Received: by 2002:a05:6358:795:b0:dc:4c66:fc3e with SMTP id n21csp1953041rwj; Sun, 30 Oct 2022 08:56:03 -0700 (PDT) X-Google-Smtp-Source: AMsMyM7Qnjl2m+u5rz7mafM33sglfcwFHDxBqGHJB3g+MM3qEJaaP6p7fKNvRt1T6UfVCjqQsSul X-Received: by 2002:a05:6402:378c:b0:458:8053:6c5f with SMTP id et12-20020a056402378c00b0045880536c5fmr9176950edb.9.1667145363664; Sun, 30 Oct 2022 08:56:03 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1667145363; cv=none; d=google.com; s=arc-20160816; b=lEspzaHemPLMVYfT0bipENyaIsSPFuf0s1gNDWN7oVKPE5HDZq4uCf7B3qJyAWgi2/ 3VuSdbFGWCQUXF6HQ2r/PBlOeNE3wLFRo6knwSTG6qPTB/whdSlwBfzN6sk9E11JAOwQ h7zfTLqS30X/nLJ4kTunYNhaZGa0ZcPPNiadZFEG5/+BTpyrprHfv09WdLDdXPTzl8WB NF3+dznZmuWAzwWRvr30up5k/WJFNfIFyR5318rOn21ClIegd3zVKIWgh6k+xGRf+ppT oEkyghZ9ruT9gkwPy6R6r3XJZkFutpolXu72Ow+18DpbdVygFe9/GOz5AbaeBgHLKDBN tvxQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:user-agent:in-reply-to:content-transfer-encoding :content-disposition:mime-version:references:message-id:subject:cc :to:from:date; bh=tXVs4O0HjWQ2nDb5YFn+1m2fNFolZtTBrxKka7zuvBM=; b=eGiKriP+QIYjzcU1tU+xN6Ves1rWnW3zrmzlOU/d8QWHwLtJ9MkX2PJtaXJw8BxsNj kwhKk0BoBukWED7187ho3vCWOoZ8P5M2UDhgQk+GZaPi2737YLlgg6B768woKcY84tfu v0TXQ7r12YrQoYCV/6MP81z3r3cH/Ll1+Q+w3BiUXb09wDLLr+JEOdW6D+jNmHo2bgLT P2UC4CuoproKkaYPhX4+sNY+JtM/7ifHxj79KL78mHZEPOPGNTrlJ+jW/IAzSp6F2Ulk OtGpMI+yn+jC2myylLOviSj5rl1wRgjTrovwjejuIhWqFZ+nRfAqPFSYacimThVAo+UR kWow== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id t9-20020a50ab49000000b0045fb7a04ce0si4083255edc.148.2022.10.30.08.55.37; Sun, 30 Oct 2022 08:56:03 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229776AbiJ3Par (ORCPT + 99 others); Sun, 30 Oct 2022 11:30:47 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42112 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229441AbiJ3Paq (ORCPT ); Sun, 30 Oct 2022 11:30:46 -0400 Received: from verein.lst.de (verein.lst.de [213.95.11.211]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E3E0360D0; Sun, 30 Oct 2022 08:30:45 -0700 (PDT) Received: by verein.lst.de (Postfix, from userid 2407) id 15A1C68AA6; Sun, 30 Oct 2022 16:30:41 +0100 (CET) Date: Sun, 30 Oct 2022 16:30:40 +0100 From: Christoph Hellwig To: Yu Kuai Cc: Christoph Hellwig , axboe@kernel.dk, willy@infradead.org, kch@nvidia.com, martin.petersen@oracle.com, johannes.thumshirn@wdc.com, ming.lei@redhat.com, linux-block@vger.kernel.org, linux-kernel@vger.kernel.org, yi.zhang@huawei.com, "yukuai (C)" Subject: Re: [PATCH -nect RFC v2 0/2] block: fix uaf in bd_link_disk_holder() Message-ID: <20221030153040.GB9676@lst.de> References: <20221020132049.3947415-1-yukuai3@huawei.com> <20221020164712.GA14773@lst.de> <0ad09045-1012-e86b-41f2-a88d02e8f1ed@huaweicloud.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <0ad09045-1012-e86b-41f2-a88d02e8f1ed@huaweicloud.com> User-Agent: Mutt/1.5.17 (2007-11-01) X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_NONE, SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Oct 21, 2022 at 11:15:34AM +0800, Yu Kuai wrote: > Hi, > > 在 2022/10/21 0:47, Christoph Hellwig 写道: >> As mentioned before I don't think we should make this even more >> crufty in the block layer. See the series I just sent to move it int >> dm. > > It seems we had some misunderstanding, the problem I tried to fix here > should not just related to dm, but all the caller of > bd_link_disk_holder(). As far as I can tell the problem was just that patch 1 in my series blows away the bd_holder_dir pointer in part0 on del_gendisk. Each holder actually holds a reference to the kobject, so the memory for it is still valid, it's just that the pointer got cleared. I'll send a v2 in a bit.