From: Roman Zippel <zippel@linux-m68k.org>
To: Alexander Viro <viro@math.psu.edu>
Cc: Roman Zippel <zippel@fh-brandenburg.de>,
Linus Torvalds <torvalds@transmeta.com>,
linux-kernel@vger.kernel.org
Subject: Re: Races in affs_unlink(), affs_rmdir() and affs_rename()
Date: Sun, 22 Apr 2001 00:16:12 +0200 [thread overview]
Message-ID: <3AE206AC.E196AEBA@linux-m68k.org> (raw)
In-Reply-To: <Pine.GSO.4.21.0104211457420.25186-100000@weyl.math.psu.edu>
Hi,
Alexander Viro wrote:
> unlink("/B/b") locks /B, removes "b" and unlocks /B. Then it calls
> affs_remove_link(), which blocks.
>
> unlink("/A/a") locks /A, removes "a" and unlocks /A. Then it calls
> affs_remove_link(). Which locks /B, renames removed entry into "b",
> removes old "b" and inserts renamed "a" into /B.
>
> The rest is irrelevant - we're already in it.
Thanks for finding that one, but it should be easy to fix. I can remove
the parent pointer in aff_remove_hash and check for that before I try to
rename that entry.
> Since you don't lock /B for affs_empty_dir(), you can hit the
> window between removing old /B/a and inserting renamed /A/a into /B.
> Notice that VFS _does_ lock /B (->i_zombie), but affs_remove_link()
> for /A/a doesn't even look at it.
I thought about that one and I know it should be locked. The reason I
don't do right now is, that affs supports hardlinks to dirs. The problem
are especially recursive links, e.g.:
mkdir A
ln A A/B
rm A/B
This is possible with affs, but will already deadlock in vfs.
mkdir A
mkdir A/B
ln A A/B/C
rm A/B/C/A &
rm A/B/C &
rm A/B
Every rm already takes the hash lock of the parent and then I can't
simply also take the hash lock of the dir itself. What I actually want
to do is to insert a reverse is_subdir() check before taking the lock.
On the other hand I was thinking whether I should allow links to dirs at
all and just show them as empty/readonly dirs. For 2.4 that's probably
safer, as it would require a lot of locking changes in vfs and the other
fs to support this properly, particularly moving most of the locking
from vfs into the fs.
bye, Roman
next prev parent reply other threads:[~2001-04-21 22:16 UTC|newest]
Thread overview: 48+ messages / expand[flat|nested] mbox.gz Atom feed top
2000-12-30 0:25 test13-pre6 Linus Torvalds
2000-12-30 0:49 ` test13-pre6 Alexander Viro
2000-12-30 1:03 ` test13-pre6 Linus Torvalds
2000-12-30 18:09 ` test13-pre6 Alexander Viro
2000-12-30 2:25 ` test13-pre6 Daniel Phillips
2000-12-30 3:16 ` test13-pre6 Linus Torvalds
2000-12-30 18:58 ` [RFC] Generic deferred file writing Daniel Phillips
2000-12-30 20:05 ` Linus Torvalds
2000-12-30 20:06 ` Alexander Viro
2000-12-30 20:21 ` Linus Torvalds
2000-12-30 21:10 ` Andreas Dilger
2000-12-30 21:46 ` Alexander Viro
2000-12-30 23:12 ` Daniel Phillips
2000-12-30 22:00 ` Eric W. Biederman
2000-12-30 22:44 ` Linus Torvalds
2000-12-31 0:26 ` Eric W. Biederman
2000-12-31 1:02 ` Andrea Arcangeli
2000-12-31 1:13 ` Chris Wedgwood
2000-12-31 1:50 ` Alexander Viro
2000-12-31 2:34 ` Andrea Arcangeli
2000-12-31 2:09 ` Roman Zippel
2000-12-31 2:28 ` Linus Torvalds
2000-12-31 12:58 ` Roman Zippel
2001-04-21 20:06 ` Races in affs_unlink(), affs_rmdir() and affs_rename() Alexander Viro
2001-04-21 22:16 ` Roman Zippel [this message]
2001-04-22 5:53 ` Alexander Viro
2001-04-22 12:57 ` Roman Zippel
2001-04-22 13:15 ` Alexander Viro
2000-12-31 14:38 ` [RFC] Generic deferred file writing Andrea Arcangeli
2000-12-31 16:33 ` Linus Torvalds
2000-12-31 16:50 ` Andrea Arcangeli
2000-12-31 16:51 ` Alexander Viro
2000-12-31 17:12 ` Linus Torvalds
2000-12-31 18:30 ` Daniel Phillips
2000-12-31 18:44 ` Linus Torvalds
2000-12-31 19:10 ` Daniel Phillips
2000-12-31 19:31 ` Linus Torvalds
2000-12-31 21:03 ` Roman Zippel
2000-12-31 21:32 ` Linus Torvalds
2001-01-02 18:27 ` Chris Mason
2000-12-30 3:08 ` test13-pre6 (Fork Bug with Athlons? Temporary Fix) Byron Stanoszek
2000-12-30 3:36 ` Linus Torvalds
2000-12-30 5:55 ` Andi Kleen
2000-12-30 5:13 ` Linus Torvalds
2000-12-30 8:13 ` Graham Murray
2000-12-30 4:21 ` test13-pre6 Dan Aloni
2001-01-04 20:23 ` test13-pre6 Stephen C. Tweedie
2001-01-04 22:15 ` test13-pre6 stewart
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3AE206AC.E196AEBA@linux-m68k.org \
--to=zippel@linux-m68k.org \
--cc=linux-kernel@vger.kernel.org \
--cc=torvalds@transmeta.com \
--cc=viro@math.psu.edu \
--cc=zippel@fh-brandenburg.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox