Received: by 2002:a05:7412:2a8c:b0:e2:908c:2ebd with SMTP id u12csp3465795rdh; Thu, 28 Sep 2023 12:27:59 -0700 (PDT) X-Google-Smtp-Source: AGHT+IGlBTyCeRfYN10JccLqA5ORnJiyC5dfS0ikFjbnbKgBnaomeHLrJvr85LlyELD36Utv0rAP X-Received: by 2002:a17:903:41c7:b0:1bd:d510:78fb with SMTP id u7-20020a17090341c700b001bdd51078fbmr3867412ple.3.1695929278804; Thu, 28 Sep 2023 12:27:58 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1695929278; cv=none; d=google.com; s=arc-20160816; b=BnSyR65ktNi5jgQiBigHldudJoJmXkP7ICKwImO255kCkmkHmP0xTUMtHaZDj7/dGR ibcdlfBiDozvx2Y4fZS0Fpy+qCdMao9T2MmBjgOFRhMNXI3zTngFzitFVy6fMVLGN8Hv 1X4P0XRfO0rf/ydA7La3UosEvHzZ0f5nuOHUPcHCneLWpPRMmqOmsxsbRU9yl1S6kWLP gMJpMMy8xyNdbyt+ZWMPKHmc9wam8hRZNCfDF0M/YGVVBHjDs7sppb2hHaJtUYAtPhR9 JEeZQ61ncr2F6CmAXb91gy+CRNpdIchpjL+GxP6v9/1y8HWYvOt3kLJ8FKG/rpjctFrC 0IlQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:references:in-reply-to:subject:cc:to:from :dkim-signature:dkim-signature; bh=KvZ2+lVVGC6fG0+TRC9F7fERAgSpJyW4xAyt96q+Vxc=; fh=DAxWT98bcJKj2DTbwMRbXyUbDUsocGzRbbDZvMLtZnA=; b=neKqnz3EyHGlnq3YJ/YCHjQlVw0Lkr9e3cP6ZRXjPLEPROqtz79Rek6RPcjp9WsjS0 tCoR+E2wwnbfUf/TwQR17Wwdu8Zz0QtqNWq65osWWHvyaH67AFVbAKHoGcUJyWvb8mkV nCJlTfllpwxk8Xuc6Tu6N0KyN7G3sRsuySPx6mgxO4HnSf+CdI/HNQo4CWI1G7qpPlbt yJeQ8aysI1jKpOibeVIkCHxqBVruyPQSjfimNpHUq8IRk6pOJKWz+92g9Pm5OYji1aNN CbXp6Z8YhDGoQmEN8Ac1kMGBtDFcER1lARszqhwVtZrafZ6FJK7xXcEpz3GZHlz/kMeu Rdjw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@suse.de header.s=susede2_rsa header.b=ptCb4TYC; dkim=neutral (no key) header.i=@suse.de; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:7 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=suse.de Return-Path: Received: from snail.vger.email (snail.vger.email. [2620:137:e000::3:7]) by mx.google.com with ESMTPS id w2-20020a637b02000000b00573fb2f7537si19640012pgc.586.2023.09.28.12.27.58 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 28 Sep 2023 12:27:58 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:7 as permitted sender) client-ip=2620:137:e000::3:7; Authentication-Results: mx.google.com; dkim=pass header.i=@suse.de header.s=susede2_rsa header.b=ptCb4TYC; dkim=neutral (no key) header.i=@suse.de; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:7 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=suse.de Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by snail.vger.email (Postfix) with ESMTP id 4A302831DBF1; Thu, 28 Sep 2023 08:07:01 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at snail.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231696AbjI1PGs (ORCPT + 99 others); Thu, 28 Sep 2023 11:06:48 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59398 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231612AbjI1PGq (ORCPT ); Thu, 28 Sep 2023 11:06:46 -0400 Received: from smtp-out2.suse.de (smtp-out2.suse.de [195.135.220.29]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 48431194; Thu, 28 Sep 2023 08:06:43 -0700 (PDT) Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by smtp-out2.suse.de (Postfix) with ESMTPS id C6AED1F45A; Thu, 28 Sep 2023 15:06:41 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_rsa; t=1695913601; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=KvZ2+lVVGC6fG0+TRC9F7fERAgSpJyW4xAyt96q+Vxc=; b=ptCb4TYC9YIVqfS0D/JnTThCt0sxx34Ez/BPz+d/vIoTaGgsjrQt9CHdoYPmKnDl6Vmarh E4TWTAqwhEKcx3Mg9zxMQ/fkC/GEZFnUJc3gt0AwVkiRzV4Et26KMisDfjIUj0eEo9FEPq 8rYjoRH1uiAzlHqCWAM6+cTZRR7IloI= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_ed25519; t=1695913601; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=KvZ2+lVVGC6fG0+TRC9F7fERAgSpJyW4xAyt96q+Vxc=; b=eZXGn5WYGpuUYBxLrc2R6x3cywtFddiSOY5dU3T2qpkP9eTjacRpEkSU0VKcnupuj1aUVM g+4hX5BouSriSZAw== Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by imap2.suse-dmz.suse.de (Postfix) with ESMTPS id 5FC8E138E9; Thu, 28 Sep 2023 15:06:41 +0000 (UTC) Received: from dovecot-director2.suse.de ([192.168.254.65]) by imap2.suse-dmz.suse.de with ESMTPSA id ygAfFIGWFWUkIwAAMHmgww (envelope-from ); Thu, 28 Sep 2023 15:06:41 +0000 Received: from localhost (brahms.olymp [local]) by brahms.olymp (OpenSMTPD) with ESMTPA id 55947dc4; Thu, 28 Sep 2023 15:06:40 +0000 (UTC) From: =?utf-8?Q?Lu=C3=ADs_Henriques?= To: Mateusz Guzik Cc: Alexander Viro , Christian Brauner , David Howells , linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH] fs: fix possible extra iput() in do_unlinkat() In-Reply-To: <20230928134513.l2y3eknt2hfq3qgx@f> (Mateusz Guzik's message of "Thu, 28 Sep 2023 15:45:13 +0200") References: <20230928131129.14961-1-lhenriques@suse.de> <20230928134513.l2y3eknt2hfq3qgx@f> Date: Thu, 28 Sep 2023 16:06:40 +0100 Message-ID: <878r8q1gn3.fsf@suse.de> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED,SPF_HELO_NONE, SPF_PASS autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (snail.vger.email [0.0.0.0]); Thu, 28 Sep 2023 08:07:01 -0700 (PDT) Mateusz Guzik writes: > On Thu, Sep 28, 2023 at 02:11:29PM +0100, Lu=C3=ADs Henriques wrote: >> Because inode is being initialised before checking if dentry is negative, >> and the ihold() is only done if the dentry is *not* negative, the cleanup >> code may end-up doing an extra iput() on that inode. >>=20 >> Fixes: b18825a7c8e3 ("VFS: Put a small type field into struct dentry::d_= flags") >> Signed-off-by: Lu=C3=ADs Henriques >> --- >> Hi! >>=20 >> I was going to also remove the 'if (inode)' before the 'iput(inode)', >> because 'iput()' already checks for NULL anyway. But since I probably >> wouldn't have caught this bug if it wasn't for that 'if', I decided to >> keep it there. But I can send v2 with that change too if you prefer. >>=20 >> Cheers, >> -- >> Lu=C3=ADs >>=20 >> fs/namei.c | 4 +--- >> 1 file changed, 1 insertion(+), 3 deletions(-) >>=20 >> diff --git a/fs/namei.c b/fs/namei.c >> index 567ee547492b..156a570d7831 100644 >> --- a/fs/namei.c >> +++ b/fs/namei.c >> @@ -4386,11 +4386,9 @@ int do_unlinkat(int dfd, struct filename *name) >> if (!IS_ERR(dentry)) { >>=20=20 >> /* Why not before? Because we want correct error value */ >> - if (last.name[last.len]) >> + if (last.name[last.len] || d_is_negative(dentry)) >> goto slashes; >> inode =3D dentry->d_inode; >> - if (d_is_negative(dentry)) >> - goto slashes; >> ihold(inode); >> error =3D security_path_unlink(&path, dentry); >> if (error) > > I ran into this myself, but I'm pretty sure there is no bug here. The > code is just incredibly misleading and it became this way from the > sweeping change introducing d_is_negative. I could not be bothered to > argue about patching it so I did not do anything. ;) > > AFAICS it is an invariant that d_is_negative passes iff d_inode is NULL. Ah! yes, of course. Makes sense. Thanks for your review. > Personally I support the patch, but commit message needs to stop > claiming a bug. OK, I'll rephrase the commit message for v2 so that it's clear it's not really fixing anything, it just helps clarifying some misleading code paths. (Although, to be fair, the commit message doesn't really explicitly call it a bug :-) ). Cheers, --=20 Lu=C3=ADs