Re: [PATCH 4.19 025/422] ecryptfs_lookup_interpose(): lower_dentry->d_inode is not stable

[Pavel Machek]

Hi!

> From: Al Viro <viro@xxxxxxxxxxxxxxxxxx>
> 
> commit e72b9dd6a5f17d0fb51f16f8685f3004361e83d0 upstream.
> 
> lower_dentry can't go from positive to negative (we have it pinned),
> but it *can* go from negative to positive.  So fetching ->d_inode
> into a local variable, doing a blocking allocation, checking that
> now ->d_inode is non-NULL and feeding the value we'd fetched
> earlier to a function that won't accept NULL is not a good idea.
> 
> Cc: stable@xxxxxxxxxxxxxxx
> --- a/fs/ecryptfs/inode.c
> +++ b/fs/ecryptfs/inode.c
> @@ -345,7 +345,15 @@ static struct dentry *ecryptfs_lookup_in
>  	dentry_info->lower_path.mnt = lower_mnt;
>  	dentry_info->lower_path.dentry = lower_dentry;
>  
> -	if (d_really_is_negative(lower_dentry)) {
> +	/*
> +	 * negative dentry can go positive under us here - its parent is not
> +	 * locked.  That's OK and that could happen just as we return from
> +	 * ecryptfs_lookup() anyway.  Just need to be careful and fetch
> +	 * ->d_inode only once - it's not stable here.
> +	 */
> +	lower_inode = READ_ONCE(lower_dentry->d_inode);

Should this use d_inode_rcu() function, to keep the abstraction
provided by the header file?

Best regards,
									Pavel
-- 
(english) http://www.livejournal.com/~pavelmachek
(cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html

Attachment: signature.asc
Description: Digital signature