lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <7785659.j189Hiylts@silver>
Date: Mon, 08 Jan 2024 15:55:53 +0100
From: Christian Schoenebeck <linux_oss@...debyte.com>
To: Eric Van Hensbergen <ericvh@...nel.org>
Cc: asmadeus@...ewreck.org, linux-kernel@...r.kernel.org,
 v9fs@...ts.linux.dev, rminnich@...il.com, lucho@...kov.net
Subject: Re: [PATCH] fs/9p: fix inode nlink accounting

On Monday, January 8, 2024 3:12:24 PM CET Eric Van Hensbergen wrote:
> On Mon, Jan 8, 2024 at 6:08 AM Christian Schoenebeck
> <linux_oss@...debyte.com> wrote:
> >
> > On Monday, January 8, 2024 12:19:34 PM CET asmadeus@...ewreck.org wrote:
> > > Eric Van Hensbergen wrote on Sun, Jan 07, 2024 at 07:07:52PM +0000:
> > > > I was running some regressions and noticed a (race-y) kernel warning that
> > > > happens when nlink becomes less than zero.  Looking through the code
> > > > it looks like we aren't good about protecting the inode lock when
> > > > manipulating nlink and some code that was added several years ago to
> > > > protect against bugs in underlying file systems nlink handling didn't
> > > > look quite right either.  I took a look at what NFS was doing and tried to
> > > > follow similar approaches in the 9p code.
> > >
> > > I was about to say the set/inc/etc_nlink helpers could probably just be
> > > using atomic (there's an atomic_dec_if_postive that we could have used
> > > for the v9fs_dec_count warning), but this isn't our code so not much to
> > > do about that -- I agree it needs a lock.
> > >
> > > I didn't take the time to check if you missed any, but it won't be worse
> > > than what we have right now:
> > > Acked-by: Dominique Martinet <asmadeus@...ewreck.org>
> >
> > That's actually a good point. For these tasks atomic inc/sub/etc are usually
> > used instead of locks.
> >
> > I would at least add local wrapper functions that would do these spinlocks for
> > us.
> >
> 
> I'm good with adding local wrapper functions,  I imagine these aren't
> used in the kernel because for regular file-systems maybe you want the
> warning that your inode link accounting is wrong.
> I suppose we could be naughty and not use the kernel functions (which
> themselves are basically wrappers).

Well, one half of that code is actually using atomic operations to increment/
decrement the private counter. Which means to me those kernel functions were
intended to be called from a concurrent context. So I don't get why the other
variable is not atomic there. They should be I think.

I would probably try and send a patch for changing those kernel functions and
see if people are fine with that. But up to you.



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ