Page MenuHomeFreeBSD

Some fdescfs fixes
ClosedPublic

Authored by kib on Mar 22 2023, 1:46 PM.
Tags
None
Referenced Files
Unknown Object (File)
Tue, Nov 5, 8:54 AM
Unknown Object (File)
Wed, Oct 16, 11:34 PM
Unknown Object (File)
Tue, Oct 15, 2:57 AM
Unknown Object (File)
Mon, Oct 14, 9:26 AM
Unknown Object (File)
Fri, Oct 11, 4:11 PM
Unknown Object (File)
Oct 7 2024, 8:57 PM
Unknown Object (File)
Oct 7 2024, 8:57 PM
Unknown Object (File)
Oct 7 2024, 2:16 AM
Subscribers

Details

Summary
fdesc_lookup(): no need to vhold the dvp vnode

It is already referenced by the VOP_LOOKUP() caller, otherwise vdrop()
after vn_lock() is invalid anyway.
fdescfs: allow vnode lock recursion

This is needed in several situations for the root vnode at least.
For instance, the check in fdesc_lookup() to avoid look up of the root
vnode itself cannot detect other file descriptor referencing the root
vnode.
fdesc_allocvp(): fix potential use after free

Just owning the interlock is not enough for vget() to operate on the
vnode race-free with vgone(), the vnode should be held.  Use
vget_prep()/vget_finish() to avoid vholding the vnode explicitly, and
drop LK_INTERLOCK.
fdescfs: remove useless XXX comment, unwrap line

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

kib requested review of this revision.Mar 22 2023, 1:46 PM
kib edited the summary of this revision. (Show Details)

For instance, the check in fdesc_lookup() to avoid look up of the root
vnode itself cannot detect other file descriptor referencing the root
vnode.

Sorry, I still cannot see how this is possible.

The other commits in the patch look ok to me.

For instance, the check in fdesc_lookup() to avoid look up of the root
vnode itself cannot detect other file descriptor referencing the root
vnode.

Sorry, I still cannot see how this is possible.

The other commits in the patch look ok to me.

You mean, you do not see how it is possible to recurse on the root fdescfs vnode lock? It is a precaution to avoid the deadlock sitting hidden in other places.

Now I think that the condition around the vn_vget_ino_gen() call can be simply dropped and vget_ino called always, because it is currently de-facto used this way. The root vnode ix is 1, and FD_DESC is 3.

fdesc_lookup(): the condition to use vn_vget_ino() is always true
fdesc_lookup(): drop fdropped

Also remove the patch to make fdescfs vnode lock recursive.

This revision is now accepted and ready to land.Mar 23 2023, 7:56 PM