Received: by 2002:a6b:500f:0:0:0:0:0 with SMTP id e15csp6151323iob; Tue, 10 May 2022 11:27:10 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyY7GXVk84Fbz0TMGrsPs4k2LUOfxTTw5yf3U5jHNyyZP+di0RF3Y01odwT/YIDL8In6pCo X-Received: by 2002:a17:906:32d5:b0:6f3:be75:8485 with SMTP id k21-20020a17090632d500b006f3be758485mr20918894ejk.685.1652207229942; Tue, 10 May 2022 11:27:09 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1652207229; cv=none; d=google.com; s=arc-20160816; b=Cys5Zu9I4uB/xo0GqhgjmZ4IQDP3oXK6lasPIQbcRg8m64Dn+hAqhtqPZNRxZc3H7H GuZQn5Zb9uvGqk9vpfvNugKbyr5a0keMQi7Lpwch9FFH+27hCcI8IKUdPXXSSJLxYMAR tvpssbHoK8XvgtK7fqTV3YwyeJ9EYETo4GCOtc6jquM0dAgn5943Y0ZyucjwIRqBi/EA zy5OLf9VpirUJqvo4KZWP9u6qpxAWeCAkR3TeYc7N4HAcir0g3nBqmWzG9+Qftz36wEi rBgGCwzYxFB1/Bx3S3AhYXa3dQdZWUHZaIDlhJIxYpO/vFHmmPyyT+dzbsjGjTtC6pDg VqhQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:user-agent:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date; bh=iXKfW5j1h8/KIfh47Ep/PAp3SnLqz0wRQJohbYWVMJ8=; b=N9Mmyl5ilqi3hfPK8Bz0yFGo6KBp5QzMsViMMMPS/mhZuDgsHD6EfewhvJQXUW4f3m OVSf9HIbNpaUItrlzwZHawMCHh/DN/EhNags3wYBxg330VSvfJHqsocSXPfEPNXKYN9u dfaxYh6TsH/CMAP6tMV2fQDmoQizrNhqLlSWP8MtdTOWl9fQBnUrOmVRUBpGya60TEED Y2USaBAFjB43IczUw55h69OmL4dtyEbGc3Ukp09f/6Q+rHNAksxR14MW66NEo5ixDFgp bmSxyochdEWXf2LCVW914SRloZS6qJ0Qd7mETp8yW05fz95CiK2oPtf6n/n4iw5mX3Wi O9LA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id k22-20020a056402049600b00425d52c0609si4286084edv.123.2022.05.10.11.26.44; Tue, 10 May 2022 11:27:09 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S244905AbiEJOuj (ORCPT + 99 others); Tue, 10 May 2022 10:50:39 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47640 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1345073AbiEJOuG (ORCPT ); Tue, 10 May 2022 10:50:06 -0400 Received: from mail.hallyn.com (mail.hallyn.com [178.63.66.53]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 84D06309346; Tue, 10 May 2022 07:10:27 -0700 (PDT) Received: by mail.hallyn.com (Postfix, from userid 1001) id 4C681890; Tue, 10 May 2022 09:10:25 -0500 (CDT) Date: Tue, 10 May 2022 09:10:25 -0500 From: "Serge E. Hallyn" To: Christian Brauner Cc: "Serge E. Hallyn" , Stefan Berger , linux-integrity@vger.kernel.org, zohar@linux.ibm.com, christian.brauner@ubuntu.com, containers@lists.linux.dev, dmitry.kasatkin@gmail.com, ebiederm@xmission.com, krzysztof.struczynski@huawei.com, roberto.sassu@huawei.com, mpeters@redhat.com, lhinds@redhat.com, lsturman@redhat.com, puiterwi@redhat.com, jejb@linux.ibm.com, jamjoom@us.ibm.com, linux-kernel@vger.kernel.org, paul@paul-moore.com, rgb@redhat.com, linux-security-module@vger.kernel.org, jmorris@namei.org, jpenumak@redhat.com, John Johansen , Matthew Garrett , Micah Morton , Kentaro Takeda , Jarkko Sakkinen Subject: Re: [PATCH v12 01/26] securityfs: rework dentry creation Message-ID: <20220510141025.GA7290@mail.hallyn.com> References: <20220420140633.753772-1-stefanb@linux.ibm.com> <20220420140633.753772-2-stefanb@linux.ibm.com> <20220509195414.GA30894@mail.hallyn.com> <20220510102525.hlt2rm3k3hg5r6gg@wittgenstein> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20220510102525.hlt2rm3k3hg5r6gg@wittgenstein> User-Agent: Mutt/1.9.4 (2018-02-28) X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_PASS, SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, May 10, 2022 at 12:25:25PM +0200, Christian Brauner wrote: > On Mon, May 09, 2022 at 02:54:14PM -0500, Serge Hallyn wrote: > > On Wed, Apr 20, 2022 at 10:06:08AM -0400, Stefan Berger wrote: > > > From: Christian Brauner > > > > > > When securityfs creates a new file or directory via > > > securityfs_create_dentry() it will take an additional reference on the > > > newly created dentry after it has attached the new inode to the new > > > dentry and added it to the hashqueues. > > > If we contrast this with debugfs which has the same underlying logic as > > > securityfs. It uses a similar pairing as securityfs. Where securityfs > > > has the securityfs_create_dentry() and securityfs_remove() pairing, > > > debugfs has the __debugfs_create_file() and debugfs_remove() pairing. > > > > > > In contrast to securityfs, debugfs doesn't take an additional reference > > > on the newly created dentry in __debugfs_create_file() which would need > > > to be put in debugfs_remove(). > > > > > > The additional dget() isn't a problem per se. In the current > > > implementation of securityfs each created dentry pins the filesystem via > > > > Is 'via' an extra word here or is there a missing word? > > > > I'll delay the rest of my response as the missing word may answer my > > remaining question :) > > It can be both. It should either be removed or it should be followed by > "securityfs_create_dentry()". securityfs_create_dentry() takes two > references one in lookup_one_len() and another one explicitly via > dget(). The latter one isn't needed. Some of that has been covered in an > earlier thread: > https://lore.kernel.org/lkml/20220105101815.ldsm4s5yx7pmuiil@wittgenstein Yes, I saw that two references were being taken. And near as I can tell, the second one was never being dropped. So if you tell me that before this patch the dentries are never freed, then I'm happy. Otherwise, I'm bothered the fact that no matching dput is being deleted in the code (to match the extra dget being removed). So where is the code where the final dput was happening, and is it the d_delete() you're adding which is making it so that that dput won't be called now?