On Mon, 2008-12-01 at 15:41 -0500, Oren Laadan wrote:
> >>> + fd = cr_attach_file(file); /* no need to cleanup 'file' below */
> >>> + if (fd < 0) {
> >>> + filp_close(file, NULL);
> >>> + ret = fd;
> >>> + goto out;
> >>> + }
> >>> +
> >>> + /* register new <objref, file> tuple in hash table */
> >>> + ret = cr_obj_add_ref(ctx, file, parent, CR_OBJ_FILE, 0);
> >>> + if (ret < 0)
> >>> + goto out;
> >> Who said that file still exists at that point?
>
> Correct. This call should move higher up befor ethe call to cr_attach_file()
Is that sufficient? It seems like we're depending on the fd's reference
to the 'struct file' to keep it valid in the hash. If something happens
to the fd (like the other thread messing with it) the 'struct file' can
still go away.
Shouldn't we do another get_file() for the hash's reference?
-- Dave
_______________________________________________
Containers mailing list
Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx
https://lists.linux-foundation.org/mailman/listinfo/containers
