| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 09 Feb 2009 16:16:09 -0500
From: Eric Paris <eparis@...hat.com>
To: linux-kernel@...r.kernel.org
Cc: viro@...iv.linux.org.uk, hch@...radead.org,
alan@...rguk.ukuu.org.uk, sfr@...b.auug.org.au,
john@...nmccutchan.com, rlove@...ve.org,
malware-list@...ts.printk.net, akpm@...ux-foundation.org
Subject: [PATCH -v1 09/11] fsnotify: fsnotify marks on inodes pin them in core
This patch pins any inodes with an fsnotify mark in core. The idea is that
as soon as the mark is removed from the inode->fsnotify_mark_entries list
the inode will be iput. In reality is doesn't quite work exactly this way.
The igrab will happen when the mark is added to an inode, but the iput will
happen when the inode pointer is NULL'd inside the mark.
It's possible that 2 racing things will try to remove the mark from
different directions. One may try to remove the mark because of an
explicit request and one might try to remove it because the inode was
deleted. It's possible that the removal because of inode deletion will
remove the mark from the inode's list, but the removal by explicit request
will actually set entry->inode == NULL; and call the iput. This is safe.
Signed-off-by: Eric Paris <eparis@...hat.com>
---
fs/notify/inode_mark.c | 25 ++++++++++++++++++++-----
1 files changed, 20 insertions(+), 5 deletions(-)
diff --git a/fs/notify/inode_mark.c b/fs/notify/inode_mark.c
index 840bd91..ff65e62 100644
--- a/fs/notify/inode_mark.c
+++ b/fs/notify/inode_mark.c
@@ -108,13 +108,16 @@ void fsnotify_clear_marks_by_group(struct fsnotify_group *group)
spin_lock(&inode->i_lock);
list_del_init(&entry->i_list);
- entry->inode = NULL;
list_del_init(&entry->g_list);
- entry->group = NULL;
- entry->freeme = 1;
fsnotify_recalc_inode_mask_locked(inode);
spin_unlock(&inode->i_lock);
+
+ entry->group = NULL;
+ entry->freeme = 1;
+ entry->inode = NULL;
+ iput(inode);
+
spin_unlock(&entry->lock);
fsnotify_put_mark(entry);
@@ -137,14 +140,17 @@ void fsnotify_destroy_mark_by_entry(struct fsnotify_mark_entry *entry)
spin_lock(&inode->i_lock);
list_del_init(&entry->i_list);
- entry->inode = NULL;
list_del_init(&entry->g_list);
+
+ entry->inode = NULL;
entry->group = NULL;
entry->freeme = 1;
if (inode) {
fsnotify_recalc_inode_mask_locked(inode);
spin_unlock(&inode->i_lock);
+
+ iput(inode);
}
if (group)
spin_unlock(&group->mark_lock);
@@ -173,6 +179,11 @@ void fsnotify_clear_marks_by_inode(struct inode *inode, unsigned int flags)
* try to grab entry->inode->i_lock without a problem.
*/
list_for_each_entry_safe(entry, lentry, &free_list, free_i_list) {
+ spin_lock(&entry->lock);
+ if (entry->inode)
+ iput(entry->inode);
+ entry->inode = NULL;
+ spin_unlock(&entry->lock);
entry->group->ops->mark_clear_inode(entry, inode, flags);
fsnotify_put_mark(entry);
}
@@ -209,9 +220,13 @@ int fsnotify_add_mark(struct fsnotify_mark_entry *entry)
{
struct fsnotify_mark_entry *lentry;
struct fsnotify_group *group = entry->group;
- struct inode *inode = entry->inode;
+ struct inode *inode;
int ret = 0;
+ inode = igrab(entry->inode);
+ if (unlikely(!inode))
+ return -EINVAL;
+
/*
* LOCKING ORDER!!!!
* entry->lock
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists