From mboxrd@z Thu Jan  1 00:00:00 1970
From: Christoph Hellwig <hch@lst.de>
Subject: Re: Patch "fs: use RCU read side protection in d_validate" broken
Date: Mon, 15 Nov 2010 22:09:06 +0100
Message-ID: <20101115210906.GA5964@lst.de>
References: <20101115051120.GA4092@amd>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Cc: Linus Torvalds <torvalds@linux-foundation.org>,
	Christoph Hellwig <hch@lst.de>,
	Al Viro <viro@ZenIV.linux.org.uk>,
	linux-fsdevel@vger.kernel.org
To: Nick Piggin <npiggin@kernel.dk>
Return-path: <linux-fsdevel-owner@vger.kernel.org>
Received: from verein.lst.de ([213.95.11.210]:53881 "EHLO verein.lst.de"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1758416Ab0KOVJN (ORCPT <rfc822;linux-fsdevel@vger.kernel.org>);
	Mon, 15 Nov 2010 16:09:13 -0500
Content-Disposition: inline
In-Reply-To: <20101115051120.GA4092@amd>
Sender: linux-fsdevel-owner@vger.kernel.org
List-ID: <linux-fsdevel.vger.kernel.org>

On Mon, Nov 15, 2010 at 04:11:20PM +1100, Nick Piggin wrote:
> This patch is totally broken. You can't just dget() a dentry with
> nothing but RCU critical section open.

The plain dget is indeed wrong as we should at least take d_lock
and check d_count for zero before incrementing it to protect
against shrink_dentry_list.  

I'm not quite sure it really matters as d_validate already has
and always ad much worse bugs, such as the complete lack of
protection against renames.

Anyway, I'll send a patch to Linus to fix this issue for now.