Commit 4fb3a538 authored by Dipankar Sarma's avatar Dipankar Sarma Committed by Linus Torvalds
Browse files

[PATCH] files: fix preemption issues



With the new fdtable locking rules, you have to protect fdtable with either
->file_lock or rcu_read_lock/unlock().  There are some places where we
aren't doing either.  This patch fixes those places.
Signed-off-by: default avatarDipankar Sarma <dipankar@in.ibm.com>
Signed-off-by: default avatarAndrew Morton <akpm@osdl.org>
Signed-off-by: default avatarLinus Torvalds <torvalds@osdl.org>
parent af4e5a21
...@@ -37,6 +37,7 @@ ...@@ -37,6 +37,7 @@
#include <linux/namei.h> #include <linux/namei.h>
#include <linux/uio.h> #include <linux/uio.h>
#include <linux/vfs.h> #include <linux/vfs.h>
#include <linux/rcupdate.h>
#include <asm/fpu.h> #include <asm/fpu.h>
#include <asm/io.h> #include <asm/io.h>
...@@ -975,6 +976,7 @@ osf_select(int n, fd_set __user *inp, fd_set __user *outp, fd_set __user *exp, ...@@ -975,6 +976,7 @@ osf_select(int n, fd_set __user *inp, fd_set __user *outp, fd_set __user *exp,
long timeout; long timeout;
int ret = -EINVAL; int ret = -EINVAL;
struct fdtable *fdt; struct fdtable *fdt;
int max_fdset;
timeout = MAX_SCHEDULE_TIMEOUT; timeout = MAX_SCHEDULE_TIMEOUT;
if (tvp) { if (tvp) {
...@@ -996,8 +998,11 @@ osf_select(int n, fd_set __user *inp, fd_set __user *outp, fd_set __user *exp, ...@@ -996,8 +998,11 @@ osf_select(int n, fd_set __user *inp, fd_set __user *outp, fd_set __user *exp,
} }
} }
rcu_read_lock();
fdt = files_fdtable(current->files); fdt = files_fdtable(current->files);
if (n < 0 || n > fdt->max_fdset) max_fdset = fdt->max_fdset;
rcu_read_unlock();
if (n < 0 || n > max_fdset)
goto out_nofds; goto out_nofds;
/* /*
......
...@@ -2218,12 +2218,13 @@ static void ...@@ -2218,12 +2218,13 @@ static void
pfm_free_fd(int fd, struct file *file) pfm_free_fd(int fd, struct file *file)
{ {
struct files_struct *files = current->files; struct files_struct *files = current->files;
struct fdtable *fdt = files_fdtable(files); struct fdtable *fdt;
/* /*
* there ie no fd_uninstall(), so we do it here * there ie no fd_uninstall(), so we do it here
*/ */
spin_lock(&files->file_lock); spin_lock(&files->file_lock);
fdt = files_fdtable(files);
rcu_assign_pointer(fdt->fd[fd], NULL); rcu_assign_pointer(fdt->fd[fd], NULL);
spin_unlock(&files->file_lock); spin_unlock(&files->file_lock);
......
...@@ -124,6 +124,7 @@ ...@@ -124,6 +124,7 @@
#include <linux/smp_lock.h> #include <linux/smp_lock.h>
#include <linux/syscalls.h> #include <linux/syscalls.h>
#include <linux/time.h> #include <linux/time.h>
#include <linux/rcupdate.h>
#include <asm/semaphore.h> #include <asm/semaphore.h>
#include <asm/uaccess.h> #include <asm/uaccess.h>
...@@ -2205,6 +2206,7 @@ void steal_locks(fl_owner_t from) ...@@ -2205,6 +2206,7 @@ void steal_locks(fl_owner_t from)
lock_kernel(); lock_kernel();
j = 0; j = 0;
rcu_read_lock();
fdt = files_fdtable(files); fdt = files_fdtable(files);
for (;;) { for (;;) {
unsigned long set; unsigned long set;
...@@ -2222,6 +2224,7 @@ void steal_locks(fl_owner_t from) ...@@ -2222,6 +2224,7 @@ void steal_locks(fl_owner_t from)
set >>= 1; set >>= 1;
} }
} }
rcu_read_unlock();
unlock_kernel(); unlock_kernel();
} }
EXPORT_SYMBOL(steal_locks); EXPORT_SYMBOL(steal_locks);
......
...@@ -74,6 +74,7 @@ ...@@ -74,6 +74,7 @@
#include <linux/file.h> #include <linux/file.h>
#include <linux/times.h> #include <linux/times.h>
#include <linux/cpuset.h> #include <linux/cpuset.h>
#include <linux/rcupdate.h>
#include <asm/uaccess.h> #include <asm/uaccess.h>
#include <asm/pgtable.h> #include <asm/pgtable.h>
...@@ -180,12 +181,14 @@ static inline char * task_state(struct task_struct *p, char *buffer) ...@@ -180,12 +181,14 @@ static inline char * task_state(struct task_struct *p, char *buffer)
p->gid, p->egid, p->sgid, p->fsgid); p->gid, p->egid, p->sgid, p->fsgid);
read_unlock(&tasklist_lock); read_unlock(&tasklist_lock);
task_lock(p); task_lock(p);
rcu_read_lock();
if (p->files) if (p->files)
fdt = files_fdtable(p->files); fdt = files_fdtable(p->files);
buffer += sprintf(buffer, buffer += sprintf(buffer,
"FDSize:\t%d\n" "FDSize:\t%d\n"
"Groups:\t", "Groups:\t",
fdt ? fdt->max_fds : 0); fdt ? fdt->max_fds : 0);
rcu_read_unlock();
group_info = p->group_info; group_info = p->group_info;
get_group_info(group_info); get_group_info(group_info);
......
...@@ -371,6 +371,12 @@ static inline void close_files(struct files_struct * files) ...@@ -371,6 +371,12 @@ static inline void close_files(struct files_struct * files)
struct fdtable *fdt; struct fdtable *fdt;
j = 0; j = 0;
/*
* It is safe to dereference the fd table without RCU or
* ->file_lock because this is the last reference to the
* files structure.
*/
fdt = files_fdtable(files); fdt = files_fdtable(files);
for (;;) { for (;;) {
unsigned long set; unsigned long set;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment