/[linux-patches]/genpatches-2.6/trunk/2.6.31/1900_fsnotify-group-mark-fix.patch
Gentoo

Contents of /genpatches-2.6/trunk/2.6.31/1900_fsnotify-group-mark-fix.patch

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1629 - (show annotations) (download) (as text)
Fri Nov 6 13:00:36 2009 UTC (11 years ago) by mpagano
File MIME type: text/x-diff
File size: 2475 byte(s)
fsnotify patch to not set the group mark before it is on the i_list
1 From: Eric Paris <eparis@redhat.com>
2 Date: Fri, 11 Sep 2009 17:03:19 +0000 (-0400)
3 Subject: fsnotify: do not set group for a mark before it is on the i_list
4 X-Git-Tag: v2.6.32-rc6~115^2~3
5 X-Git-Url: http://git.kernel.org/?p=linux%2Fkernel%2Fgit%2Ftorvalds%2Flinux-2.6.git;a=commitdiff_plain;h=9f0d793b52eb2266359661369ef6303838904855
6
7 fsnotify: do not set group for a mark before it is on the i_list
8
9 fsnotify_add_mark is supposed to add a mark to the g_list and i_list and to
10 set the group and inode for the mark. fsnotify_destroy_mark_by_entry uses
11 the fact that ->group != NULL to know if this group should be destroyed or
12 if it's already been done.
13
14 But fsnotify_add_mark sets the group and inode before it actually adds the
15 mark to the i_list and g_list. This can result in a race in inotify, it
16 requires 3 threads.
17
18 sys_inotify_add_watch("file") sys_inotify_add_watch("file") sys_inotify_rm_watch([a])
19 inotify_update_watch()
20 inotify_new_watch()
21 inotify_add_to_idr()
22 ^--- returns wd = [a]
23 inotfiy_update_watch()
24 inotify_new_watch()
25 inotify_add_to_idr()
26 fsnotify_add_mark()
27 ^--- returns wd = [b]
28 returns to userspace;
29 inotify_idr_find([a])
30 ^--- gives us the pointer from task 1
31 fsnotify_add_mark()
32 ^--- this is going to set the mark->group and mark->inode fields, but will
33 return -EEXIST because of the race with [b].
34 fsnotify_destroy_mark()
35 ^--- since ->group != NULL we call back
36 into inotify_freeing_mark() which calls
37 inotify_remove_from_idr([a])
38
39 since fsnotify_add_mark() failed we call:
40 inotify_remove_from_idr([a]) <------WHOOPS it's not in the idr, this could
41 have been any entry added later!
42
43 The fix is to make sure we don't set mark->group until we are sure the mark is
44 on the inode and fsnotify_add_mark will return success.
45
46 Signed-off-by: Eric Paris <eparis@redhat.com>
47 ---
48
49 diff --git a/fs/notify/inode_mark.c b/fs/notify/inode_mark.c
50 index c8a07c6..3165d85 100644
51 --- a/fs/notify/inode_mark.c
52 +++ b/fs/notify/inode_mark.c
53 @@ -324,11 +324,11 @@ int fsnotify_add_mark(struct fsnotify_mark_entry *entry,
54 spin_lock(&group->mark_lock);
55 spin_lock(&inode->i_lock);
56
57 - entry->group = group;
58 - entry->inode = inode;
59 -
60 lentry = fsnotify_find_mark_entry(group, inode);
61 if (!lentry) {
62 + entry->group = group;
63 + entry->inode = inode;
64 +
65 hlist_add_head(&entry->i_list, &inode->i_fsnotify_mark_entries);
66 list_add(&entry->g_list, &group->mark_entries);
67

  ViewVC Help
Powered by ViewVC 1.1.20