lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20100201231847.GC12882@ZenIV.linux.org.uk>
Date:	Mon, 1 Feb 2010 23:18:47 +0000
From:	Al Viro <viro@...IV.linux.org.uk>
To:	Linus Torvalds <torvalds@...ux-foundation.org>
Cc:	linux-kernel@...r.kernel.org, linux-fsdevel@...r.kernel.org
Subject: Re: [PATCH][RFC] %pd - for printing dentry name

On Mon, Feb 01, 2010 at 02:37:32PM -0800, Linus Torvalds wrote:

> > * don't use %pd under dentry->d_lock, use dentry->d_name.name instead; in
> > that case it *is* safe.  Incidentally, ->d_lock isn't held a lot.
> 
> I realize we can just call it a rule, and yes, d_lock is held much less 
> than something like console_lock etc that we've had ABBA issues with, but 
> still..

> Quite frankly, I'd _much_ rather see something like just always freeing 
> the dentry names (when they aren't inlined) using RCU. The VFS layer quite 
> possibly would want to do that anyway at some point (eg Nick's VFS 
> scalability patches), and then we could make it just a RCU read-lock or 
> whatever (interrupt disable, what-not) instead.
> 
> And I'm much happier with printk doing that kind of thing, and wouldn't 
> have issues with that kind of much weaker locking.

Ehh...  RCU will save you from stepping on freed memory, but it still will
leave the joy of half-updated string with length out of sync with it, etc.
We probably can get away with that, but we'll have to be a lot more careful
with the order of updating these suckers in d_move_locked et.al.

I don't know...  Note that if we end up adding something extra to struct
dentry, we might as well just add *another* spinlock, taken only under
->d_lock and only in two places in dcache.c that change d_name.  That kind
of thing is trivial to enforce (just grep over the tree once in a while)
and if it shares the cacheline with d_lock, we shouldn't get any real overhead
in d_move()/d_materialise_unique().  I'm not particulary fond of that variant,
but it's at least guaranteed to be devoid of subtleties.

If RCU folks can come up with a sane suggestions that would be robust and
wouldn't bloat dentry - sure, I'm all for it.  If not...
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ