Received: by 2002:a05:6a10:413:0:0:0:0 with SMTP id 19csp1887257pxp; Thu, 17 Mar 2022 20:27:01 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwNAqUmMp/IHEseYKwhaUKbxoSmxxMfQt8J00hkXazsqJXnZYOGltePzqnqfvi3LnqNJ82D X-Received: by 2002:aa7:cc82:0:b0:410:d2b0:1a07 with SMTP id p2-20020aa7cc82000000b00410d2b01a07mr7538496edt.359.1647574021540; Thu, 17 Mar 2022 20:27:01 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1647574021; cv=none; d=google.com; s=arc-20160816; b=vZv3c8+h+NxZ/04uQ51MN4t50EGabuORNyIRUGmeBc9KaF2Na/bOOjaiH8tTP2WMq8 CVVIG5lwFqA9n+3Rl+VcwiI0bjbsx0hDQEEEfVXugLCJJzoZDh7tfkA/Ww2RkdC3NM07 nIEREPeEKoYPc93atCGQ5iECm53r5FNAki7TyFskRGuuu9TOzOmqSXvxu8S3pKjJIwHH fIcAi5w2O7AHKV5KvNy0n0JIsMw36c0QywAKxAZYFXGuzu0t0+aB70/dkS7w/oRs4OpJ h/GZmXEIOlJWur1I6CIOtOVksLQc98VfCyCoOs6m9L2+glUZO0K+rsVDnSr8Wl7EIZEY yS4w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date; bh=sIxUMuggK6et3xQQqJZMDBtFx3giea/9NBfyyQwMmJw=; b=WxyGbBbJ3JJ9YghsZNYlW+ZhoUZUlFnMCQ0QeGm/5arR4w2khl9+gGRKahPm21HtTE eR2ghnL4ROfAonnoavzX8ia2zP3VRKkAmZX/m0HMEDxl/5/0jmLfKx9IzOM8EfPQp7WZ k5MlZcWej/Wesx4iME4a9N3modCS9+ElCdMincS2rGvIQ8zEmSeoy78p0VZmBLcE+mk7 KTX9KC5ucAqCVL2PNOsL4H6Fix7wXdnKSixAsySYPZkJb6hvCu9cceo0KoIDbUqx6FiY c91BvTNBGgZX23UO0zCw9MDCswKU5fEwXNaI0p+Ukx5T1odAv3jSwiguYHPbEbNYyUEi mn1g== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id o10-20020a509b0a000000b00418c2b5be23si3014826edi.261.2022.03.17.20.26.36; Thu, 17 Mar 2022 20:27:01 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230325AbiCRAIo (ORCPT + 99 others); Thu, 17 Mar 2022 20:08:44 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59196 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229490AbiCRAIn (ORCPT ); Thu, 17 Mar 2022 20:08:43 -0400 Received: from zeniv-ca.linux.org.uk (zeniv-ca.linux.org.uk [142.44.231.140]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0F4EF2AA18A for ; Thu, 17 Mar 2022 17:07:26 -0700 (PDT) Received: from viro by zeniv-ca.linux.org.uk with local (Exim 4.94.2 #2 (Red Hat Linux)) id 1nV09J-00D5Fg-Ih; Fri, 18 Mar 2022 00:07:21 +0000 Date: Fri, 18 Mar 2022 00:07:21 +0000 From: Al Viro To: Imran Khan Cc: tj@kernel.org, gregkh@linuxfoundation.org, akpm@linux-foundation.org, linux-kernel@vger.kernel.org Subject: Re: [RESEND PATCH v7 7/8] kernfs: Replace per-fs rwsem with hashed rwsems. Message-ID: References: <20220317072612.163143-1-imran.f.khan@oracle.com> <20220317072612.163143-8-imran.f.khan@oracle.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20220317072612.163143-8-imran.f.khan@oracle.com> Sender: Al Viro X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_NONE,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Mar 17, 2022 at 06:26:11PM +1100, Imran Khan wrote: > diff --git a/fs/kernfs/symlink.c b/fs/kernfs/symlink.c > index 9d4103602554..cbdd1be5f0a8 100644 > --- a/fs/kernfs/symlink.c > +++ b/fs/kernfs/symlink.c > @@ -113,12 +113,19 @@ static int kernfs_getlink(struct inode *inode, char *path) > struct kernfs_node *kn = inode->i_private; > struct kernfs_node *parent = kn->parent; > struct kernfs_node *target = kn->symlink.target_kn; > - struct rw_semaphore *rwsem; > + struct kernfs_rwsem_token token; > int error; > > - rwsem = kernfs_down_read(parent); > + /** > + * Lock both parent and target, to avoid their movement > + * or removal in the middle of path construction. > + * If a competing remove or rename for parent or target > + * wins, it will be reflected in result returned from > + * kernfs_get_target_path. > + */ > + kernfs_down_read_double_nodes(target, parent, &token); > error = kernfs_get_target_path(parent, target, path); > - kernfs_up_read(rwsem); > + kernfs_up_read_double_nodes(target, parent, &token); > > return error; > } No. Read through the kernfs_get_target_path(). Why would locking these two specific nodes be sufficient for anything useful? That code relies upon ->parent of *many* nodes being stable. Which is not going to be guaranteed by anything of that sort. And it's not just "we might get garbage if we race" - it's "we might walk into kfree'd object and proceed to walk the pointer chain". Or have this loop kn = target; while (kn->parent && kn != base) { len += strlen(kn->name) + 1; kn = kn->parent; } see the names that are not identical to what we see in kn = target; while (kn->parent && kn != base) { int slen = strlen(kn->name); len -= slen; memcpy(s + len, kn->name, slen); if (len) s[--len] = '/'; kn = kn->parent; } done later in the same function. With obvious unpleasant effects. Or a different set of nodes, for that matter. This code really depends upon the tree being stable. No renames of any sort allowed during that thing.