From 63e2820f7bc5b15eacd406ac10b8e83b3bc87fa4 Mon Sep 17 00:00:00 2001 From: Nicolas Lacasse Date: Wed, 18 Jul 2018 11:48:56 -0700 Subject: Fix lock-ordering violation in Create by logging BaseName instead of FullName. Dirent.FullName takes the global renameMu, but can be called during Create, which itself takes dirent.mu and dirent.dirMu, which is a lock-order violation: Dirent.Create d.dirMu.Lock d.mu.Lock Inode.Create gofer.inodeOperations.Create gofer.NewFile Dirent.FullName d.renameMu.RLock We only use the FullName here for logging, and in this case we can get by with logging only the BaseName. A `BaseName` method was added to Dirent, which simply returns the name, taking d.parent.mu as required. In the Create pathway, we can't call d.BaseName() because taking d.parent.mu after d.mu violates the lock order. But we already know the base name of the file we just created, so that's OK. In the Open/GetFile pathway, we are free to call d.BaseName() because the other dirent locks are not held. PiperOrigin-RevId: 205112278 Change-Id: Ib45c734081aecc9b225249a65fa8093eb4995f10 --- pkg/sentry/fs/gofer/path.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'pkg/sentry/fs/gofer/path.go') diff --git a/pkg/sentry/fs/gofer/path.go b/pkg/sentry/fs/gofer/path.go index e78172bda..bfeab3833 100644 --- a/pkg/sentry/fs/gofer/path.go +++ b/pkg/sentry/fs/gofer/path.go @@ -127,7 +127,7 @@ func (i *inodeOperations) Create(ctx context.Context, dir *fs.Inode, name string if iops.session().cachePolicy.usePageCache(d.Inode) { iops.fileState.setHandlesForCachedIO(flags, h) } - return NewFile(ctx, d, flags, iops, h), nil + return NewFile(ctx, d, name, flags, iops, h), nil } // CreateLink uses Create to create a symlink between oldname and newname. -- cgit v1.2.3