Re: [V9fs-developer] [PATCH 1/8] fs/9p: Deletion of unnecessary checks before the function call "p9_client_clunk"

From: Dominique Martinet
Date: Tue Jan 06 2015 - 03:33:14 EST


Hi,

Julia Lawall wrote on Mon, Jan 05, 2015 at 11:01:55PM +0100:
> > The error response is clear. Are any software developments efforts expected
> > to clean-up the call stack for unwanted null pointers even more?
>
> I found the original patch and looked at the call sites. None of them
> calls dump_stack. The behavior is thus not the same. With your change,
> something that was previously treated in an orderly manner will be
> converted to something that looks like an oops. I assume that the cost of
> the dump_stack will also be huge.

I definitely agree there, this will create unwanted dump_stack messages.

Simple example, without even looking at the multiple possible
interactions with multiple clients hammering the server, can be taken
from v9fs_create in fs/9p/vfs_inode.c
https://git.kernel.org/cgit/linux/kernel/git/next/linux-next.git/tree/fs/9p/vfs_inode.c?id=d8282ea05ad119247122de23db7d48ad6098cfa2#n652

jumping to label error from a failure in p9_client_fcreate (e.g. EPERM
or something perfectly valid) will, with your patch, call clunk with fid
== NULL and thus generate a stack trace, while it is a perfectly normal
code path that should only return to userspace with EPERM.


(admitedly, the linux vfs will do checks first to ensure that the
function is likely to succeed, but some servers can implement their own
security model on top)


Other patches in the set look good at first glance, but I'll need a bit
to find time to look through implications they may have.
--
Dominique Martinet,
CEA
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/