From: Oleg Nesterov <oleg@redhat.com>
To: Andi Kleen <ak@linux.intel.com>
Cc: Jonathan Corbet <corbet@lwn.net>,
Al Viro <viro@zeniv.linux.org.uk>,
Vitaly Mayatskikh <vmayatsk@redhat.com>,
linux-kernel@vger.kernel.org
Subject: Re: BUG? "Call fasync() functions without the BKL" is racy
Date: Wed, 3 Dec 2008 20:06:48 +0100 [thread overview]
Message-ID: <20081203190648.GA23893@redhat.com> (raw)
In-Reply-To: <493562B5.5020600@linux.intel.com>
On 12/02, Andi Kleen wrote:
>
>> Still I'd like to see the better fix for the long term, the only (afaics)
>> flag with the "side effect" is FASYNC, perhaps we can move it to (say)
>> ->f_mode, but this is ugly of course and still need serialization for the
>> pathes which play with FASYNC.
>
> I wonder if we need FASYNC at all. This could be gotten implicitely by
> looking at the fasync_list
Only if socket.
Serioulsy, I think the best (partial, yes) fix for now is to restore
lock_kernel() in setfl() and change ioctl_fioxxx() accordingly.
At least this protect us from tty too.
I agree with Jonathan, we need the lock to protect ->f_flags, but
this needs changes. Personally, I do not like the global mutex,
perhaps we can use some "unused" bit in struct file. Say, ->f_mode
is never changed (afaics), we can place it here. Now, any code
which changes ->f_flags can do
if (test_and_set_bit(FLAGS_LOCK_BIT))
return;
whatever();
->f_flags = new_flags;
clear_bit(FLAGS_LOCK_BIT);
No need to disable preemption, we never spin waiting for the
lock bit. If it is locked - somebody else updates ->f_flags,
we can pretend it does this after us. This can confuse F_GETFL
after F_SETFL (if F_SETFL "fails"), but I think in that case
user-space is wrong anyway, it must not do F_GETFL in parallel.
Not that I think this is very good idea though ;)
Oleg.
next prev parent reply other threads:[~2008-12-03 19:08 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-11-28 19:25 BUG? "Call fasync() functions without the BKL" is racy Oleg Nesterov
2008-12-01 11:34 ` Andi Kleen
2008-12-01 19:15 ` Oleg Nesterov
2008-12-01 19:34 ` Jonathan Corbet
2008-12-02 12:29 ` Oleg Nesterov
2008-12-02 16:30 ` Andi Kleen
2008-12-03 19:06 ` Oleg Nesterov [this message]
2008-12-03 21:21 ` Andi Kleen
2008-12-03 22:45 ` Jonathan Corbet
2008-12-04 14:34 ` Oleg Nesterov
2008-12-05 23:12 ` [PATCH 2.6.28] Fix FASYNC race Jonathan Corbet
2008-12-02 0:15 ` BUG? "Call fasync() functions without the BKL" is racy Andi Kleen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20081203190648.GA23893@redhat.com \
--to=oleg@redhat.com \
--cc=ak@linux.intel.com \
--cc=corbet@lwn.net \
--cc=linux-kernel@vger.kernel.org \
--cc=viro@zeniv.linux.org.uk \
--cc=vmayatsk@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox