cgroup dentry insufficiently initialized prior to calling d_instantiate.

Li Zefan lizefan at huawei.com
Tue May 14 10:47:23 UTC 2013


On 2013/5/11 6:02, Casey Schaufler wrote:
> 
> In kernel/cgroup.c in cgroup_add_file() we have:
> 
> 
>         dentry = lookup_one_len(name, dir, strlen(name));
>         if (IS_ERR(dentry)) {
>                 error = PTR_ERR(dentry);
>                 goto out;
>         }
> 
>         mode = cgroup_file_mode(cft);
>         error = cgroup_create_file(dentry, mode | S_IFREG, cgrp->root->sb);
>         if (!error) {
>                 cfe->type = (void *)cft;
>                 cfe->dentry = dentry;
>                 dentry->d_fsdata = cfe;
>                 simple_xattrs_init(&cfe->xattrs);
>                 list_add_tail(&cfe->node, &parent->files);
>                 cfe = NULL;
>         }
>         dput(dentry);
> 
> cgroup_create_file() calls d_instantiate, which may
> decide to look at the xattrs on the file. Smack always
> does this and SELinux can be configured to do so, although
> no one seems to be using that option. Since the dentry
> has not been initialized panics in __d_xattr ensue. See
> bugzilla 57791.
> 

cgroup_add_file() should initialize xattrs before calling d_instantiate(),
just like cgroup_create() does.

I'll prepare a patch to fix it. Thanks for the report!



More information about the Containers mailing list