lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 26 Sep 2014 05:53:52 +0100
From:	Al Viro <viro@...IV.linux.org.uk>
To:	Tejun Heo <tj@...nel.org>
Cc:	Zefan Li <lizefan@...wei.com>, cgroups@...r.kernel.org,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH] Revert "cgroup: remove redundant variable in
 cgroup_mount()"

On Fri, Sep 26, 2014 at 12:26:17AM -0400, Tejun Heo wrote:
> On Fri, Sep 26, 2014 at 12:03:25PM +0800, Zefan Li wrote:
> > This reverts commit 0c7bf3e8cab7900e17ce7f97104c39927d835469.
> > 
> > If there are child cgroups in the cgroupfs and then we umount it,
> > the superblock will be destroyed but the cgroup_root will be kept
> > around. When we mount it again, cgroup_mount() will find this
> > cgroup_root and allocate a new sb for it.
> > 
> > So with this commit we will be trapped in a dead loop in the case
> > described above, because kernfs_pin_sb() keeps returning NULL.
> > 
> > Currently I don't see how we can avoid using both pinned_sb and
> > new_sb, so just revert it.
> > 
> > Cc: Al Viro <viro@...IV.linux.org.uk>
> > Reported-by: Andrey Wagin <avagin@...il.com>
> > Signed-off-by: Zefan Li <lizefan@...wei.com>
> 
> Applied to cgroup/for-3.18.

Er?  It's a clear regression since 3.16; shouldn't it go into mainline
before 3.17-final?  Another thing: AFAICS, if kernfs_fill_super() fails,
you get unbalanced kernfs_put() on the cleanup path - kernfs_kill_sb()
will be called in those cases as well.  IOW, we'd better move that
        kernfs_get(info->root->kn);
in kernfs_fill_super() all way up to the point before kernfs_get_inode().
Something like this:

Signed-off-by: Al Viro <viro@...iv.linux.org.uk>
---
diff --git a/fs/kernfs/mount.c b/fs/kernfs/mount.c
index f973ae9..e5e92e3 100644
--- a/fs/kernfs/mount.c
+++ b/fs/kernfs/mount.c
@@ -74,6 +74,7 @@ static int kernfs_fill_super(struct super_block *sb, unsigned long magic)
 	sb->s_magic = magic;
 	sb->s_op = &kernfs_sops;
 	sb->s_time_gran = 1;
+	kernfs_get(info->root->kn);
 
 	/* get root inode, initialize and unlock it */
 	mutex_lock(&kernfs_mutex);
@@ -90,7 +91,6 @@ static int kernfs_fill_super(struct super_block *sb, unsigned long magic)
 		pr_debug("%s: could not get root dentry!\n", __func__);
 		return -ENOMEM;
 	}
-	kernfs_get(info->root->kn);
 	root->d_fsdata = info->root->kn;
 	sb->s_root = root;
 	sb->s_d_op = &kernfs_dops;
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ