09 ` Ted Ts'o
2011-12-20 22:45 ` Ted Ts'o
2011-12-20 22:45 ` Ted Ts'o
2011-12-19 1:43 ` Dave Chinner
2011-12-19 1:43 ` Dave Chinner
2011-12-19 2:03 ` Al Viro
2011-12-19 2:03 ` Al Viro
2011-12-19 2:06 ` Al Viro
2011-12-19 2:06 ` Al Viro
2011-12-19 5:07 ` Dave Chinner
2011-12-19 5:07 ` Dave Chinner
2011-12-19 4:22 ` Dave Chinner
2011-12-19 4:22 ` Dave Chinner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20111217221028.GZ2203@ZenIV.linux.org.uk \
--to=viro@zeniv.linux.org.uk \
--cc=akpm@linux-foundation.org \
--cc=bfields@fieldses.org \
--cc=fengguang.wu@intel.com \
--cc=hch@infradead.org \
--cc=hughd@google.com \
--cc=kamezawa.hiroyu@jp.fujitsu.com \
--cc=linux-ext4@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=mikulas@artax.karlin.mff.cuni.cz \
--cc=minchan.kim@gmail.com \
--cc=neilb@suse.de \
--cc=tixxdz@opendz.org \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.