Re: [PATCH] sysfs_remove_dir Vs dcache_readdir race fix

From: Andrew Morton
Date: Thu Nov 20 2003 - 10:12:23 EST


Maneesh Soni <maneesh@xxxxxxxxxx> wrote:
>
> Actually race is not directly between dcache_readdir and sysfs_remove_dir but
> it is like this
>
> cpu 0 cpu 1
> dcache_dir_open()
> --> adds the cursor dentry
>
> sysfs_remove_dir()
> --> list_del_init cursor dentry
>
> dcache_readdir()
> --> loops forever on inititalized cursor dentry.
>
>
> Though all these operations happen under parent's i_sem, but it is dropped
> between ->open() and ->readdir() as both are different calls.
>
> I think people will also agree that there is no need for sysfs_remove_dir()
> to modify d_subdirs list.

Seems to me that the libfs code is fragile.

What happens if the dentry at filp->f_private_data gets moved to a
different directory after someone did dcache_dir_open()? Does the loop
in dcache_readdir() go infinite again?

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/