From mboxrd@z Thu Jan 1 00:00:00 1970 From: Al Viro Subject: Re: [RFC] situation with fput() locking (was Re: [PULL REQUEST] : ima-appraisal patches) Date: Fri, 20 Apr 2012 04:15:09 +0100 Message-ID: <20120420031509.GE6871@ZenIV.linux.org.uk> References: <1334754302.2137.8.camel@falcor> <1334772473.2137.22.camel@falcor> <20120418183938.GH6589@ZenIV.linux.org.uk> <1334865448.2429.35.camel@falcor> <20120420004303.GB6871@ZenIV.linux.org.uk> <20120420025438.GD6871@ZenIV.linux.org.uk> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: linux-fsdevel@vger.kernel.org, James Morris , linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org, David Safford , Dmitry Kasatkin , Mimi Zohar , David Miller To: Linus Torvalds Return-path: Received: from zeniv.linux.org.uk ([195.92.253.2]:46297 "EHLO ZenIV.linux.org.uk" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752107Ab2DTDPM (ORCPT ); Thu, 19 Apr 2012 23:15:12 -0400 Content-Disposition: inline In-Reply-To: <20120420025438.GD6871@ZenIV.linux.org.uk> Sender: linux-fsdevel-owner@vger.kernel.org List-ID: On Fri, Apr 20, 2012 at 03:54:38AM +0100, Al Viro wrote: > and filp_close() would, if that turns out to be possible, call fput_nodefer() > instead of fput(). If we *do* have places where we need deferral in > filp_close() (and I'm fairly sure that any such place is a deadlock right > now), well, we'll need a variant of filp_close() sans the call of fput...() > and those places would call that, followed by full (deferring) fput(). BTW, some of those filp_close() are simply wrong - e.g. a big pile in drivers/media/video/cx25821/*.c should be fput(). And yes, we have at least some under mutex - binder_lock held by binder_ioctl(), which ends up doing binder_transaction() with its failure cleanup hitting close_filp(). On an arbitrary struct file. It *probably* doesn't deadlock on the spot, since binder_release() itself contains a deferral mechanism (perhaps they'd spotted the deadlock, perhaps there are other reasons to have it).