Re: [PATCH] fs: touch up predicts in putname()

Next message: Nathan Chancellor: "Prebuilt LLVM 21.1.5 uploaded"
Previous message: Haotian Zhang: "[PATCH] ASoC: cs4271: Fix regulator leak on probe failure"
In reply to: Mateusz Guzik: "Re: [PATCH] fs: touch up predicts in putname()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Al Viro

Date: Wed Nov 05 2025 - 01:25:02 EST

On Mon, Nov 03, 2025 at 05:44:07PM +0100, Mateusz Guzik wrote:

> a sketch:
> /* called by the thread which allocated the name if it decides to go
> through with it */
> delegate_alien_name(name) {
> VFS_BUG_ON(name->delegated);
> name->delegated = true;
> }
>
> /* called by the thread using the name */
> claim_alien_name(name) {
> VFS_BUG_ON(!name->delegated);
> VFS_BUG_ON(name->__who_can_free != NULL);
> name->__who_can_free = current;
> }
>
> destroy_alien_name(name) {
> if (name->delegated) {
> VFS_BUG_ON(name->__who_can_free == NULL);
> VFS_BUG_ON(name->__who_can_free != current);
> }
> putname(..);
> }
>
> So a sample correct consumer looks like this:
> err = getname_alien(&name);
> ....
> err = other_prep();
> if (!err)
> actual_work(delegate_alien_name(name));
> else
> destroy_alien_name(name);
>
> the *other* thread which eventually works on the name:
> claim_alien_name(name);
> /* hard work goes here */
> destroy_alien_name(name);
>
> Sample buggy consumer which both delegated the free *and* decided free
> anyway is caught.

That would make sense had there been any places where we would want
use the alien_filename contents (hell, access it) in any way other
than "destroy and get a struct filename reference". I don't see any
candidates, TBH...