Race inotify_rm_watch vs umount

From: OGAWA Hirofumi
Date: Fri Jun 10 2011 - 07:21:12 EST

Next message: Alan Cox: "Re: [PATCH 02/10] lib: genalloc: Generic allocator improvements"
Previous message: Ingo Molnar: "Re: [PATCH v5 9/9] x86-64: Add CONFIG_UNSAFE_VSYSCALLS tofeature-removal-schedule"
Next in thread: Eric Paris: "Re: Race inotify_rm_watch vs umount"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

I'm looking the race inotify_rm_watch() vs umount(). This race become the
cause of Oops. You can see the oops at

https://bugzilla.kernel.org/show_bug.cgi?id=22602

So, what race?

umount inotify_rm_watch
... fsnotify_destroy_mark()
fsnotify_destroy_inode_mark()
/* removed from i_fsnotify_marks */
generic_shutdown_super()
fsnotify_unmount_inodes()
put_super()
iput()
iput_final()
/* this is after put_super() */

Like above, inotify doesn't guarantee to call final iput() before
put_super(). With this violation, FS driver can oops.

Well, so, what are requested for inotify? We can't simply take
sb->s_umount in inotify_rm_watch()?

Any ideas?

Thanks.
--
OGAWA Hirofumi <hirofumi@xxxxxxxxxxxxxxxxxx>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Alan Cox: "Re: [PATCH 02/10] lib: genalloc: Generic allocator improvements"
Previous message: Ingo Molnar: "Re: [PATCH v5 9/9] x86-64: Add CONFIG_UNSAFE_VSYSCALLS tofeature-removal-schedule"
Next in thread: Eric Paris: "Re: Race inotify_rm_watch vs umount"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]