| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1509195507-29037-6-git-send-email-houtao1@huawei.com>
Date: Sat, 28 Oct 2017 20:58:24 +0800
From: Hou Tao <houtao1@...wei.com>
To: <linux-fsdevel@...r.kernel.org>
CC: <linux-kernel@...r.kernel.org>, <viro@...iv.linux.org.uk>,
<jbaron@...mai.com>, <oleg@...hat.com>, <dave@...olabs.net>,
<koct9i@...il.com>
Subject: [RFC][PATCH 5/8] epoll: iterate epi in file->f_ep_links by using list_first_or_null_rcu
When eventpoll_release_file() iterates epitem in file->f_ep_links,
the epitem may be removed by ep_free(). To protect again the concurrent
writer, iterate file->f_ep_links by using rcu_read_lock() and
list_first_or_null_rcu()
Signed-off-by: Hou Tao <houtao1@...wei.com>
---
fs/eventpoll.c | 12 +++++++++++-
1 file changed, 11 insertions(+), 1 deletion(-)
diff --git a/fs/eventpoll.c b/fs/eventpoll.c
index 18de596..e1e4796 100644
--- a/fs/eventpoll.c
+++ b/fs/eventpoll.c
@@ -1033,12 +1033,22 @@ void eventpoll_release_file(struct file *file)
*
* Besides, ep_remove() acquires the lock, so we can't hold it here.
*/
- list_for_each_entry_safe(epi, next, &file->f_ep_links, fllink) {
+ rcu_read_lock();
+ while (true) {
+ epi = list_first_or_null_rcu(&file->f_ep_links, struct epitem, fllink);
+ if (!epi)
+ break;
+
ep = epi->ep;
+ rcu_read_unlock();
+
mutex_lock_nested(&ep->mtx, 0);
ep_remove(ep, epi);
mutex_unlock(&ep->mtx);
+
+ rcu_read_lock();
}
+ rcu_read_unlock();
/*
* The file can not been added to tfile_check_list again, because
--
2.7.5
Powered by blists - more mailing lists