From: Al Viro <viro@ZenIV.linux.org.uk>
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Dave Jones <davej@redhat.com>,
Linux Kernel <linux-kernel@vger.kernel.org>,
"Eric W. Biederman" <ebiederm@xmission.com>
Subject: Re: VFS deadlock ?
Date: Fri, 22 Mar 2013 01:22:08 +0000 [thread overview]
Message-ID: <20130322012208.GJ21522@ZenIV.linux.org.uk> (raw)
In-Reply-To: <CA+55aFz5Ce7h2ja0m++tENXuG-1d346VNu9N=ZKy2UfojaSf0g@mail.gmail.com>
On Thu, Mar 21, 2013 at 05:22:59PM -0700, Linus Torvalds wrote:
> On Thu, Mar 21, 2013 at 5:12 PM, Al Viro <viro@zeniv.linux.org.uk> wrote:
> >
> > What we should do, IMO, is to turn /proc/<pid>/net into a honest symlink -
> > to ../nets/<netns ID>/net. Hell, might even make it a magical symlink
> > instead...
>
> Ok, having seen the error of my ways, I'm starting to agree with you..
> How painful would that be? Especially since we'd need to backport
> it..
Not sure; right now I'm looking through the guts of what procfs had become.
Unfortunately, there are fairly subtle interactions with other shit -
tomoyo, etc. Sigh...
BTW, the variant with d_ancestor() modification is also not enough -
/proc/1/net and /proc/2/net have different inodes, so for the pair
(/proc/net/1, /proc/2/net/stat) d_ancestor() won't trigger
even with this change. And we have /proc/net/1 < /proc/net/1/stat,
since the latter is a subdirectory of the former. With /proc/net/{1,2}/stat
having the same inode...
In theory, we can make vfs_rmdir() and vfs_unlink() check the presense of
the corresponding method before locking the victim; that would suffice to
kludge around that mess on procfs. Along with ->d_inode comparison in
lock_rename() it *might* suffice. OTOH, there are places in fs/dcache.c
where we rely on the lack of such aliases; they might or might not trigger
in case of procfs.
We are talking about the violation of fundamental assert used in
correctness analysis all over the place, unfortunately. The right fix
is to restore it; I'll try to come up with something that could be
reasonably easily backported - the kludge above is a fallback in case if
no real fix turns out to be easy to backport. Assuming that this kludge
is sufficient, that is... For 3.9 and later we *definitely* want to
restore that assertion.
PS: Once more, with feeling, to everyone even thinking of pulling something
like that again:
Hardlinks to directories do not work. Don't do that, or we'll be
sorry, and then so will you.
A Very Peeved BOFH
next prev parent reply other threads:[~2013-03-22 1:22 UTC|newest]
Thread overview: 45+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-03-21 19:06 VFS deadlock ? Dave Jones
2013-03-21 19:21 ` Al Viro
2013-03-21 20:31 ` Dave Jones
2013-03-21 19:29 ` Al Viro
2013-03-21 20:15 ` Linus Torvalds
2013-03-21 20:26 ` Dave Jones
2013-03-21 20:32 ` Linus Torvalds
2013-03-21 20:36 ` Dave Jones
2013-03-21 20:47 ` Al Viro
2013-03-21 21:02 ` Dave Jones
2013-03-21 21:18 ` Linus Torvalds
2013-03-21 21:26 ` Al Viro
2013-03-21 21:41 ` Dave Jones
2013-03-21 21:47 ` Linus Torvalds
2013-03-21 21:55 ` Al Viro
2013-03-21 21:57 ` Linus Torvalds
2013-03-21 22:03 ` Al Viro
2013-03-21 21:52 ` Al Viro
2013-03-21 22:12 ` Dave Jones
2013-03-21 22:29 ` Dave Jones
2013-03-21 22:53 ` Linus Torvalds
2013-03-21 23:07 ` Dave Jones
2013-03-21 23:36 ` Al Viro
2013-03-21 23:58 ` Linus Torvalds
2013-03-22 0:01 ` Linus Torvalds
2013-03-22 0:12 ` Al Viro
2013-03-22 0:20 ` Al Viro
2013-03-22 0:22 ` Linus Torvalds
2013-03-22 1:22 ` Al Viro [this message]
2013-03-22 1:33 ` Linus Torvalds
2013-03-22 1:40 ` Al Viro
2013-03-22 4:37 ` [CFT] " Al Viro
2013-03-22 4:55 ` Linus Torvalds
2013-03-22 5:18 ` Al Viro
2013-03-22 5:33 ` Linus Torvalds
2013-03-22 6:09 ` Al Viro
2013-03-22 6:22 ` Al Viro
2013-03-22 16:23 ` Dave Jones
2013-03-22 19:43 ` Linus Torvalds
2013-03-22 21:28 ` Al Viro
2013-03-22 22:57 ` Eric W. Biederman
2013-03-22 5:19 ` Linus Torvalds
2013-03-22 0:08 ` Al Viro
2013-03-22 0:15 ` Linus Torvalds
2013-03-22 0:19 ` Linus Torvalds
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20130322012208.GJ21522@ZenIV.linux.org.uk \
--to=viro@zeniv.linux.org.uk \
--cc=davej@redhat.com \
--cc=ebiederm@xmission.com \
--cc=linux-kernel@vger.kernel.org \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.