Received: by 2002:a25:1506:0:0:0:0:0 with SMTP id 6csp1801778ybv; Fri, 14 Feb 2020 06:18:00 -0800 (PST) X-Google-Smtp-Source: APXvYqwiswgZYMJhaLt589aPOlLepEwPTbDu46veITMgg4vw1pwlOd9BFYFyqqNg7RWDZS+eiidA X-Received: by 2002:a05:6830:1615:: with SMTP id g21mr2522897otr.49.1581689875917; Fri, 14 Feb 2020 06:17:55 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1581689875; cv=none; d=google.com; s=arc-20160816; b=Vb6oOiP1K4jcWXx3eC4HgthNGKOlHlStwNc6qOha9P4FNXb+CwaDjyf5JiBrTBbYuz Im4ONHBjMVR0rXxeELpknRqMkcQoAmqyYyUSQn3tvTUHAgvGvHgwlqRDmwyMEEdEE1KK F9X6BuSG2UVLElkV0xbPkc/Q2U5KD8iDCumnv/WlnQdM9wLyGzbk4fcfZ9gKj13PQWpU HIhHhH1EvClpr8VgSm2UmbAiAUAFbdDdUKTJnT1k7+jF+LYLuXlVF9j3iPTh5uJU8efD 9ysOCk+heDEK16VE3VVCG/oPMj1Yn7oxTYohQ1pbMqcl/yCWBaVTau0voqu8KBXFsONN 9lyA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:subject:mime-version:user-agent :message-id:in-reply-to:date:references:cc:to:from; bh=QP5HP6HmIe42+EK1iCcY50NrM/7d8IRz+VtTjHCBOMU=; b=smwWpVOltODaor/mY6ZQNaiJuvGtWxcWTu2adIPriReHogitEU7MkMsolGDwvG1pZH Qk+7yWAmGLW2uh9HUpnsgwDURBkykTVuF0D/bft7uhgtDk0LeLcIbcMVZgO5yHGH3CFh +AUrX9D70pNxJ/l4LSxVcEwmk8DqO5DUmTeHCdj0nTrwmISe8GDz2SOUCp35OR5GBZ9A 4XOT4B78mu3hSDRxAm6CL9lUCPaKROI+9NXpJ5LyAzqAHwUWxBgxnAC5yjcqm8bDgmBj buaczdveFQsZ11QdLplMYTZdVhthV2DR20Gtpaft5n+nZbqbkVbrEhbTuDrOug8f0/rK MBTg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=xmission.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id p8si2949754otq.170.2020.02.14.06.17.43; Fri, 14 Feb 2020 06:17:55 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=xmission.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2387429AbgBNORQ (ORCPT + 99 others); Fri, 14 Feb 2020 09:17:16 -0500 Received: from out02.mta.xmission.com ([166.70.13.232]:38530 "EHLO out02.mta.xmission.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726191AbgBNORQ (ORCPT ); Fri, 14 Feb 2020 09:17:16 -0500 Received: from in02.mta.xmission.com ([166.70.13.52]) by out02.mta.xmission.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1j2bmK-0000fb-M0; Fri, 14 Feb 2020 07:17:12 -0700 Received: from ip68-227-160-95.om.om.cox.net ([68.227.160.95] helo=x220.xmission.com) by in02.mta.xmission.com with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.87) (envelope-from ) id 1j2bmJ-0004QP-SP; Fri, 14 Feb 2020 07:17:12 -0700 From: ebiederm@xmission.com (Eric W. Biederman) To: Linus Torvalds Cc: Al Viro , LKML , Kernel Hardening , Linux API , Linux FS Devel , Linux Security Module , Akinobu Mita , Alexey Dobriyan , Andrew Morton , Andy Lutomirski , Daniel Micay , Djalal Harouni , "Dmitry V . Levin" , Greg Kroah-Hartman , Ingo Molnar , "J . Bruce Fields" , Jeff Layton , Jonathan Corbet , Kees Cook , Oleg Nesterov , Solar Designer References: <20200212200335.GO23230@ZenIV.linux.org.uk> <20200212203833.GQ23230@ZenIV.linux.org.uk> <20200212204124.GR23230@ZenIV.linux.org.uk> <87lfp7h422.fsf@x220.int.ebiederm.org> <87pnejf6fz.fsf@x220.int.ebiederm.org> <20200213055527.GS23230@ZenIV.linux.org.uk> <20200213222350.GU23230@ZenIV.linux.org.uk> Date: Fri, 14 Feb 2020 08:15:16 -0600 In-Reply-To: (Linus Torvalds's message of "Thu, 13 Feb 2020 14:47:48 -0800") Message-ID: <87wo8pb6h7.fsf@x220.int.ebiederm.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-XM-SPF: eid=1j2bmJ-0004QP-SP;;;mid=<87wo8pb6h7.fsf@x220.int.ebiederm.org>;;;hst=in02.mta.xmission.com;;;ip=68.227.160.95;;;frm=ebiederm@xmission.com;;;spf=neutral X-XM-AID: U2FsdGVkX18c96o3FroerQ43pTuS8ANjCZtZB2o8mLY= X-SA-Exim-Connect-IP: 68.227.160.95 X-SA-Exim-Mail-From: ebiederm@xmission.com X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on sa03.xmission.com X-Spam-Level: X-Spam-Status: No, score=0.5 required=8.0 tests=ALL_TRUSTED,BAYES_50, DCC_CHECK_NEGATIVE,T_TM2_M_HEADER_IN_MSG,XMSubLong autolearn=disabled version=3.4.2 X-Spam-Virus: No X-Spam-Report: * -1.0 ALL_TRUSTED Passed through trusted hosts only via SMTP * 0.8 BAYES_50 BODY: Bayes spam probability is 40 to 60% * [score: 0.4663] * 0.7 XMSubLong Long Subject * 0.0 T_TM2_M_HEADER_IN_MSG BODY: No description available. * -0.0 DCC_CHECK_NEGATIVE Not listed in DCC * [sa03 1397; Body=1 Fuz1=1 Fuz2=1] X-Spam-DCC: XMission; sa03 1397; Body=1 Fuz1=1 Fuz2=1 X-Spam-Combo: ;Linus Torvalds X-Spam-Relay-Country: X-Spam-Timing: total 399 ms - load_scoreonly_sql: 0.03 (0.0%), signal_user_changed: 2.3 (0.6%), b_tie_ro: 1.64 (0.4%), parse: 0.67 (0.2%), extract_message_metadata: 12 (3.0%), get_uri_detail_list: 1.12 (0.3%), tests_pri_-1000: 13 (3.3%), tests_pri_-950: 1.09 (0.3%), tests_pri_-900: 0.85 (0.2%), tests_pri_-90: 26 (6.5%), check_bayes: 25 (6.2%), b_tokenize: 7 (1.8%), b_tok_get_all: 10 (2.6%), b_comp_prob: 1.97 (0.5%), b_tok_touch_all: 3.2 (0.8%), b_finish: 0.64 (0.2%), tests_pri_0: 244 (61.1%), check_dkim_signature: 0.40 (0.1%), check_dkim_adsp: 2.6 (0.7%), poll_dns_idle: 78 (19.6%), tests_pri_10: 2.6 (0.6%), tests_pri_500: 94 (23.6%), rewrite_mail: 0.00 (0.0%) Subject: Re: [PATCH v8 07/11] proc: flush task dcache entries from all procfs instances X-Spam-Flag: No X-SA-Exim-Version: 4.2.1 (built Thu, 05 May 2016 13:38:54 -0600) X-SA-Exim-Scanned: Yes (on in02.mta.xmission.com) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Linus Torvalds writes: > I guess a lot of readdir users end up doing a stat on it immediately > afterwards. I think right now we do it to get the inode number, and > maybe that is a basic requirement (even if I don't think it's really > stable - an inode could be evicted and then the ino changes, no?) All I know is proc_fill_cache seemed like a good idea at the time. I may have been to clever. While I think proc_fill_cache probably exacerbates the issue it isn't the reason we have the flushing logic. The proc flushing logic was introduced in around 2.5.9 much earlier than the other proc things. commit 0030633355db2bba32d97655df73b04215018ab9 Author: Alexander Viro Date: Sun Apr 21 23:03:37 2002 -0700 [PATCH] (3/5) sane procfs/dcache interaction - sane dentry retention. Namely, we don't kill /proc/ dentries at the first opportunity (as the current tree does). Instead we do the following: * ->d_delete() kills it only if process is already dead. * all ->lookup() in proc/base.c end with checking if process is still alive and unhash if it isn't. * proc_pid_lookup() (lookup for /proc/) caches reference to dentry in task_struct. It's _not_ counted in ->d_count. * ->d_iput() resets said reference to NULL. * release_task() (burying a zombie) checks if there is a cached reference and if there is - shrinks the subtree. * tasklist_lock is used for exclusion. That way we are guaranteed that after release_task() all dentries in /proc/ will go away as soon as possible; OTOH, before release_task() we have normal retention policy - they go away under memory pressure with the same rules as for dentries on any other fs. Tracking down when this logic was introduced I also see that this code has broken again and again any time proc changes (like now). So it is definitely subtle and fragile. Eric