summaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorChong Cai <chongc@google.com>2021-04-08 17:59:46 -0700
committergVisor bot <gvisor-bot@google.com>2021-04-08 18:01:49 -0700
commit496a3654e7af2ee905c1183c622687c6af29069b (patch)
tree45a10aef293cd772e1b58fd18956996afed168f3
parentae019e39b0f3c6cdff0b1e86771698693fb074e6 (diff)
Set parent after child is verified
We should only set parent after child is verified. Also, if the parent is set before verified, destroyLocked() will try to grab parent.dirMu, which may cause deadlock. PiperOrigin-RevId: 367543655
-rw-r--r--pkg/sentry/fsimpl/verity/filesystem.go5
1 files changed, 3 insertions, 2 deletions
diff --git a/pkg/sentry/fsimpl/verity/filesystem.go b/pkg/sentry/fsimpl/verity/filesystem.go
index 6cb1a23e0..214ffd095 100644
--- a/pkg/sentry/fsimpl/verity/filesystem.go
+++ b/pkg/sentry/fsimpl/verity/filesystem.go
@@ -632,8 +632,6 @@ func (fs *filesystem) lookupAndVerifyLocked(ctx context.Context, parent *dentry,
childVD.IncRef()
childMerkleVD.IncRef()
- parent.IncRef()
- child.parent = parent
child.name = name
child.mode = uint32(stat.Mode)
@@ -657,6 +655,9 @@ func (fs *filesystem) lookupAndVerifyLocked(ctx context.Context, parent *dentry,
}
}
+ parent.IncRef()
+ child.parent = parent
+
return child, nil
}