Received: by 2002:ac0:a581:0:0:0:0:0 with SMTP id m1-v6csp734177imm;
        Mon, 2 Jul 2018 22:03:05 -0700 (PDT)
X-Google-Smtp-Source: ADUXVKLE5qsxsLvlG7EzJu2QLBb2pli3NWudyY7NfhBmao2Q7U//fdGTuFlhPs1SqmzaASE5HOC7
X-Received: by 2002:a65:4348:: with SMTP id k8-v6mr24378379pgq.341.1530594185654;
        Mon, 02 Jul 2018 22:03:05 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1530594185; cv=none;
        d=google.com; s=arc-20160816;
        b=qlOJpixhHpx3bvJLGe8PFegbCXcZgpALrwe/1a5B4XiX+1NjUnhaXR8Xi11myqm9D4
         zdHXPx9bHg5Z7/NIeXFT7CNQLrt+MhNmEV5Jy69uEi8J3JyBnbhUyNX4iCNmWS6DgXoN
         TprP/CjeD7RORNQwZ44OAITRv+aicIVRwJmNkwvaIQccaI0wmp9UtQ7EAbafcrjqIMEn
         3U0VfpsgdMf3ewLqaqF2qiUpT3QkMIpNuLu5l7eTOvKzyvoOuH5KTDumJF2oV7ZL92en
         M3a2Sp6Zk88WXZk4Dgvl7VwUSRXctDdAq52z5LV37JfGohfeiovh1TL+ANHjpvAZEGFe
         ePaw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:dkim-signature
         :arc-authentication-results;
        bh=BK2ocT8tBjnBBxhiEEQKtCxMos0t0OtQ9qvfzG/gq3M=;
        b=rxzTpTMS2v/4/3+hnIGozbrt+oUnN18wJx0rdALnqG+QYyJ5ufOY3p3mtSV3e08b0w
         tCSkR2CD5oxwnLIzd3PVLfrXo8BLZdxWKwzpZZOIKycXcDAG83hgiM7Z3074VnRpvfTr
         5g9HJ7VuFa1XRfdwY3VU1I+uaoASal7I2ELdPA+B/QnlTYbDkqxUmmUtJeLAhG6j7raV
         jfqMKoSDbQrF7/W/DSJXGC5QYgY0+A3DcQ6fM4lY96LJLkVhiOVIKX40uyTdGdkIEzvi
         aRaZirIIn7O+AlfD1YU5gB3tA/otMDLLBSjmtEJghJDhhsNixQTjXmrkA/a5XVGLX7wU
         93Xg==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@linux-foundation.org header.s=google header.b=Cq68UVhn;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id c81-v6si290446pfj.138.2018.07.02.22.02.39;
        Mon, 02 Jul 2018 22:03:05 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@linux-foundation.org header.s=google header.b=Cq68UVhn;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1753839AbeGCFBj (ORCPT <rfc822;yuankui.zhao@gmail.com>
        + 99 others); Tue, 3 Jul 2018 01:01:39 -0400
Received: from mail-io0-f195.google.com ([209.85.223.195]:35312 "EHLO
        mail-io0-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1753671AbeGCFBh (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 3 Jul 2018 01:01:37 -0400
Received: by mail-io0-f195.google.com with SMTP id q4-v6so579909iob.2;
        Mon, 02 Jul 2018 22:01:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=linux-foundation.org; s=google;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=BK2ocT8tBjnBBxhiEEQKtCxMos0t0OtQ9qvfzG/gq3M=;
        b=Cq68UVhnVWVyx+hC3YtfZo/rH9bMJDykpaQiesFrrE2XKEEsr1gIVTOBWqaTfOYsJz
         4cN44OZrBWyDEIGa3uu6wI8qC8mtgXblF1DPHojib0+aJ8DJD7nXXGsi7HfK9que53ht
         l5bkisaeB+ILPCLhVAV7OYeTQddojWvfrnRsU=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=BK2ocT8tBjnBBxhiEEQKtCxMos0t0OtQ9qvfzG/gq3M=;
        b=fh0iHzS4oo2NvhaH0Lq84QkRdEGD3QEUGXNPbrse14Ye+lebF9m80MGYEqm3Hif7xO
         Bo2/vR4IveOreLkTjUe5X7FabXvLEjIUrR6hAbMQamsC1v8PaBKSAse0v6Wox9rC2o5L
         btbO++zxzRgERTM8/8TZImsljeSy1oSWGTzOzd4D/GBt57G3ZKGgGMnIW+3u7S3YSjpY
         t5DNcwUaooIhXwGRG170QHsn2XMsiwTxc8LqFbFpwM87g37RJkqcRMdYh/w99SsTjSEu
         l809zsEPXJ6PhCzYUZWVA+u/AtLKaIacCWEDjf7ynPrmfPvPXWGnw+u7sw1J9xNdgKlH
         Gaow==
X-Gm-Message-State: APt69E0n1ra02IBVvEfVT6T3eKrj6PSZ0tJEVITl65HmS0gJR79rCAJv
        Fot6zy0GwIW43ElDEdc6fvsAU3mgHnUZB0paV85QMOH6
X-Received: by 2002:a6b:274f:: with SMTP id n76-v6mr24286742ion.259.1530594096466;
 Mon, 02 Jul 2018 22:01:36 -0700 (PDT)
MIME-Version: 1.0
References: <CGME20180530073304epcas3p4967df82d2d086fd08fd354781df61861@epcas3p4.samsung.com>
 <20180530073211.GA22422@kroah.com> <20180703032456epcas1p29c4570ae3f6bb3f8d7c2d475e1ba4658~9vfIpgNT51989519895epcas1p2d@epcas1p2.samsung.com>
 <20180703043655.GA9793@kroah.com> <20180703044302epcas1p4ff5961129c010a2df3548cf678b6274c~9wjUy-vFW2959129591epcas1p4p@epcas1p4.samsung.com>
In-Reply-To: <20180703044302epcas1p4ff5961129c010a2df3548cf678b6274c~9wjUy-vFW2959129591epcas1p4p@epcas1p4.samsung.com>
From:   Linus Torvalds <torvalds@linux-foundation.org>
Date:   Mon, 2 Jul 2018 22:01:25 -0700
Message-ID: <CA+55aFz-K8s-Sh86PqxRaXTD5pG=YsVUCxf9ue8XOSaGmg-brw@mail.gmail.com>
Subject: Re: Linux 3.18.111
To:     Seung-Woo Kim <sw0312.kim@samsung.com>,
        Al Viro <viro@zeniv.linux.org.uk>
Cc:     Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
        Andrew Morton <akpm@linux-foundation.org>,
        stable <stable@vger.kernel.org>, lwn@lwn.net,
        Jiri Slaby <jslaby@suse.cz>
Content-Type: text/plain; charset="UTF-8"
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Mon, Jul 2, 2018 at 9:43 PM Seung-Woo Kim <sw0312.kim@samsung.com> wrote:
>
> I think the commit itself is required. Simple, but not reliable,
> workaround fix is like below:
>
> diff --git a/fs/dcache.c b/fs/dcache.c
> index a34d401..7c751f2 100644
> --- a/fs/dcache.c
> +++ b/fs/dcache.c
> @@ -1879,6 +1879,8 @@ void d_instantiate_new(struct dentry *entry,
> struct inode *inode)
>         BUG_ON(!hlist_unhashed(&entry->d_u.d_alias));
>         BUG_ON(!inode);
>         lockdep_annotate_inode_mutex_key(inode);
> +       /* WORKAROUND for calling security_d_instantiate() */
> +       entry->d_inode = inode;
>         security_d_instantiate(entry, inode);
>         spin_lock(&inode->i_lock);
>         __d_instantiate(entry, inode);

Ugh. That looks horrible even if it might avoid the oops.

I think a much better solution is to back-port commit b296821a7c42
("xattr_handler: pass dentry and inode as separate arguments of
->get()") to older kernels. Then the inode is passed down all the way,
and you don't have people try to get it from the (not yet initialized)
dentry.

But there might be other parts missing too, and I didn't look at how
easy/painful that backport would be.

Al - comments? This is all because of commit 1e2e547a93a0 ("do
d_instantiate/unlock_new_inode combinations safely") being marked for
stable, and various cases of security_d_instantiate() calling down to
getxattr. Which used to not get the inode at all, so those older
kernels use d_inode(dentry), which doesn't work in this path since
dentry->d_inode hasn't been instantiated yet..

                Linus