Received: by 2002:a05:6358:1087:b0:cb:c9d3:cd90 with SMTP id j7csp5993952rwi;
        Tue, 18 Oct 2022 06:56:15 -0700 (PDT)
X-Google-Smtp-Source: AMsMyM54e2SiqC+tyyTRu/vBPpX4XSIPkz12HvXjc8mvem5ux/Plt4VxK4bf41gJHEs8dxZeclAG
X-Received: by 2002:a17:907:3da2:b0:78d:3b45:11d9 with SMTP id he34-20020a1709073da200b0078d3b4511d9mr2538992ejc.87.1666101375542;
        Tue, 18 Oct 2022 06:56:15 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1666101375; cv=none;
        d=google.com; s=arc-20160816;
        b=lvz+rWn363MKI+b0OCuozdCFcPNJXg6YcATm14KUOcQSznNia+ODr3KiIPf05hOJ5o
         NjUYHt47UglB/WN4KMLD4IHePx3dxfzwSq5UwILQyfLXpxSxatGZL+k8DNdg1oGgn1EA
         72R2rKUvzGWUWP+ueCs7kTfa7TaqJvyLyQdsfCzUzYKsfVrR+XbYjXxvOCCcI47lX6Q0
         tIrxbmP9DAfSrRBucHe6l14OPo1nNrKbv6+FgQ0vM1vbWwg6GX8WlCiV5Pb36kD96NMb
         VPUFgR+jgizxj2TbZ1dggDU02XAdURpoPW6arZ8seAiOleRCYcgHaY8wmrxdemGlE1Tt
         uAIA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:content-transfer-encoding:in-reply-to
         :mime-version:user-agent:date:message-id:from:references:cc:to
         :subject;
        bh=AL2UhuWO8XhI1q4yirl0qKk8+YdLHLS3yivSnjR4xvk=;
        b=UJ8Ue3I4z+6kqIF0K2cmljtTxl/UDNfZ5z0It5IDzh32Ui31f57iRlBZUEja+B50QD
         Q8cd2+WTA4sUJFiDuLNvQlCg+O8QYaJfCMOwR0XG5k5z3J7Aqw8bFVrr42v51wgyFWy8
         SdhYuZf8BnxQ5vBLpL/z+WHpz6vkzgHS+1MJ/PUYo+Qmj1UFOkUyez61inDbaz3l3ts6
         tZQkM7fffvrtTMU5lHED+mhoEa+6SQpiilvOcFudiYxVWcVH2OO0cCGATAQrs8LxJC0l
         IgadX1IlPGo67Ve/7d4mYrpgJUzDBsWaGV/tGZZbsxN6VGw0CZdntZV2UNOl8PLE50UX
         mabw==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20])
        by mx.google.com with ESMTP id l17-20020aa7c311000000b00458b6dd954dsi10668978edq.200.2022.10.18.06.55.48;
        Tue, 18 Oct 2022 06:56:15 -0700 (PDT)
Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S230307AbiJRNMW (ORCPT <rfc822;aravind.ht@gmail.com> + 99 others);
        Tue, 18 Oct 2022 09:12:22 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:39350 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S229788AbiJRNMO (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 18 Oct 2022 09:12:14 -0400
Received: from dggsgout11.his.huawei.com (dggsgout11.his.huawei.com [45.249.212.51])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 26B6836406;
        Tue, 18 Oct 2022 06:12:11 -0700 (PDT)
Received: from mail02.huawei.com (unknown [172.30.67.153])
        by dggsgout11.his.huawei.com (SkyGuard) with ESMTP id 4MsDjs21Przl6V4;
        Tue, 18 Oct 2022 21:10:09 +0800 (CST)
Received: from [10.174.176.73] (unknown [10.174.176.73])
        by APP4 (Coremail) with SMTP id gCh0CgD3PS4opk5jpJ03AA--.4670S3;
        Tue, 18 Oct 2022 21:12:10 +0800 (CST)
Subject: Re: [PATCH RFC 1/2] kobject: add return value for kobject_put()
To:     Greg KH <gregkh@linuxfoundation.org>
Cc:     hch@lst.de, axboe@kernel.dk, willy@infradead.org,
        martin.petersen@oracle.com, kch@nvidia.com,
        linux-block@vger.kernel.org, linux-kernel@vger.kernel.org,
        yukuai1@huaweicloud.com, yi.zhang@huawei.com,
        "yukuai (C)" <yukuai3@huawei.com>
References: <20221018131432.434167-1-yukuai3@huawei.com>
 <20221018131432.434167-2-yukuai3@huawei.com> <Y06je6LiDicUfzto@kroah.com>
From:   Yu Kuai <yukuai1@huaweicloud.com>
Message-ID: <2f962069-8fd9-08df-aa00-062b94569c36@huaweicloud.com>
Date:   Tue, 18 Oct 2022 21:12:08 +0800
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101
 Thunderbird/60.8.0
MIME-Version: 1.0
In-Reply-To: <Y06je6LiDicUfzto@kroah.com>
Content-Type: text/plain; charset=gbk; format=flowed
Content-Transfer-Encoding: 8bit
X-CM-TRANSID: gCh0CgD3PS4opk5jpJ03AA--.4670S3
X-Coremail-Antispam: 1UD129KBjvdXoW7Gw48CryxAryxXr48tFWrXwb_yoWDJwc_Cr
        WfAFZrCw4fWw1Ik3W8twn8GrW7trZF9a4jqrZFqr17Xa48WanxJrWUG34F9Fs7CrWktF1D
        Cr9Yy343Ww12vjkaLaAFLSUrUUUUUb8apTn2vfkv8UJUUUU8Yxn0WfASr-VFAUDa7-sFnT
        9fnUUIcSsGvfJTRUUUb3AFF20E14v26r4j6ryUM7CY07I20VC2zVCF04k26cxKx2IYs7xG
        6rWj6s0DM7CIcVAFz4kK6r1j6r18M28lY4IEw2IIxxk0rwA2F7IY1VAKz4vEj48ve4kI8w
        A2z4x0Y4vE2Ix0cI8IcVAFwI0_tr0E3s1l84ACjcxK6xIIjxv20xvEc7CjxVAFwI0_Gr1j
        6F4UJwA2z4x0Y4vEx4A2jsIE14v26rxl6s0DM28EF7xvwVC2z280aVCY1x0267AKxVW0oV
        Cq3wAS0I0E0xvYzxvE52x082IY62kv0487Mc02F40EFcxC0VAKzVAqx4xG6I80ewAv7VC0
        I7IYx2IY67AKxVWUJVWUGwAv7VC2z280aVAFwI0_Jr0_Gr1lOx8S6xCaFVCjc4AY6r1j6r
        4UM4x0Y48IcVAKI48JM4x0x7Aq67IIx4CEVc8vx2IErcIFxwACI402YVCY1x02628vn2kI
        c2xKxwCYjI0SjxkI62AI1cAE67vIY487MxAIw28IcxkI7VAKI48JMxC20s026xCaFVCjc4
        AY6r1j6r4UMI8I3I0E5I8CrVAFwI0_Jr0_Jr4lx2IqxVCjr7xvwVAFwI0_JrI_JrWlx4CE
        17CEb7AF67AKxVWUtVW8ZwCIc40Y0x0EwIxGrwCI42IY6xIIjxv20xvE14v26r1j6r1xMI
        IF0xvE2Ix0cI8IcVCY1x0267AKxVW8JVWxJwCI42IY6xAIw20EY4v20xvaj40_WFyUJVCq
        3wCI42IY6I8E87Iv67AKxVW8JVWxJwCI42IY6I8E87Iv6xkF7I0E14v26r4j6r4UJbIYCT
        nIWIevJa73UjIFyTuYvjfUoOJ5UUUUU
X-CM-SenderInfo: 51xn3trlr6x35dzhxuhorxvhhfrp/
X-CFilter-Loop: Reflected
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,NICE_REPLY_A,
        SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
        lindbergh.monkeyblade.net
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org



?? 2022/10/18 21:00, Greg KH д??:
> On Tue, Oct 18, 2022 at 09:14:31PM +0800, Yu Kuai wrote:
>> The return value will be used in later patch to fix uaf for slave_dir
>> and bd_holder_dir in block layer.
> 
> Then the user will be incorrect, this is not ok, you should never care
> if you are the last "put" on an object at all.  Hint, what happens right
> after you call this and get the result?
> 

I tried to reset the pointer to NULL in patch 2 to prevent uaf. And the
whole kobject_put() and pointer reset is protected by a mutex, the mutex
will be used on the reader side before kobject_get as well. So, in fact,
I'm protecting them by the mutex...

I can bypass it by using another reference anyway. But let's see if
anyone has suggestions on the other patch.

> sorry, but NAK.

I know the best way is too refactor the lifecycle of the problematic
bd_holder_dir/slave_dir, however, I gave that up because this seems
quite complicated and influence is very huge...

Thanks,
Kuai
> 
> greg k-h
> .
>