From: Al Viro <viro@ZenIV.linux.org.uk>
To: Christoph Hellwig <hch@lst.de>
Cc: James Bottomley <James.Bottomley@HansenPartnership.com>,
Mimi Zohar <zohar@linux.vnet.ibm.com>,
linux-xfs@vger.kernel.org, Dave Chinner <david@fromorbit.com>,
linux-fsdevel <linux-fsdevel@vger.kernel.org>,
linux-kernel <linux-kernel@vger.kernel.org>
Subject: Re: xfs: commit 6552321831dc "xfs: remove i_iolock and use i_rwsem in the VFS inode instead" change causes hang
Date: Sun, 8 Jan 2017 19:26:34 +0000 [thread overview]
Message-ID: <20170108192634.GM1555@ZenIV.linux.org.uk> (raw)
In-Reply-To: <20170108190955.GA1489@lst.de>
On Sun, Jan 08, 2017 at 08:09:55PM +0100, Christoph Hellwig wrote:
> No. We need an ->ima_measure file_operation, guts of process_measurement
> turned into a library function that the FS can call after taking fs-specific
> locks. And maybe also a small wrapper around it that takes ilock and
> can be used directly for file systems not needing special locking.
Incidentally, it had been literally years since the problems with their
pathname handling had been brought up and we *still* have got no answer.
In the current tree, ima_d_path() is quite capable of returning
path->dentry->d_name.name. Which gets used by subsequent code,
even though there is no warranty whatsoever that it won't be
pointing to freed memory by the time the caller of ima_d_path()
gets it.
Could IMA folks be bothered to explain how the hell is that supposed to
work? Note that the race window is *not* narrow - it includes reading the
file contents, for fuck sake! A plenty of time for the file to be
renamed, and if the name had been long enough to be stored separately,
for the original to be freed/reused/whatnot.
Better yet, in ima_collect_measurement() they have another user of
->d_name.name, with all the same issues.
next prev parent reply other threads:[~2017-01-08 19:26 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-01-08 14:48 xfs: commit 6552321831dc "xfs: remove i_iolock and use i_rwsem in the VFS inode instead" change causes hang Mimi Zohar
2017-01-08 14:52 ` Christoph Hellwig
2017-01-08 15:03 ` Mimi Zohar
2017-01-08 15:14 ` Christoph Hellwig
2017-01-08 15:31 ` Mimi Zohar
2017-01-08 15:37 ` Christoph Hellwig
2017-01-08 16:38 ` Mimi Zohar
2017-01-08 16:43 ` Christoph Hellwig
2017-01-08 17:59 ` James Bottomley
2017-01-08 18:18 ` Christoph Hellwig
2017-01-08 18:57 ` James Bottomley
2017-01-08 19:09 ` Christoph Hellwig
2017-01-08 19:26 ` Al Viro [this message]
2017-01-08 20:10 ` Mimi Zohar
2017-01-08 19:39 ` Mimi Zohar
2017-01-09 19:44 ` Jeff Layton
2017-01-10 2:54 ` Mimi Zohar
2017-01-10 16:22 ` Jeff Layton
2017-01-08 19:16 ` Mimi Zohar
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170108192634.GM1555@ZenIV.linux.org.uk \
--to=viro@zeniv.linux.org.uk \
--cc=James.Bottomley@HansenPartnership.com \
--cc=david@fromorbit.com \
--cc=hch@lst.de \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-xfs@vger.kernel.org \
--cc=zohar@linux.vnet.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.