lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 18 Jul 2012 22:33:55 +0100 From: Al Viro <viro@...IV.linux.org.uk> To: Linus Torvalds <torvalds@...ux-foundation.org> Cc: Knut Petersen <Knut_Petersen@...nline.de>, linux-kernel@...r.kernel.org, reiserfs-devel@...r.kernel.org Subject: Re: [Bug 3.4.5] reiserfs: mutex_destroy called with locked mutex On Wed, Jul 18, 2012 at 02:25:02PM -0700, Linus Torvalds wrote: > On Wed, Jul 18, 2012 at 2:20 PM, Al Viro <viro@...iv.linux.org.uk> wrote: > > On Wed, Jul 18, 2012 at 09:26:57AM -0700, Linus Torvalds wrote: > >> > >> So I don't think the freeing code could trigger, but a concurrent > >> lookup then trying to look up the new directory (and taking the new > >> directory i_semaphore lock) could happen, afaik. > > > > Umm... The thing is, we'd get WARN_ON() in iput_final() triggering in > > that scenario before lockdep could complain. > > Not for the "look up directory in the dcache, and then lock that > inode" case, afaik. You'd get the lock before iput_final(), no? > > So then "unlock_new_inode()" would run with the inode mutex held, > which could explain the lockdep warning, no? Umm.. Right you are, I was thinking about the "can the freeing code actually trigger". OK; I'm still not sure this should go in before -final, but it could be the reason behind those (false positive) warnings from lockdep. Could probably step into something nasty around e.g. writeback or quota, so maybe it's worth doing just in case... It's definitely the right thing to do wrt not giving the rest of the VFS/VM nasty surprises - everything might work correctly with IO coming on such still-I_NEW-and-locked inode, but that's not a case that will be often considered when modifying code. The only questions are "is this the WARN_ON() Knut had stepped on" (and I agree with your scenario now) and "is it critical enough to shove it into the tree less than a week before -final". Up to you... -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists