From: "Dr. David Alan Gilbert (git)" <dgilbert@redhat.com>
To: qemu-devel@nongnu.org, stefanha@redhat.com
Subject: [PULL 092/108] virtiofsd: passthrough_ll: fix refcounting on remove/rename
Date: Thu, 23 Jan 2020 16:46:14 +0000 [thread overview]
Message-ID: <20200123164630.91498-93-dgilbert@redhat.com> (raw)
In-Reply-To: <20200123164630.91498-1-dgilbert@redhat.com>
From: Miklos Szeredi <mszeredi@redhat.com>
Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Reviewed-by: Misono Tomohiro <misono.tomohiro@jp.fujitsu.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
---
tools/virtiofsd/passthrough_ll.c | 50 +++++++++++++++++++++++++++++++-
1 file changed, 49 insertions(+), 1 deletion(-)
diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
index c819b5f782..e3a6d6b611 100644
--- a/tools/virtiofsd/passthrough_ll.c
+++ b/tools/virtiofsd/passthrough_ll.c
@@ -1140,17 +1140,42 @@ out_err:
fuse_reply_err(req, saverr);
}
+static struct lo_inode *lookup_name(fuse_req_t req, fuse_ino_t parent,
+ const char *name)
+{
+ int res;
+ struct stat attr;
+
+ res = fstatat(lo_fd(req, parent), name, &attr,
+ AT_EMPTY_PATH | AT_SYMLINK_NOFOLLOW);
+ if (res == -1) {
+ return NULL;
+ }
+
+ return lo_find(lo_data(req), &attr);
+}
+
static void lo_rmdir(fuse_req_t req, fuse_ino_t parent, const char *name)
{
int res;
+ struct lo_inode *inode;
+ struct lo_data *lo = lo_data(req);
+
if (!is_safe_path_component(name)) {
fuse_reply_err(req, EINVAL);
return;
}
+ inode = lookup_name(req, parent, name);
+ if (!inode) {
+ fuse_reply_err(req, EIO);
+ return;
+ }
+
res = unlinkat(lo_fd(req, parent), name, AT_REMOVEDIR);
fuse_reply_err(req, res == -1 ? errno : 0);
+ unref_inode_lolocked(lo, inode, 1);
}
static void lo_rename(fuse_req_t req, fuse_ino_t parent, const char *name,
@@ -1158,12 +1183,23 @@ static void lo_rename(fuse_req_t req, fuse_ino_t parent, const char *name,
unsigned int flags)
{
int res;
+ struct lo_inode *oldinode;
+ struct lo_inode *newinode;
+ struct lo_data *lo = lo_data(req);
if (!is_safe_path_component(name) || !is_safe_path_component(newname)) {
fuse_reply_err(req, EINVAL);
return;
}
+ oldinode = lookup_name(req, parent, name);
+ newinode = lookup_name(req, newparent, newname);
+
+ if (!oldinode) {
+ fuse_reply_err(req, EIO);
+ goto out;
+ }
+
if (flags) {
#ifndef SYS_renameat2
fuse_reply_err(req, EINVAL);
@@ -1176,26 +1212,38 @@ static void lo_rename(fuse_req_t req, fuse_ino_t parent, const char *name,
fuse_reply_err(req, res == -1 ? errno : 0);
}
#endif
- return;
+ goto out;
}
res = renameat(lo_fd(req, parent), name, lo_fd(req, newparent), newname);
fuse_reply_err(req, res == -1 ? errno : 0);
+out:
+ unref_inode_lolocked(lo, oldinode, 1);
+ unref_inode_lolocked(lo, newinode, 1);
}
static void lo_unlink(fuse_req_t req, fuse_ino_t parent, const char *name)
{
int res;
+ struct lo_inode *inode;
+ struct lo_data *lo = lo_data(req);
if (!is_safe_path_component(name)) {
fuse_reply_err(req, EINVAL);
return;
}
+ inode = lookup_name(req, parent, name);
+ if (!inode) {
+ fuse_reply_err(req, EIO);
+ return;
+ }
+
res = unlinkat(lo_fd(req, parent), name, 0);
fuse_reply_err(req, res == -1 ? errno : 0);
+ unref_inode_lolocked(lo, inode, 1);
}
static void unref_inode_lolocked(struct lo_data *lo, struct lo_inode *inode,
--
2.24.1
next prev parent reply other threads:[~2020-01-23 19:43 UTC|newest]
Thread overview: 113+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-01-23 16:44 [PULL 000/108] virtiofs queue Dr. David Alan Gilbert (git)
2020-01-23 16:44 ` [PULL 001/108] virtiofsd: Pull in upstream headers Dr. David Alan Gilbert (git)
2020-01-23 16:44 ` [PULL 002/108] virtiofsd: Pull in kernel's fuse.h Dr. David Alan Gilbert (git)
2020-01-23 16:44 ` [PULL 003/108] virtiofsd: Add auxiliary .c's Dr. David Alan Gilbert (git)
2020-01-23 16:44 ` [PULL 004/108] virtiofsd: Add fuse_lowlevel.c Dr. David Alan Gilbert (git)
2020-01-23 16:44 ` [PULL 005/108] virtiofsd: Add passthrough_ll Dr. David Alan Gilbert (git)
2020-01-23 16:44 ` [PULL 006/108] virtiofsd: Trim down imported files Dr. David Alan Gilbert (git)
2020-01-23 16:44 ` [PULL 007/108] virtiofsd: Format imported files to qemu style Dr. David Alan Gilbert (git)
2020-01-23 16:44 ` [PULL 008/108] virtiofsd: remove mountpoint dummy argument Dr. David Alan Gilbert (git)
2020-01-23 16:44 ` [PULL 009/108] virtiofsd: remove unused notify reply support Dr. David Alan Gilbert (git)
2020-01-23 16:44 ` [PULL 010/108] virtiofsd: Remove unused enum fuse_buf_copy_flags Dr. David Alan Gilbert (git)
2020-01-23 16:44 ` [PULL 011/108] virtiofsd: Fix fuse_daemonize ignored return values Dr. David Alan Gilbert (git)
2020-01-23 16:44 ` [PULL 012/108] virtiofsd: Fix common header and define for QEMU builds Dr. David Alan Gilbert (git)
2020-01-23 16:44 ` [PULL 013/108] virtiofsd: Trim out compatibility code Dr. David Alan Gilbert (git)
2020-01-23 16:44 ` [PULL 014/108] vitriofsd/passthrough_ll: fix fallocate() ifdefs Dr. David Alan Gilbert (git)
2020-01-23 16:44 ` [PULL 015/108] virtiofsd: Make fsync work even if only inode is passed in Dr. David Alan Gilbert (git)
2020-01-23 16:44 ` [PULL 016/108] virtiofsd: Add options for virtio Dr. David Alan Gilbert (git)
2020-01-23 16:44 ` [PULL 017/108] virtiofsd: add -o source=PATH to help output Dr. David Alan Gilbert (git)
2020-01-23 16:45 ` [PULL 018/108] virtiofsd: Open vhost connection instead of mounting Dr. David Alan Gilbert (git)
2020-01-23 16:45 ` [PULL 019/108] virtiofsd: Start wiring up vhost-user Dr. David Alan Gilbert (git)
2020-01-23 16:45 ` [PULL 020/108] virtiofsd: Add main virtio loop Dr. David Alan Gilbert (git)
2020-01-23 16:45 ` [PULL 021/108] virtiofsd: get/set features callbacks Dr. David Alan Gilbert (git)
2020-01-23 16:45 ` [PULL 022/108] virtiofsd: Start queue threads Dr. David Alan Gilbert (git)
2020-01-23 16:45 ` [PULL 023/108] virtiofsd: Poll kick_fd for queue Dr. David Alan Gilbert (git)
2020-01-23 16:45 ` [PULL 024/108] virtiofsd: Start reading commands from queue Dr. David Alan Gilbert (git)
2020-01-23 16:45 ` [PULL 025/108] virtiofsd: Send replies to messages Dr. David Alan Gilbert (git)
2020-01-23 16:45 ` [PULL 026/108] virtiofsd: Keep track of replies Dr. David Alan Gilbert (git)
2020-01-23 16:45 ` [PULL 027/108] virtiofsd: Add Makefile wiring for virtiofsd contrib Dr. David Alan Gilbert (git)
2020-01-23 16:45 ` [PULL 028/108] virtiofsd: Fast path for virtio read Dr. David Alan Gilbert (git)
2020-01-23 16:45 ` [PULL 029/108] virtiofsd: add --fd=FDNUM fd passing option Dr. David Alan Gilbert (git)
2020-01-23 16:45 ` [PULL 030/108] virtiofsd: make -f (foreground) the default Dr. David Alan Gilbert (git)
2020-01-23 16:45 ` [PULL 031/108] virtiofsd: add vhost-user.json file Dr. David Alan Gilbert (git)
2020-01-23 16:45 ` [PULL 032/108] virtiofsd: add --print-capabilities option Dr. David Alan Gilbert (git)
2020-01-23 16:45 ` [PULL 033/108] virtiofs: Add maintainers entry Dr. David Alan Gilbert (git)
2020-01-23 16:45 ` [PULL 034/108] virtiofsd: passthrough_ll: create new files in caller's context Dr. David Alan Gilbert (git)
2020-01-23 16:45 ` [PULL 035/108] virtiofsd: passthrough_ll: add lo_map for ino/fh indirection Dr. David Alan Gilbert (git)
2020-01-23 16:45 ` [PULL 036/108] virtiofsd: passthrough_ll: add ino_map to hide lo_inode pointers Dr. David Alan Gilbert (git)
2020-01-23 16:45 ` [PULL 037/108] virtiofsd: passthrough_ll: add dirp_map to hide lo_dirp pointers Dr. David Alan Gilbert (git)
2020-03-20 13:38 ` Peter Maydell
2020-01-23 16:45 ` [PULL 038/108] virtiofsd: passthrough_ll: add fd_map to hide file descriptors Dr. David Alan Gilbert (git)
2020-01-23 16:45 ` [PULL 039/108] virtiofsd: passthrough_ll: add fallback for racy ops Dr. David Alan Gilbert (git)
2020-01-23 16:45 ` [PULL 040/108] virtiofsd: validate path components Dr. David Alan Gilbert (git)
2020-01-23 16:45 ` [PULL 041/108] virtiofsd: Plumb fuse_bufvec through to do_write_buf Dr. David Alan Gilbert (git)
2020-01-23 16:45 ` [PULL 042/108] virtiofsd: Pass write iov's all the way through Dr. David Alan Gilbert (git)
2020-01-23 16:45 ` [PULL 043/108] virtiofsd: add fuse_mbuf_iter API Dr. David Alan Gilbert (git)
2020-01-23 16:45 ` [PULL 044/108] virtiofsd: validate input buffer sizes in do_write_buf() Dr. David Alan Gilbert (git)
2020-01-23 16:45 ` [PULL 045/108] virtiofsd: check input buffer size in fuse_lowlevel.c ops Dr. David Alan Gilbert (git)
2020-01-23 16:45 ` [PULL 046/108] virtiofsd: prevent ".." escape in lo_do_lookup() Dr. David Alan Gilbert (git)
2020-01-23 16:45 ` [PULL 047/108] virtiofsd: prevent ".." escape in lo_do_readdir() Dr. David Alan Gilbert (git)
2020-01-23 16:45 ` [PULL 048/108] virtiofsd: use /proc/self/fd/ O_PATH file descriptor Dr. David Alan Gilbert (git)
2020-01-23 16:45 ` [PULL 049/108] virtiofsd: sandbox mount namespace Dr. David Alan Gilbert (git)
2020-01-23 16:45 ` [PULL 050/108] virtiofsd: move to an empty network namespace Dr. David Alan Gilbert (git)
2020-01-23 16:45 ` [PULL 051/108] virtiofsd: move to a new pid namespace Dr. David Alan Gilbert (git)
2020-01-23 16:45 ` [PULL 052/108] virtiofsd: add seccomp whitelist Dr. David Alan Gilbert (git)
2020-01-23 16:45 ` [PULL 053/108] virtiofsd: Parse flag FUSE_WRITE_KILL_PRIV Dr. David Alan Gilbert (git)
2020-01-23 16:45 ` [PULL 054/108] virtiofsd: cap-ng helpers Dr. David Alan Gilbert (git)
2020-01-23 16:45 ` [PULL 055/108] virtiofsd: Drop CAP_FSETID if client asked for it Dr. David Alan Gilbert (git)
2020-01-23 16:45 ` [PULL 056/108] virtiofsd: set maximum RLIMIT_NOFILE limit Dr. David Alan Gilbert (git)
2020-01-23 16:45 ` [PULL 057/108] virtiofsd: fix libfuse information leaks Dr. David Alan Gilbert (git)
2020-01-23 16:45 ` [PULL 058/108] virtiofsd: add --syslog command-line option Dr. David Alan Gilbert (git)
2020-01-23 16:45 ` [PULL 059/108] virtiofsd: print log only when priority is high enough Dr. David Alan Gilbert (git)
2020-01-23 16:45 ` [PULL 060/108] virtiofsd: Add ID to the log with FUSE_LOG_DEBUG level Dr. David Alan Gilbert (git)
2020-01-23 16:45 ` [PULL 061/108] virtiofsd: Add timestamp " Dr. David Alan Gilbert (git)
2020-01-23 16:45 ` [PULL 062/108] virtiofsd: Handle reinit Dr. David Alan Gilbert (git)
2020-01-23 16:45 ` [PULL 063/108] virtiofsd: Handle hard reboot Dr. David Alan Gilbert (git)
2020-01-23 16:45 ` [PULL 064/108] virtiofsd: Kill threads when queues are stopped Dr. David Alan Gilbert (git)
2020-01-23 16:45 ` [PULL 065/108] vhost-user: Print unexpected slave message types Dr. David Alan Gilbert (git)
2020-01-23 16:45 ` [PULL 066/108] contrib/libvhost-user: Protect slave fd with mutex Dr. David Alan Gilbert (git)
2020-01-23 16:45 ` [PULL 067/108] virtiofsd: passthrough_ll: add renameat2 support Dr. David Alan Gilbert (git)
2020-01-23 16:45 ` [PULL 068/108] virtiofsd: passthrough_ll: disable readdirplus on cache=never Dr. David Alan Gilbert (git)
2020-01-23 16:45 ` [PULL 069/108] virtiofsd: passthrough_ll: control readdirplus Dr. David Alan Gilbert (git)
2020-01-23 16:45 ` [PULL 070/108] virtiofsd: rename unref_inode() to unref_inode_lolocked() Dr. David Alan Gilbert (git)
2020-01-23 16:45 ` [PULL 071/108] virtiofsd: fail when parent inode isn't known in lo_do_lookup() Dr. David Alan Gilbert (git)
2020-01-23 16:45 ` [PULL 072/108] virtiofsd: extract root inode init into setup_root() Dr. David Alan Gilbert (git)
2020-01-23 16:45 ` [PULL 073/108] virtiofsd: passthrough_ll: clean up cache related options Dr. David Alan Gilbert (git)
2020-01-23 16:45 ` [PULL 074/108] virtiofsd: passthrough_ll: use hashtable Dr. David Alan Gilbert (git)
2020-01-23 16:45 ` [PULL 075/108] virtiofsd: Clean up inodes on destroy Dr. David Alan Gilbert (git)
2020-01-23 16:45 ` [PULL 076/108] virtiofsd: support nanosecond resolution for file timestamp Dr. David Alan Gilbert (git)
2020-01-23 16:45 ` [PULL 077/108] virtiofsd: fix error handling in main() Dr. David Alan Gilbert (git)
2020-01-23 16:46 ` [PULL 078/108] virtiofsd: cleanup allocated resource in se Dr. David Alan Gilbert (git)
2020-01-23 16:46 ` [PULL 079/108] virtiofsd: fix memory leak on lo.source Dr. David Alan Gilbert (git)
2020-01-23 16:46 ` [PULL 080/108] virtiofsd: add helper for lo_data cleanup Dr. David Alan Gilbert (git)
2020-01-23 16:46 ` [PULL 081/108] virtiofsd: Prevent multiply running with same vhost_user_socket Dr. David Alan Gilbert (git)
2020-01-23 16:46 ` [PULL 082/108] virtiofsd: enable PARALLEL_DIROPS during INIT Dr. David Alan Gilbert (git)
2020-01-23 16:46 ` [PULL 083/108] virtiofsd: fix incorrect error handling in lo_do_lookup Dr. David Alan Gilbert (git)
2020-01-23 16:46 ` [PULL 084/108] Virtiofsd: fix memory leak on fuse queueinfo Dr. David Alan Gilbert (git)
2020-01-23 16:46 ` [PULL 085/108] virtiofsd: Support remote posix locks Dr. David Alan Gilbert (git)
2020-01-23 16:46 ` [PULL 086/108] virtiofsd: use fuse_lowlevel_is_virtio() in fuse_session_destroy() Dr. David Alan Gilbert (git)
2020-01-23 16:46 ` [PULL 087/108] virtiofsd: prevent fv_queue_thread() vs virtio_loop() races Dr. David Alan Gilbert (git)
2020-01-23 16:46 ` [PULL 088/108] virtiofsd: make lo_release() atomic Dr. David Alan Gilbert (git)
2020-01-23 16:46 ` [PULL 089/108] virtiofsd: prevent races with lo_dirp_put() Dr. David Alan Gilbert (git)
2020-01-23 16:46 ` [PULL 090/108] virtiofsd: rename inode->refcount to inode->nlookup Dr. David Alan Gilbert (git)
2020-01-23 16:46 ` [PULL 091/108] libvhost-user: Fix some memtable remap cases Dr. David Alan Gilbert (git)
2020-01-23 16:46 ` Dr. David Alan Gilbert (git) [this message]
2020-01-23 16:46 ` [PULL 093/108] virtiofsd: introduce inode refcount to prevent use-after-free Dr. David Alan Gilbert (git)
2020-01-23 16:46 ` [PULL 094/108] virtiofsd: do not always set FUSE_FLOCK_LOCKS Dr. David Alan Gilbert (git)
2020-01-23 16:46 ` [PULL 095/108] virtiofsd: convert more fprintf and perror to use fuse log infra Dr. David Alan Gilbert (git)
2020-01-23 16:46 ` [PULL 096/108] virtiofsd: Reset O_DIRECT flag during file open Dr. David Alan Gilbert (git)
2020-01-23 16:46 ` [PULL 097/108] virtiofsd: Fix data corruption with O_APPEND write in writeback mode Dr. David Alan Gilbert (git)
2020-01-23 16:46 ` [PULL 098/108] virtiofsd: passthrough_ll: Use cache_readdir for directory open Dr. David Alan Gilbert (git)
2020-01-23 16:46 ` [PULL 099/108] virtiofsd: add definition of fuse_buf_writev() Dr. David Alan Gilbert (git)
2020-01-23 16:46 ` [PULL 100/108] virtiofsd: use fuse_buf_writev to replace fuse_buf_write for better performance Dr. David Alan Gilbert (git)
2020-01-23 16:46 ` [PULL 101/108] virtiofsd: process requests in a thread pool Dr. David Alan Gilbert (git)
2020-01-23 16:46 ` [PULL 102/108] virtiofsd: prevent FUSE_INIT/FUSE_DESTROY races Dr. David Alan Gilbert (git)
2020-01-23 16:46 ` [PULL 103/108] virtiofsd: fix lo_destroy() resource leaks Dr. David Alan Gilbert (git)
2020-01-23 16:46 ` [PULL 104/108] virtiofsd: add --thread-pool-size=NUM option Dr. David Alan Gilbert (git)
2020-01-23 16:46 ` [PULL 105/108] virtiofsd: Convert lo_destroy to take the lo->mutex lock itself Dr. David Alan Gilbert (git)
2020-01-23 16:46 ` [PULL 106/108] virtiofsd/passthrough_ll: Pass errno to fuse_reply_err() Dr. David Alan Gilbert (git)
2020-01-23 16:46 ` [PULL 107/108] virtiofsd: stop all queue threads on exit in virtio_loop() Dr. David Alan Gilbert (git)
2020-01-23 16:46 ` [PULL 108/108] virtiofsd: add some options to the help message Dr. David Alan Gilbert (git)
2020-01-23 19:32 ` [PULL 000/108] virtiofs queue Dr. David Alan Gilbert
2020-01-24 11:06 ` Peter Maydell
2020-01-23 21:18 ` no-reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200123164630.91498-93-dgilbert@redhat.com \
--to=dgilbert@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=stefanha@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).