From: Oleg Nesterov <oleg@redhat.com>
To: Andi Kleen <ak@linux.intel.com>
Cc: Jonathan Corbet <corbet@lwn.net>,
Al Viro <viro@zeniv.linux.org.uk>,
Vitaly Mayatskikh <vmayatsk@redhat.com>,
linux-kernel@vger.kernel.org
Subject: Re: BUG? "Call fasync() functions without the BKL" is racy
Date: Wed, 3 Dec 2008 20:06:48 +0100 [thread overview]
Message-ID: <20081203190648.GA23893@redhat.com> (raw)
In-Reply-To: <493562B5.5020600@linux.intel.com>
On 12/02, Andi Kleen wrote:
>
>> Still I'd like to see the better fix for the long term, the only (afaics)
>> flag with the "side effect" is FASYNC, perhaps we can move it to (say)
>> ->f_mode, but this is ugly of course and still need serialization for the
>> pathes which play with FASYNC.
>
> I wonder if we need FASYNC at all. This could be gotten implicitely by
> looking at the fasync_list
Only if socket.
Serioulsy, I think the best (partial, yes) fix for now is to restore
lock_kernel() in setfl() and change ioctl_fioxxx() accordingly.
At least this protect us from tty too.
I agree with Jonathan, we need the lock to protect ->f_flags, but
this needs changes. Personally, I do not like the global mutex,
perhaps we can use some "unused" bit in struct file. Say, ->f_mode
is never changed (afaics), we can place it here. Now, any code
which changes ->f_flags can do
if (test_and_set_bit(FLAGS_LOCK_BIT))
return;
whatever();
->f_flags = new_flags;
clear_bit(FLAGS_LOCK_BIT);
No need to disable preemption, we never spin waiting for the
lock bit. If it is locked - somebody else updates ->f_flags,
we can pretend it does this after us. This can confuse F_GETFL
after F_SETFL (if F_SETFL "fails"), but I think in that case
user-space is wrong anyway, it must not do F_GETFL in parallel.
Not that I think this is very good idea though ;)
Oleg.
next prev parent reply other threads:[~2008-12-03 19:08 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-11-28 19:25 BUG? "Call fasync() functions without the BKL" is racy Oleg Nesterov
2008-12-01 11:34 ` Andi Kleen
2008-12-01 19:15 ` Oleg Nesterov
2008-12-01 19:34 ` Jonathan Corbet
2008-12-02 12:29 ` Oleg Nesterov
2008-12-02 16:30 ` Andi Kleen
2008-12-03 19:06 ` Oleg Nesterov [this message]
2008-12-03 21:21 ` Andi Kleen
2008-12-03 22:45 ` Jonathan Corbet
2008-12-04 14:34 ` Oleg Nesterov
2008-12-05 23:12 ` [PATCH 2.6.28] Fix FASYNC race Jonathan Corbet
2008-12-02 0:15 ` BUG? "Call fasync() functions without the BKL" is racy Andi Kleen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20081203190648.GA23893@redhat.com \
--to=oleg@redhat.com \
--cc=ak@linux.intel.com \
--cc=corbet@lwn.net \
--cc=linux-kernel@vger.kernel.org \
--cc=viro@zeniv.linux.org.uk \
--cc=vmayatsk@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.