lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20140901230835.GK7996@ZenIV.linux.org.uk>
Date:	Tue, 2 Sep 2014 00:08:35 +0100
From:	Al Viro <viro@...IV.linux.org.uk>
To:	Alexey Khoroshilov <khoroshilov@...ras.ru>
Cc:	Evgeniy Dushistov <dushistov@...l.ru>,
	Andrew Morton <akpm@...ux-foundation.org>,
	Linus Torvalds <torvalds@...ux-foundation.org>,
	linux-kernel@...r.kernel.org, ldv-project@...uxtesting.org
Subject: Re: [PATCH] ufs: fix deadlocks after mutex merge

On Tue, Sep 02, 2014 at 02:30:24AM +0400, Alexey Khoroshilov wrote:
> Commit 0244756edc4b ("ufs: sb mutex merge + mutex_destroy") introduces
> deadlocks in ufs_new_inode() and ufs_free_inode() that call lock_ufs()
> being already invoked with mutex held.
> 
> ufs_free_inode() is always invoked with mutex locked, while
> ufs_new_inode() is called with mutex locked two times of four.
> 
> The patch proposes to resolve the issue by agreement to call
> ufs_new_inode() and ufs_free_inode() with mutex unheld.

> @@ -902,9 +902,6 @@ void ufs_evict_inode(struct inode * inode)
>  	invalidate_inode_buffers(inode);
>  	clear_inode(inode);
>  
> -	if (want_delete) {
> -		lock_ufs(inode->i_sb);
> -		ufs_free_inode (inode);
> -		unlock_ufs(inode->i_sb);
> -	}
> +	if (want_delete)
> +		ufs_free_inode(inode);

Your commit message makes no sense - ufs_evict_inode() is *never* called
with that lock held, for one thing.  I agree that "ufs: sb mutex merge +
mutex_destroy" was been badly broken and apparently never tested, though -
the bugs are real.

	Please, write a saner commit message; what happens is that
ufs_{new,free}_inode() take the damn lock themselves these days, so
their caller shouldn't do that.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ