• Jeff Layton's avatar
    ceph: don't try to handle hashed dentries in non-O_CREAT atomic_open · 5bb5e6ee
    Jeff Layton authored
    If ceph_atomic_open is handed a !d_in_lookup dentry, then that means
    that it already passed d_revalidate so we *know* that it's negative (or
    at least was very recently). Just return -ENOENT in that case.
    
    This also addresses a subtle bug in dentry handling. Non-O_CREAT opens
    call atomic_open with the parent's i_rwsem shared, but calling
    d_splice_alias on a hashed dentry requires the exclusive lock.
    
    If ceph_atomic_open receives a hashed, negative dentry on a non-O_CREAT
    open, and another client were to race in and create the file before we
    issue our OPEN, ceph_fill_trace could end up calling d_splice_alias on
    the dentry with the new inode with insufficient locks.
    
    Cc: stable@vger.kernel.org
    Reported-by: default avatarAl Viro <viro@zeniv.linux.org.uk>
    Signed-off-by: default avatarJeff Layton <jlayton@kernel.org>
    Signed-off-by: default avatarIlya Dryomov <idryomov@gmail.com>
    5bb5e6ee
file.c 55.4 KB