lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Mon, 27 Jan 2014 18:03:04 +0800
From:	Weijie Yang <weijie.yang@...sung.com>
To:	hughd@...gle.com
Cc:	'Andrew Morton' <akpm@...ux-foundation.org>,
	'Minchan Kim' <minchan@...nel.org>, shli@...nel.org,
	'Bob Liu' <bob.liu@...cle.com>, weijie.yang.kh@...il.com,
	'Seth Jennings' <sjennings@...iantweb.net>,
	'Heesub Shin' <heesub.shin@...sung.com>, mquzik@...hat.com,
	'Linux-MM' <linux-mm@...ck.org>,
	'linux-kernel' <linux-kernel@...r.kernel.org>,
	stable@...r.kernel.org
Subject: [PATCH 3/8] mm/swap: prevent concurrent swapon on the same S_ISBLK
 blockdev

When swapon the same S_ISBLK blockdev concurrent, the allocated two
swap_info could hold the same block_device, because claim_swapfile()
allow the same holder(here, it is sys_swapon function).

To prevent this situation, This patch adds swap_lock protect to ensure
we can find this situation and return -EBUSY for one swapon call.

As for S_ISREG swapfile, claim_swapfile() already prevent this scenario
by holding inode->i_mutex.

This patch is just for a rare scenario, aim to correct of code.

Signed-off-by: Weijie Yang <weijie.yang@...sung.com>
---
 mm/swapfile.c |    4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/mm/swapfile.c b/mm/swapfile.c
index 4d24158..413c213 100644
--- a/mm/swapfile.c
+++ b/mm/swapfile.c
@@ -2459,9 +2459,10 @@ SYSCALL_DEFINE2(swapon, const char __user *, specialfile, int, swap_flags)
 		goto bad_swap;
 	}
 
+	/* prevent concurrent swapon on the same S_ISBLK blockdev */
+	spin_lock(&swap_lock);
 	p->swap_file = swap_file;
 	mapping = swap_file->f_mapping;
-
 	for (i = 0; i < nr_swapfiles; i++) {
 		struct swap_info_struct *q = swap_info[i];
 
@@ -2472,6 +2473,7 @@ SYSCALL_DEFINE2(swapon, const char __user *, specialfile, int, swap_flags)
 			goto bad_swap;
 		}
 	}
+	spin_unlock(&swap_lock);
 
 	inode = mapping->host;
 	/* If S_ISREG(inode->i_mode) will do mutex_lock(&inode->i_mutex); */
-- 
1.7.10.4


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ