On Mon, 18 Jul 2011, Linus Torvalds wrote: > On Sun, Jul 17, 2011 at 11:31 PM, Linus Torvalds > <torvalds@xxxxxxxxxxxxxxxxxxxx> wrote: > > > > Now, I do agree that maybe that case simply should check the dentry > > sequence count. I wish all cases did. Hugh patch did that. But the > > reason I dislike Hugh's patch is that when I say "I wish they all > > did", I mean that I dislike the special casing. And Hugh's patch just > > adds *more* special casing for that NULL entry - I'd wish we just > > always did it regardless of whether it was NULL or not. > > Btw, looking at that, I think Hugh's patch is wrong. It does > > if (!read_seqcount_retry(&dentry->d_seq, nd->seq)) > > but that's after we've done the __follow_mount_rcu() that may actually > have changed "nd->seq" to the mount-point inode (and has changed > path->dentry to match it). Yes, my patch is wrong there. I started out with if (!read_seqcount_retry(&dentry->d_seq, seq); but seeing __follow_mount_rcu() updates inode and nd->seq, I changed to if (!read_seqcount_retry(&dentry->d_seq, nd->seq); missing the obvious, that it's changing path->dentry when it updates nd->seq. > > Now, it only does it if inode is NULL, so I guess it doesn't matter, > but it's the kind of inconsistency that I think is really dangerous, > because it basically compares incompatible sequence numbers. Yes, it's simply wrong. > > Also, looking at that whole mount-point traversal sequence, it looks > like __follow_mount_rcu() will happily totally ignore the old sequence > number when it replaces it with the mount-point sequence number. So it > looks to me that we have a case where we miss the sequence number > check that can happen with a positive dentry too! Al has commented on that. I'd feel more confident with a patch like yours, and corrected final check in mine (if we used mine at all) if (!read_seqcount_retry(&path->dentry->d_seq, nd->seq); but ignore me, I'm easily confused by mounts ;) Hugh -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
