Re: minor patch for 2.1.111 fs/open.c

Linus Torvalds (torvalds@transmeta.com)
Tue, 28 Jul 1998 10:37:44 -0700 (PDT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Andries.Brouwer@cwi.nl: "RE: L68K: vt.c in 2.1.111 (fwd)"
Previous message: Linus Torvalds: "Re: 2.1.111: IDE DMA disabled?"

On Tue, 28 Jul 1998, Bill Hawes wrote:
>
> In reviewing the usage of inuse filps I found a minor race problem in
> do_open. Following an open failure the dentry is dput(), but the
> filp->f_dentry field needs to be cleared first. If this is not done, a
> block in dput() may allow the filp to be observed with a stale dentry
> pointer, and an attempt to dereference it could be a problem.
>
> A small patch to correct the problem is attached.

This patch can't make any difference that I can see.

At the point where you clear the f_dentry, the whole file pointer is
completely local to the open routine (it hasn't been installed anywhere),
so nobody else can have a pointer to it. As such, nobody else could
dereference the field except for us (and we won't do that, because we're
just about to destroy it).

It would indeed be a major bug to expose the file pointer before it is
completely filled in, but that is regardless of whether we have a stale
dentry pointer or any dentry at all..

Linus

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.altern.org/andrebalsa/doc/lkml-faq.html

Next message: Andries.Brouwer@cwi.nl: "RE: L68K: vt.c in 2.1.111 (fwd)"
Previous message: Linus Torvalds: "Re: 2.1.111: IDE DMA disabled?"