From mboxrd@z Thu Jan 1 00:00:00 1970 From: Al Viro Subject: Re: [PATCH 1/3] IMA: move read/write counters into struct inode Date: Wed, 20 Oct 2010 04:15:04 +0100 Message-ID: <20101020031504.GA18581@ZenIV.linux.org.uk> References: <20101019011650.25346.99614.stgit@paris.rdu.redhat.com> <1287506215.2530.187.camel@localhost.localdomain> <20101019165530.GT19804@ZenIV.linux.org.uk> <20101019172805.GU19804@ZenIV.linux.org.uk> <20101019191133.GE2447@parisc-linux.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: Linus Torvalds , Eric Paris , linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org, linux-fsdevel@vger.kernel.org, hch@infradead.org, zohar@us.ibm.com, warthog9@kernel.org, david@fromorbit.com, jmorris@namei.org, kyle@mcmartin.ca, hpa@zytor.com, akpm@linux-foundation.org, mingo@elte.hu To: Matthew Wilcox Return-path: Content-Disposition: inline In-Reply-To: <20101019191133.GE2447@parisc-linux.org> Sender: linux-security-module-owner@vger.kernel.org List-Id: linux-fsdevel.vger.kernel.org On Tue, Oct 19, 2010 at 01:11:33PM -0600, Matthew Wilcox wrote: > Hm. Sounds like the same question that the file leases code needs > answered. The important difference is that the leases code can just > refuse to set a lease on inodes with multiple dentries. > > While my mind's on it ... Al, is this code even close to correct? > > if ((arg == F_RDLCK) && (atomic_read(&inode->i_writecount) > 0)) > goto out; > if ((arg == F_WRLCK) > && ((atomic_read(&dentry->d_count) > 1) > || (atomic_read(&inode->i_count) > 1))) > goto out; No. This is complete junk; note that e.g. ls -lR will disrupt it, since lstat(2) will bump dentry refcount. The first part is more or less OK; the second makes no sense. What is it trying to do? Note that the first part also doesn't make a lot of sense, since you could be acquiring a write reference *right* *now*, just as that check passes. And you could finish getting it before you get to do anything else in generic_setlease().