lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <ae2a652559e30aaea925fc2dfe28602f7216f5b0.camel@ibm.com>
Date: Tue, 2 Sep 2025 18:42:20 +0000
From: Viacheslav Dubeyko <Slava.Dubeyko@....com>
To: Alex Markuze <amarkuze@...hat.com>,
        "ceph-devel@...r.kernel.org"
	<ceph-devel@...r.kernel.org>
CC: "idryomov@...il.com" <idryomov@...il.com>,
        "linux-kernel@...r.kernel.org"
	<linux-kernel@...r.kernel.org>
Subject: Re:  [PATCH 1/2] ceph/mds_client: transfer CEPH_CAP_PIN when updating
 r_parent on mismatch

On Mon, 2025-09-01 at 15:14 +0000, Alex Markuze wrote:
> When the parent directory lock is not held, req->r_parent can become stale between dentry lookup and request encoding.
> The client updates r_parent to the correct inode based on the encoded path, but previously did not adjust CEPH_CAP_PIN references.
> 
> Release the pin from the old parent and acquire it for the new parent when switching r_parent, ensuring reference accounting stays balanced and avoiding leaks or underflows later in ceph_mdsc_release_request().
> 

I cannot apply the patch on current state of the kernel. I assume that this
patch is improvement of previous patch set. If so, then it will be better to
send another version of previous patch set. Otherwise, it's hard to review and
impossible to test it.

Thanks,
Slava.

> Signed-off-by: Alex Markuze <amarkuze@...hat.com>
> ---
>  fs/ceph/mds_client.c | 11 +++++++++--
>  1 file changed, 9 insertions(+), 2 deletions(-)
> 
> diff --git a/fs/ceph/mds_client.c b/fs/ceph/mds_client.c
> index ce0c129f4651..4e5926f36e8d 100644
> --- a/fs/ceph/mds_client.c
> +++ b/fs/ceph/mds_client.c
> @@ -3053,12 +3053,19 @@ static struct ceph_msg *create_request_message(struct ceph_mds_session *session,
>  	 */
>  	if (!parent_locked && req->r_parent && path_info1.vino.ino &&
>  	    ceph_ino(req->r_parent) != path_info1.vino.ino) {
> +		struct inode *old_parent = req->r_parent;
>  		struct inode *correct_dir = ceph_get_inode(mdsc->fsc->sb, path_info1.vino, NULL);
>  		if (!IS_ERR(correct_dir)) {
>  			WARN_ONCE(1, "ceph: r_parent mismatch (had %llx wanted %llx) - updating\n",
> -				  ceph_ino(req->r_parent), path_info1.vino.ino);
> -			iput(req->r_parent);
> +			          ceph_ino(old_parent), path_info1.vino.ino);
> +			/*
> +			 * Transfer CEPH_CAP_PIN from the old parent to the new one.
> +			 * The pin was taken earlier in ceph_mdsc_submit_request().
> +			 */
> +			ceph_put_cap_refs(ceph_inode(old_parent), CEPH_CAP_PIN);
> +			iput(old_parent);
>  			req->r_parent = correct_dir;
> +			ceph_get_cap_refs(ceph_inode(req->r_parent), CEPH_CAP_PIN);
>  		}
>  	}
>  

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ