Re: KASAN: use-after-free Read in path_lookupat

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Mon, Mar 25, 2019 at 12:18:02PM -0700, Linus Torvalds wrote:
> COMPLETELY UNTESTED. And no filesystems converted to actually use the
> new rcu_destroy_inode() thing.
> 
> Hmm?

Maybe, but we really need to come up with sane documentation on the
entire drop_inode/evict_inode/destroy_inode/rcu_destroy_inode
group ;-/  And I want to understand the writeback-related issues
in ocfs2 and f2fs - the current kludges in those smell fishy.

>  	if (unlikely(inode_init_always(sb, inode))) {
> -		if (inode->i_sb->s_op->destroy_inode)
> +		if (inode->i_sb->s_op->destroy_inode) {
>  			inode->i_sb->s_op->destroy_inode(inode);
> -		else
> +			if (!inode->i_sb->s_op->rcu_destroy_inode)
> +				return NULL;
> +		}
> +		if (!inode->i_sb->s_op->rcu_destroy_inode ||
> +		    !inode->i_sb->s_op->rcu_destroy_inode(inode))
>  			kmem_cache_free(inode_cachep, inode);

ITYM  i_callback(inode); here, possibly suitably renamed.
[Index of Archives]     [Linux Ext4 Filesystem]     [Union Filesystem]     [Filesystem Testing]     [Ceph Users]     [Ecryptfs]     [AutoFS]     [Kernel Newbies]     [Share Photos]     [Security]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux Cachefs]     [Reiser Filesystem]     [Linux RAID]     [Samba]     [Device Mapper]     [CEPH Development]

  Powered by Linux