Re: [PATCH 093/104] virtiofsd: introduce inode refcount to prevent use-after-free

Dr. David Alan Gilbert (git) writes: > From: Stefan Hajnoczi > > If thread A is using an inode it must not be deleted by thread B when > processing a FUSE_FORGET request. > > The FUSE protocol itself already has a counter called nlookup that is > used in FUSE_FORGET messages. We cannot trust t

RE: [PATCH 093/104] virtiofsd: introduce inode refcount to prevent use-after-free

> > On Thu, Jan 16, 2020 at 09:25:42PM +0900, Misono Tomohiro wrote: > > > > From: Stefan Hajnoczi > > > > > > > > If thread A is using an inode it must not be deleted by thread B > > > > when processing a FUSE_FORGET request. > > > > > > > > The FUSE protocol itself already has a counter called n

Re: [PATCH 093/104] virtiofsd: introduce inode refcount to prevent use-after-free

* Stefan Hajnoczi (stefa...@redhat.com) wrote: > On Thu, Jan 16, 2020 at 09:25:42PM +0900, Misono Tomohiro wrote: > > > From: Stefan Hajnoczi > > > > > > If thread A is using an inode it must not be deleted by thread B when > > > processing a FUSE_FORGET request. > > > > > > The FUSE protocol it

Re: [PATCH 093/104] virtiofsd: introduce inode refcount to prevent use-after-free

On Thu, Jan 16, 2020 at 09:25:42PM +0900, Misono Tomohiro wrote: > > From: Stefan Hajnoczi > > > > If thread A is using an inode it must not be deleted by thread B when > > processing a FUSE_FORGET request. > > > > The FUSE protocol itself already has a counter called nlookup that is > > used in

Re: [PATCH 093/104] virtiofsd: introduce inode refcount to prevent use-after-free

> From: Stefan Hajnoczi > > If thread A is using an inode it must not be deleted by thread B when > processing a FUSE_FORGET request. > > The FUSE protocol itself already has a counter called nlookup that is > used in FUSE_FORGET messages. We cannot trust this counter since the > untrusted clie