From mboxrd@z Thu Jan  1 00:00:00 1970
From: Andi Kleen <andi-Vw/NltI1exuRpAAqCnN02g@public.gmane.org>
Subject: Re: [patch 01/28] fs: d_validate fixes
Date: Wed, 17 Nov 2010 11:44:16 +0100
Message-ID: <87bp5orzzz.fsf@basil.nowhere.org>
References: <20101116140900.039761100@kernel.dk>
	<20101116142028.254946611@kernel.dk>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Cc: linux-fsdevel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org, linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
	linux-nfs-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
To: Nick Piggin <npiggin-tSWWG44O7X1aa/9Udqfwiw@public.gmane.org>
Return-path: <linux-nfs-owner-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>
In-Reply-To: <20101116142028.254946611-tSWWG44O7X1aa/9Udqfwiw@public.gmane.org> (Nick Piggin's message of
	"Wed, 17 Nov 2010 01:09:01 +1100")
Sender: linux-nfs-owner-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
List-Id: linux-fsdevel.vger.kernel.org

Nick Piggin <npiggin-tSWWG44O7X1aa/9Udqfwiw@public.gmane.org> writes:

> d_validate has been broken for a long time.
>
> kmem_ptr_validate does not guarantee that a pointer can be dereferenced
> if it can go away at any time. Even rcu_read_lock doesn't help, because
> the pointer might be queued in RCU callbacks but not executed yet.

I wonder if that is a problem for NFS ... (which I believe is the only
user). Could these races be used to break the NFS server?

-Andi
-- 
ak-VuQAYsv1563Yd54FQh9/CA@public.gmane.org -- Speaking for myself only.
--
To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html