Received: by 2002:a05:7412:2a8c:b0:e2:908c:2ebd with SMTP id u12csp3449086rdh; Thu, 28 Sep 2023 11:58:10 -0700 (PDT) X-Google-Smtp-Source: AGHT+IH2pRntQBPn9X54NJWjfDiXot27q/hTjRFHBbf0EsXrttxDhQEVi8V9oty0iyI1895UqtGx X-Received: by 2002:a17:90b:1c03:b0:268:5620:cfc7 with SMTP id oc3-20020a17090b1c0300b002685620cfc7mr2032975pjb.30.1695927490502; Thu, 28 Sep 2023 11:58:10 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1695927490; cv=none; d=google.com; s=arc-20160816; b=Sa/9T7eb6MJXBtozO1Y8AqRLFHtoaXWG3yfiEAWWFOl2Ib5RZFfGY6By6DtkcBOKJB NvAgR22JBiYY3o59nl33icEOpb3cj+5xy7cH8HlKMZq7b3nlS7XiRA5jmLfMSLC1vgtX EMr262VUln0l6ee3u4m8MmkNblc4yIyb5+sFaY+d6ym86ZACxOUQ177ij6Jqgf74RIgw QrNouC0F9CcVXqWk3J8EMYDEgnbD0NYloenQ4uJHb6izpdt8T/qCi22q05sbl2zJ2YqQ bENXw87pX9+43yOVJsE+wnSVBhwAE4DIhvbQ2gUxc5DwkhNvU72cBYmEgDhPSf8NiPYB 62Bg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-transfer-encoding :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature; bh=s3ivXPHPFKDuDR/2N/73eTsr7zstsBXJOHHUFK4hFGk=; fh=MeRIyUmYsHcHIzcS9OLfen3UVBm+QcGEq4zHK5h8L7M=; b=PHuiZYoEPar57h6MVtkOweRHGxCheWAfdfKLx5Nuy0Pr9CQ9NuuCB2fDPIzlhyBxms 7s7d+GOG4rt10NW98UcYxwzxE2TMX5avpEk8Snjoh9NkR0n9eEJ7fH3gPuFN8SJtGHa7 pQzR+t6fazFiBMQimve9kV/Ak89SprsaK7W/NPElK9lz1zJa44zcsxQ2SkxJ5faDP4/z dxM2TSI/UQ7wezLMjWrie9ANw6tFNrmqFQWkAD1dZaio8Z0mrhCAGofoYnOUBZqJKLVM 9W8YAXbuI0qRRjpmxlHBBe2lRnntWup/6qHcqK9xwbQLg8Eztm3RDEypWB/YePuG3eEr 2d4Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20230601 header.b=Rk7egRWF; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.33 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from lipwig.vger.email (lipwig.vger.email. [23.128.96.33]) by mx.google.com with ESMTPS id gq7-20020a17090b104700b0027763f3e3c8si10428548pjb.186.2023.09.28.11.58.10 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 28 Sep 2023 11:58:10 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.33 as permitted sender) client-ip=23.128.96.33; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20230601 header.b=Rk7egRWF; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.33 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by lipwig.vger.email (Postfix) with ESMTP id 695E78051B3E; Thu, 28 Sep 2023 06:46:13 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at lipwig.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232286AbjI1Npk (ORCPT + 99 others); Thu, 28 Sep 2023 09:45:40 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59826 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231871AbjI1Npi (ORCPT ); Thu, 28 Sep 2023 09:45:38 -0400 Received: from mail-wr1-x434.google.com (mail-wr1-x434.google.com [IPv6:2a00:1450:4864:20::434]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A7FA2194; Thu, 28 Sep 2023 06:45:36 -0700 (PDT) Received: by mail-wr1-x434.google.com with SMTP id ffacd0b85a97d-3247d69ed2cso2436639f8f.0; Thu, 28 Sep 2023 06:45:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1695908735; x=1696513535; darn=vger.kernel.org; h=in-reply-to:content-transfer-encoding:content-disposition :mime-version:references:message-id:subject:cc:to:from:date:from:to :cc:subject:date:message-id:reply-to; bh=s3ivXPHPFKDuDR/2N/73eTsr7zstsBXJOHHUFK4hFGk=; b=Rk7egRWFgzDY49cueU9wBVgP0mkayb5esMI+6EnDunAt34VQzX31GMKIZM0OhZMcE/ 9V7jAYyR4cTpSLQdGvPuIyLuEd3nSkFtrQwKbfJmHZOoKorApFuprNEpuaTu7180cXWi 87374VURU91rl4vshzp0pSirOIsO9ETydxHi/QEbV0Ok6qBtksxidIGQRueHGfWrpahM nNpTDVP6lTMfl8x3g7mEhnVtpoZLatIn804/Mnl0XS6Ror4KpqQ9Bo9oe0Dcm+deYzRy pRwGgrZ7qNmEyN9pXTXqsY0LouAOnky2Kyo36prbNisjjstts3AMi+TOshsNfZQrGFVi McHg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1695908735; x=1696513535; h=in-reply-to:content-transfer-encoding:content-disposition :mime-version:references:message-id:subject:cc:to:from:date :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=s3ivXPHPFKDuDR/2N/73eTsr7zstsBXJOHHUFK4hFGk=; b=Syl1JMdk+pUYmixFa3tT6FWKiOjil5kAV19AYhZ7AWAHoAZwBr7iCE/bm+ST4DIdtb Peqg/vG1wsHp1N+jsIdqcoezJTqBonlsQjmJeRi4+NGwSi70d83VAlXPIWjMlsciyyAP R9NTcbb6koJS325SibesdQNhbZJ6IL1N8k8U4EgCaFY8PXRNjdCKG8SpoQsJ5N9MrAGF KDEGeUV7ql7e0WILJa+t9KveaG884YZuyybJ+X9mjLbuQb3g2jLA0fTQ5fpxcYV3/L93 r2EV93FM7OJ1epBIdPCPN7HyO2v+i8aGj8fGIrtwq2Fky4msbgqtvnsLvZYYqOMdgPGg u59g== X-Gm-Message-State: AOJu0YxSEyhhlNbjcrLE0NfDTF0a6M8WxX5w8lUa8mWFA1RMdruiFSbP qF6iXCSKfehoZ17Sy0rPaAk= X-Received: by 2002:a5d:414e:0:b0:320:1d1:71c4 with SMTP id c14-20020a5d414e000000b0032001d171c4mr1205634wrq.23.1695908734828; Thu, 28 Sep 2023 06:45:34 -0700 (PDT) Received: from f (cst-prg-67-191.cust.vodafone.cz. [46.135.67.191]) by smtp.gmail.com with ESMTPSA id c25-20020adfa319000000b00324853fc8adsm1458270wrb.104.2023.09.28.06.45.32 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 28 Sep 2023 06:45:33 -0700 (PDT) Date: Thu, 28 Sep 2023 15:45:13 +0200 From: Mateusz Guzik To: =?utf-8?B?THXDrXM=?= Henriques Cc: Alexander Viro , Christian Brauner , David Howells , linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH] fs: fix possible extra iput() in do_unlinkat() Message-ID: <20230928134513.l2y3eknt2hfq3qgx@f> References: <20230928131129.14961-1-lhenriques@suse.de> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <20230928131129.14961-1-lhenriques@suse.de> X-Spam-Status: No, score=-0.6 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE, SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lipwig.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (lipwig.vger.email [0.0.0.0]); Thu, 28 Sep 2023 06:46:13 -0700 (PDT) On Thu, Sep 28, 2023 at 02:11:29PM +0100, Luís Henriques wrote: > Because inode is being initialised before checking if dentry is negative, > and the ihold() is only done if the dentry is *not* negative, the cleanup > code may end-up doing an extra iput() on that inode. > > Fixes: b18825a7c8e3 ("VFS: Put a small type field into struct dentry::d_flags") > Signed-off-by: Luís Henriques > --- > Hi! > > I was going to also remove the 'if (inode)' before the 'iput(inode)', > because 'iput()' already checks for NULL anyway. But since I probably > wouldn't have caught this bug if it wasn't for that 'if', I decided to > keep it there. But I can send v2 with that change too if you prefer. > > Cheers, > -- > Luís > > fs/namei.c | 4 +--- > 1 file changed, 1 insertion(+), 3 deletions(-) > > diff --git a/fs/namei.c b/fs/namei.c > index 567ee547492b..156a570d7831 100644 > --- a/fs/namei.c > +++ b/fs/namei.c > @@ -4386,11 +4386,9 @@ int do_unlinkat(int dfd, struct filename *name) > if (!IS_ERR(dentry)) { > > /* Why not before? Because we want correct error value */ > - if (last.name[last.len]) > + if (last.name[last.len] || d_is_negative(dentry)) > goto slashes; > inode = dentry->d_inode; > - if (d_is_negative(dentry)) > - goto slashes; > ihold(inode); > error = security_path_unlink(&path, dentry); > if (error) I ran into this myself, but I'm pretty sure there is no bug here. The code is just incredibly misleading and it became this way from the sweeping change introducing d_is_negative. I could not be bothered to argue about patching it so I did not do anything. ;) AFAICS it is an invariant that d_is_negative passes iff d_inode is NULL. Personally I support the patch, but commit message needs to stop claiming a bug.