RE: [PATCH v2 1/2] hfs: Validate CNIDs in hfs_read_inode

Next message: Thorsten Blum: "[PATCH 1/2] ASoC: Intel: atom: Replace deprecated strcpy in sst_slot_enum_info"
Previous message: Namhyung Kim: "Re: [PATCH v4 00/18]"
In reply to: Tetsuo Handa: "Re: [PATCH v2 1/2] hfs: Validate CNIDs in hfs_read_inode"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Viacheslav Dubeyko

Date: Tue Nov 11 2025 - 17:42:25 EST

On Tue, 2025-11-11 at 23:39 +0900, Tetsuo Handa wrote:
> On 2025/11/04 10:47, George Anthony Vernon wrote:
> > + if (!is_valid_cnid(inode->i_ino,
> > + S_ISDIR(inode->i_mode) ? HFS_CDR_DIR : HFS_CDR_FIL))
> > + BUG();
>
> Is it guaranteed that hfs_write_inode() and make_bad_inode() never run in parallel?
> If no, this check is racy because make_bad_inode() makes S_ISDIR(inode->i_mode) == false.
>

Any inode should be completely created before any hfs_write_inode() call can
happen. So, I don't see how hfs_write_inode() and make_bad_inode() could run in
parallel.

But, maybe, I am not completely right that we need to call is_bad_inode() in
hfs_write_inode() of checking that it's bad inode. For example, ubifs is doing
it in the ubifs_write_inode() [1]. NILFS2 is doing it in nilfs_dirty_inode()
[2]. And majority of file systems call is_bad_inode() in evict_inode() methods.

Thanks,
Slava.

[1] https://elixir.bootlin.com/linux/v6.18-rc5/source/fs/ubifs/super.c#L299
[2] https://elixir.bootlin.com/linux/v6.18-rc5/source/fs/nilfs2/inode.c#L1087