lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Wed, 30 Dec 2020 21:36:36 +0000
From:   Matthew Wilcox <willy@...radead.org>
To:     Al Viro <viro@...iv.linux.org.uk>
Cc:     YANG LI <abaci-bugfix@...ux.alibaba.com>,
        linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] fs: fix: second lock in function d_prune_aliases().

On Wed, Dec 30, 2020 at 08:04:49PM +0000, Al Viro wrote:
> On Wed, Dec 30, 2020 at 03:01:25PM +0800, YANG LI wrote:
> > Goto statement jumping will cause lock to be executed again without
> > executing unlock, placing the lock statement in front of goto
> > label to fix this problem.
> > 
> > Signed-off-by: YANG LI <abaci-bugfix@...ux.alibaba.com>
> > Reported-by: Abaci <abaci@...ux.alibaba.com>
> 
> I am sorry, but have you even attempted to trigger that codepath?
> Just to test your patch...
> 
> FWIW, the patch is completely broken.  Obviously so, since you
> have dput() done just before goto restart and dput() in very
> much capable of blocking.  It should never be called with spinlocks
> held.  And if you look at __dentry_kill() (well, dentry_unlink_inode()
> called by __dentry_kill()), you will see that it bloody well *DOES*
> drop inode->i_lock.

Not only that, but the function is even _annotated_ to that effect.
So this 'abaci' tool you have isn't even capable of the bare minimum.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ