On Wed, Dec 08, 2010 at 05:59:55PM +1100, Nick Piggin wrote: > On Wed, Dec 08, 2010 at 12:53:44PM +1100, Dave Chinner wrote: > > On Sat, Nov 27, 2010 at 08:44:32PM +1100, Nick Piggin wrote: > > > d_validate has been broken for a long time. > > > > > > kmem_ptr_validate does not guarantee that a pointer can be dereferenced > > > if it can go away at any time. Even rcu_read_lock doesn't help, because > > > the pointer might be queued in RCU callbacks but not executed yet. > > > > > > So the parent cannot be checked, nor the name hashed. The dentry pointer > > > can not be touched until it can be verified under lock. Hashing simply > > > cannot be used. > > > > > > Instead, verify the parent/child relationship by traversing parent's > > > d_child list. It's slow, but only ncpfs and the destaged smbfs care > > > about it, at this point. > > > > I'd drop the previous revert patch and just convert the RCU hash > > traversal straight to the d_child traversal code you introduce here. > > This is a much better explanation of why the d_validate mechanism > > needs to be changed, and the revert is really an unnecessary extra > > step... > > Has to be backported, though. Backported where? The d_validate() change only got included in .37-rc1. > Patch that is to be reverted obviously > adds more brokenness and is a good example that you cannot dget() under > rcu read protection even if the rest of the surrounding function is > bugfree. I wouldn't have thought it's a big deal. Reverting something broken to something already broken just to fix to the less broken version seems like an unnecessary step. Just fix the brokenneÑs in a single patch - no need to indirect the real fix through a revert. One less patch to worry about. Cheers, Dave. -- Dave Chinner david@xxxxxxxxxxxxx -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
