From: Al Viro <viro@zeniv.linux.org.uk>
To: David Howells <dhowells@redhat.com>
Cc: linux-fsdevel@vger.kernel.org, agruenba@redhat.com,
amir73il@gmail.com, brauner@kernel.org,
ceph-devel@vger.kernel.org, hubcap@omnibond.com, jack@suse.cz,
krisman@kernel.org, linux-nfs@vger.kernel.org, miklos@szeredi.hu,
torvalds@linux-foundation.org
Subject: Re: [PATCH v2 08/20] afs_d_revalidate(): use stable name and parent inode passed by caller
Date: Wed, 22 Jan 2025 21:24:56 +0000 [thread overview]
Message-ID: <20250122212456.GA1977892@ZenIV> (raw)
In-Reply-To: <20250122210124.GZ1977892@ZenIV>
On Wed, Jan 22, 2025 at 09:01:24PM +0000, Al Viro wrote:
> On Wed, Jan 22, 2025 at 08:27:41PM +0000, David Howells wrote:
> > Al Viro <viro@zeniv.linux.org.uk> wrote:
> >
> > > - _enter("{%lu},%p{%pd},", dir->i_ino, dentry, dentry);
> > > + _enter("{%lu},{%s},", dir->i_ino, name->name);
> >
> > I don't think that name->name is guaranteed to be NUL-terminated after
> > name->len characters. The following:
> >
> > _enter("{%lu},{%*s},", dir->i_ino, name->len, name->name);
> >
> > might be better, though:
> >
> > _enter("{%lu},{%*.*s},", dir->i_ino, name->len, name->len, name->name);
> >
> > might be necessary.
>
> Good catch (and that definitely needs to be documented in previous commit),
> but what's wrong with
> _enter("{%lu},{%.*s},", dir->i_ino, name->len, name->name);
IOW, are you OK with the following?
commit bf61e4013ab1cb9a819303faca018e7b7cbaf3e7
Author: Al Viro <viro@zeniv.linux.org.uk>
Date: Fri Jan 3 00:27:27 2025 -0500
afs_d_revalidate(): use stable name and parent inode passed by caller
No need to bother with boilerplate for obtaining the latter and for
the former we really should not count upon ->d_name.name remaining
stable under us.
Reviewed-by: Jeff Layton <jlayton@kernel.org>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
diff --git a/fs/afs/dir.c b/fs/afs/dir.c
index 9780013cd83a..e04cffe4beb1 100644
--- a/fs/afs/dir.c
+++ b/fs/afs/dir.c
@@ -607,19 +607,19 @@ static bool afs_lookup_one_filldir(struct dir_context *ctx, const char *name,
* Do a lookup of a single name in a directory
* - just returns the FID the dentry name maps to if found
*/
-static int afs_do_lookup_one(struct inode *dir, struct dentry *dentry,
+static int afs_do_lookup_one(struct inode *dir, const struct qstr *name,
struct afs_fid *fid, struct key *key,
afs_dataversion_t *_dir_version)
{
struct afs_super_info *as = dir->i_sb->s_fs_info;
struct afs_lookup_one_cookie cookie = {
.ctx.actor = afs_lookup_one_filldir,
- .name = dentry->d_name,
+ .name = *name,
.fid.vid = as->volume->vid
};
int ret;
- _enter("{%lu},%p{%pd},", dir->i_ino, dentry, dentry);
+ _enter("{%lu},{%.*s},", dir->i_ino, name->len, name->name);
/* search the directory */
ret = afs_dir_iterate(dir, &cookie.ctx, key, _dir_version);
@@ -1052,21 +1052,12 @@ static struct dentry *afs_lookup(struct inode *dir, struct dentry *dentry,
/*
* Check the validity of a dentry under RCU conditions.
*/
-static int afs_d_revalidate_rcu(struct dentry *dentry)
+static int afs_d_revalidate_rcu(struct afs_vnode *dvnode, struct dentry *dentry)
{
- struct afs_vnode *dvnode;
- struct dentry *parent;
- struct inode *dir;
long dir_version, de_version;
_enter("%p", dentry);
- /* Check the parent directory is still valid first. */
- parent = READ_ONCE(dentry->d_parent);
- dir = d_inode_rcu(parent);
- if (!dir)
- return -ECHILD;
- dvnode = AFS_FS_I(dir);
if (test_bit(AFS_VNODE_DELETED, &dvnode->flags))
return -ECHILD;
@@ -1097,9 +1088,8 @@ static int afs_d_revalidate_rcu(struct dentry *dentry)
static int afs_d_revalidate(struct inode *parent_dir, const struct qstr *name,
struct dentry *dentry, unsigned int flags)
{
- struct afs_vnode *vnode, *dir;
+ struct afs_vnode *vnode, *dir = AFS_FS_I(parent_dir);
struct afs_fid fid;
- struct dentry *parent;
struct inode *inode;
struct key *key;
afs_dataversion_t dir_version, invalid_before;
@@ -1107,7 +1097,7 @@ static int afs_d_revalidate(struct inode *parent_dir, const struct qstr *name,
int ret;
if (flags & LOOKUP_RCU)
- return afs_d_revalidate_rcu(dentry);
+ return afs_d_revalidate_rcu(dir, dentry);
if (d_really_is_positive(dentry)) {
vnode = AFS_FS_I(d_inode(dentry));
@@ -1122,14 +1112,9 @@ static int afs_d_revalidate(struct inode *parent_dir, const struct qstr *name,
if (IS_ERR(key))
key = NULL;
- /* Hold the parent dentry so we can peer at it */
- parent = dget_parent(dentry);
- dir = AFS_FS_I(d_inode(parent));
-
/* validate the parent directory */
ret = afs_validate(dir, key);
if (ret == -ERESTARTSYS) {
- dput(parent);
key_put(key);
return ret;
}
@@ -1157,7 +1142,7 @@ static int afs_d_revalidate(struct inode *parent_dir, const struct qstr *name,
afs_stat_v(dir, n_reval);
/* search the directory for this vnode */
- ret = afs_do_lookup_one(&dir->netfs.inode, dentry, &fid, key, &dir_version);
+ ret = afs_do_lookup_one(&dir->netfs.inode, name, &fid, key, &dir_version);
switch (ret) {
case 0:
/* the filename maps to something */
@@ -1201,22 +1186,19 @@ static int afs_d_revalidate(struct inode *parent_dir, const struct qstr *name,
goto out_valid;
default:
- _debug("failed to iterate dir %pd: %d",
- parent, ret);
+ _debug("failed to iterate parent %pd2: %d", dentry, ret);
goto not_found;
}
out_valid:
dentry->d_fsdata = (void *)(unsigned long)dir_version;
out_valid_noupdate:
- dput(parent);
key_put(key);
_leave(" = 1 [valid]");
return 1;
not_found:
_debug("dropping dentry %pd2", dentry);
- dput(parent);
key_put(key);
_leave(" = 0 [bad]");
next prev parent reply other threads:[~2025-01-22 21:24 UTC|newest]
Thread overview: 96+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-01-10 2:38 [PATCHES][RFC][CFT] ->d_revalidate() calling conventions changes (->d_parent/->d_name stability problems) Al Viro
2025-01-10 2:42 ` [PATCH 01/20] make sure that DNAME_INLINE_LEN is a multiple of word size Al Viro
2025-01-10 2:42 ` [PATCH 02/20] dcache: back inline names with a struct-wrapped array of unsigned long Al Viro
2025-01-10 9:35 ` Jan Kara
2025-01-10 16:24 ` Al Viro
2025-01-10 2:42 ` [PATCH 03/20] make take_dentry_name_snapshot() lockless Al Viro
2025-01-10 9:45 ` Jan Kara
2025-01-10 2:42 ` [PATCH 04/20] dissolve external_name.u into separate members Al Viro
2025-01-10 7:34 ` David Howells
2025-01-10 16:46 ` Al Viro
2025-01-10 2:42 ` [PATCH 05/20] ext4 fast_commit: make use of name_snapshot primitives Al Viro
2025-01-10 9:15 ` Jan Kara
2025-01-10 2:42 ` [PATCH 06/20] generic_ci_d_compare(): use shortname_storage Al Viro
2025-01-10 2:42 ` [PATCH 07/20] Pass parent directory inode and expected name to ->d_revalidate() Al Viro
2025-01-10 2:42 ` [PATCH 08/20] afs_d_revalidate(): use stable name and parent inode passed by caller Al Viro
2025-01-10 2:42 ` [PATCH 09/20] ceph_d_revalidate(): use stable " Al Viro
2025-01-10 19:45 ` Viacheslav Dubeyko
2025-01-10 2:42 ` [PATCH 10/20] ceph_d_revalidate(): propagate stable name down into request enconding Al Viro
2025-01-10 2:42 ` [PATCH 11/20] fscrypt_d_revalidate(): use stable parent inode passed by caller Al Viro
2025-01-10 2:42 ` [PATCH 12/20] exfat_d_revalidate(): " Al Viro
2025-01-10 2:42 ` [PATCH 13/20] vfat_revalidate{,_ci}(): " Al Viro
2025-01-10 2:42 ` [PATCH 14/20] fuse_dentry_revalidate(): use stable parent inode and name " Al Viro
2025-01-10 2:42 ` [PATCH 15/20] gfs2_drevalidate(): " Al Viro
2025-01-10 19:20 ` Andreas Grünbacher
2025-01-10 2:42 ` [PATCH 16/20] nfs{,4}_lookup_validate(): use stable parent inode " Al Viro
2025-01-10 2:43 ` [PATCH 17/20] nfs: fix ->d_revalidate() UAF on ->d_name accesses Al Viro
2025-01-10 2:43 ` [PATCH 18/20] ocfs2_dentry_revalidate(): use stable parent inode and name passed by caller Al Viro
2025-01-10 9:54 ` Jan Kara
2025-01-10 2:43 ` [PATCH 19/20] orangefs_d_revalidate(): " Al Viro
2025-01-10 3:06 ` Linus Torvalds
2025-01-10 2:43 ` [PATCH 20/20] 9p: fix ->rename_sem exclusion Al Viro
2025-01-10 3:11 ` Linus Torvalds
2025-01-10 5:53 ` Al Viro
2025-01-10 9:21 ` [PATCH 01/20] make sure that DNAME_INLINE_LEN is a multiple of word size Jan Kara
2025-01-16 5:21 ` [PATCHES v2][RFC][CFT] ->d_revalidate() calling conventions changes (->d_parent/->d_name stability problems) Al Viro
2025-01-16 5:22 ` [PATCH v2 01/20] make sure that DNAME_INLINE_LEN is a multiple of word size Al Viro
2025-01-16 5:22 ` [PATCH v2 02/20] dcache: back inline names with a struct-wrapped array of unsigned long Al Viro
2025-01-16 5:23 ` [PATCH v2 03/20] make take_dentry_name_snapshot() lockless Al Viro
2025-01-16 5:23 ` [PATCH v2 04/20] dissolve external_name.u into separate members Al Viro
2025-01-16 10:06 ` Jan Kara
2025-01-16 5:23 ` [PATCH v2 05/20] ext4 fast_commit: make use of name_snapshot primitives Al Viro
2025-01-16 5:23 ` [PATCH v2 06/20] generic_ci_d_compare(): use shortname_storage Al Viro
2025-01-16 15:38 ` Gabriel Krisman Bertazi
2025-01-16 15:46 ` Al Viro
2025-01-16 15:53 ` Gabriel Krisman Bertazi
2025-01-16 5:23 ` [PATCH v2 07/20] Pass parent directory inode and expected name to ->d_revalidate() Al Viro
2025-01-16 15:15 ` Gabriel Krisman Bertazi
2025-01-17 18:55 ` Jeff Layton
2025-01-17 19:00 ` Al Viro
2025-01-16 5:23 ` [PATCH v2 08/20] afs_d_revalidate(): use stable name and parent inode passed by caller Al Viro
2025-01-22 20:27 ` David Howells
2025-01-22 21:01 ` Al Viro
2025-01-22 21:24 ` Al Viro [this message]
2025-01-22 21:55 ` David Howells
2025-01-16 5:23 ` [PATCH v2 09/20] ceph_d_revalidate(): use stable " Al Viro
2025-01-17 18:35 ` Jeff Layton
2025-01-16 5:23 ` [PATCH v2 10/20] ceph_d_revalidate(): propagate stable name down into request enconding Al Viro
2025-01-17 18:35 ` Jeff Layton
2025-01-16 5:23 ` [PATCH v2 11/20] fscrypt_d_revalidate(): use stable parent inode passed by caller Al Viro
2025-01-17 15:20 ` Jeff Layton
2025-01-16 5:23 ` [PATCH v2 12/20] exfat_d_revalidate(): " Al Viro
2025-01-16 5:23 ` [PATCH v2 13/20] vfat_revalidate{,_ci}(): " Al Viro
2025-01-17 15:22 ` Jeff Layton
2025-01-16 5:23 ` [PATCH v2 14/20] fuse_dentry_revalidate(): use stable parent inode and name " Al Viro
2025-01-17 15:18 ` Jeff Layton
2025-01-16 5:23 ` [PATCH v2 15/20] gfs2_drevalidate(): " Al Viro
2025-01-16 5:23 ` [PATCH v2 16/20] nfs{,4}_lookup_validate(): use stable parent inode " Al Viro
2025-01-17 14:05 ` Jeff Layton
2025-01-16 5:23 ` [PATCH v2 17/20] nfs: fix ->d_revalidate() UAF on ->d_name accesses Al Viro
2025-01-17 15:12 ` Jeff Layton
2025-01-16 5:23 ` [PATCH v2 18/20] ocfs2_dentry_revalidate(): use stable parent inode and name passed by caller Al Viro
2025-01-16 5:23 ` [PATCH v2 19/20] orangefs_d_revalidate(): " Al Viro
2025-01-16 5:23 ` [PATCH v2 20/20] 9p: fix ->rename_sem exclusion Al Viro
2025-01-23 1:45 ` [PATCHES v3][RFC][CFT] ->d_revalidate() calling conventions changes (->d_parent/->d_name stability problems) Al Viro
2025-01-23 1:46 ` [PATCH v3 01/20] make sure that DNAME_INLINE_LEN is a multiple of word size Al Viro
2025-01-23 1:46 ` [PATCH v3 02/20] dcache: back inline names with a struct-wrapped array of unsigned long Al Viro
2025-01-23 1:46 ` [PATCH v3 03/20] make take_dentry_name_snapshot() lockless Al Viro
2025-01-23 1:46 ` [PATCH v3 04/20] dissolve external_name.u into separate members Al Viro
2025-01-23 1:46 ` [PATCH v3 05/20] ext4 fast_commit: make use of name_snapshot primitives Al Viro
2025-01-23 1:46 ` [PATCH v3 06/20] generic_ci_d_compare(): use shortname_storage Al Viro
2025-01-23 1:46 ` [PATCH v3 07/20] Pass parent directory inode and expected name to ->d_revalidate() Al Viro
2025-01-23 1:46 ` [PATCH v3 08/20] afs_d_revalidate(): use stable name and parent inode passed by caller Al Viro
2025-01-23 1:46 ` [PATCH v3 09/20] ceph_d_revalidate(): use stable " Al Viro
2025-01-23 1:46 ` [PATCH v3 10/20] ceph_d_revalidate(): propagate stable name down into request encoding Al Viro
2025-01-23 1:46 ` [PATCH v3 11/20] fscrypt_d_revalidate(): use stable parent inode passed by caller Al Viro
2025-01-23 1:46 ` [PATCH v3 12/20] exfat_d_revalidate(): " Al Viro
2025-01-23 1:46 ` [PATCH v3 13/20] vfat_revalidate{,_ci}(): " Al Viro
2025-01-23 1:46 ` [PATCH v3 14/20] fuse_dentry_revalidate(): use stable parent inode and name " Al Viro
2025-01-23 10:51 ` Miklos Szeredi
2025-01-23 1:46 ` [PATCH v3 15/20] gfs2_drevalidate(): " Al Viro
2025-01-23 1:46 ` [PATCH v3 16/20] nfs{,4}_lookup_validate(): use stable parent inode " Al Viro
2025-01-23 1:46 ` [PATCH v3 17/20] nfs: fix ->d_revalidate() UAF on ->d_name accesses Al Viro
2025-01-23 1:46 ` [PATCH v3 18/20] ocfs2_dentry_revalidate(): use stable parent inode and name passed by caller Al Viro
2025-01-23 1:46 ` [PATCH v3 19/20] orangefs_d_revalidate(): " Al Viro
2025-01-25 16:25 ` Mike Marshall
2025-01-23 1:46 ` [PATCH v3 20/20] 9p: fix ->rename_sem exclusion Al Viro
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250122212456.GA1977892@ZenIV \
--to=viro@zeniv.linux.org.uk \
--cc=agruenba@redhat.com \
--cc=amir73il@gmail.com \
--cc=brauner@kernel.org \
--cc=ceph-devel@vger.kernel.org \
--cc=dhowells@redhat.com \
--cc=hubcap@omnibond.com \
--cc=jack@suse.cz \
--cc=krisman@kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-nfs@vger.kernel.org \
--cc=miklos@szeredi.hu \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).