From: Ben Hutchings <ben@decadent.org.uk>
To: Greg KH <gregkh@linuxfoundation.org>
Cc: linux-kernel@vger.kernel.org, stable@vger.kernel.org,
torvalds@linux-foundation.org, akpm@linux-foundation.org,
alan@lxorguk.ukuu.org.uk, Jeff Layton <jlayton@redhat.com>,
Pavel Shilovsky <piastry@etersoft.ru>,
Steve French <sfrench@us.ibm.com>
Subject: Re: [ 10/41] CIFS: Do not kmalloc under the flocks spinlock
Date: Sat, 17 Mar 2012 02:37:41 +0000 [thread overview]
Message-ID: <20120317023740.GH12704@decadent.org.uk> (raw)
In-Reply-To: <20120316233811.484341257@linuxfoundation.org>
[-- Attachment #1: Type: text/plain, Size: 2624 bytes --]
On Fri, Mar 16, 2012 at 04:38:20PM -0700, Greg KH wrote:
> 3.2-stable review patch. If anyone has any objections, please let me know.
>
> ------------------
>
> From: Pavel Shilovsky <piastry@etersoft.ru>
>
> commit d5751469f210d2149cc2159ffff66cbeef6da3f2 upstream.
>
> Reorganize the code to make the memory already allocated before
> spinlock'ed loop.
>
> Reviewed-by: Jeff Layton <jlayton@redhat.com>
> Signed-off-by: Pavel Shilovsky <piastry@etersoft.ru>
> Signed-off-by: Steve French <sfrench@us.ibm.com>
> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
>
> ---
> fs/cifs/file.c | 69 ++++++++++++++++++++++++++++++++++++++++++++++-----------
> 1 file changed, 56 insertions(+), 13 deletions(-)
>
> --- a/fs/cifs/file.c
> +++ b/fs/cifs/file.c
[....]
> @@ -940,29 +950,55 @@ cifs_push_posix_locks(struct cifsFileInf
> return rc;
> }
>
> + lock_flocks();
> + cifs_for_each_lock(cfile->dentry->d_inode, before) {
> + if ((*before)->fl_flags & FL_POSIX)
> + count++;
> + }
> + unlock_flocks();
> +
> INIT_LIST_HEAD(&locks_to_send);
>
> + /*
> + * Allocating count locks is enough because no locks can be added to
> + * the list while we are holding cinode->lock_mutex that protects
> + * locking operations of this inode.
> + */
> + for (; i < count; i++) {
> + lck = kmalloc(sizeof(struct lock_to_push), GFP_KERNEL);
> + if (!lck) {
> + rc = -ENOMEM;
> + goto err_out;
> + }
> + list_add_tail(&lck->llist, &locks_to_send);
> + }
> +
> + i = 0;
> + el = locks_to_send.next;
> lock_flocks();
> cifs_for_each_lock(cfile->dentry->d_inode, before) {
> + if (el == &locks_to_send) {
> + /* something is really wrong */
> + cERROR(1, "Can't push all brlocks!");
> + break;
> + }
> flock = *before;
> + if ((flock->fl_flags & FL_POSIX) == 0)
> + continue;
[...]
If I understand the logic correctly, el == &locks_to_send means we
already used all the lock_to_push structures. (It should also be
equivalent to testing i == count. Why is i incremented but not
otherwise used in the loop?)
But we test this before flock->fl_flags & FL_POSIX, which means we
don't know whether this lock actually needs to be assigned one of
those structures. So it appears that we might report a spurious error
if the lock list ends with a mandatory lock. If so, this is
relatively harmless but does need to be fixed.
Ben.
--
Ben Hutchings
We get into the habit of living before acquiring the habit of thinking.
- Albert Camus
[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 828 bytes --]
next prev parent reply other threads:[~2012-03-17 2:37 UTC|newest]
Thread overview: 59+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-03-16 23:38 [ 00/41] 3.2.12-stable review Greg KH
2012-03-16 23:38 ` [ 01/41] ASoC: neo1973: fix neo1973 wm8753 initialization Greg KH
2012-03-16 23:38 ` [ 02/41] ALSA: hda/realtek - Apply the coef-setup only to ALC269VB Greg KH
2012-03-16 23:38 ` [ 03/41] aio: fix io_setup/io_destroy race Greg KH
2012-03-16 23:38 ` [ 04/41] aio: fix the "too late munmap()" race Greg KH
2012-03-16 23:38 ` [ 05/41] x86: Derandom delay_tsc for 64 bit Greg KH
2012-03-16 23:38 ` [ 06/41] PCI: ignore pre-1.1 ASPM quirking when ASPM is disabled Greg KH
2012-03-31 3:23 ` Ken Moffat
2012-03-31 3:33 ` Jonathan Nieder
2012-03-31 18:20 ` Linus Torvalds
2012-03-31 18:32 ` Matthew Garrett
2012-04-19 23:21 ` Ken Moffat
2012-04-01 16:11 ` Ken Moffat
2012-04-01 16:59 ` Linus Torvalds
2012-04-01 17:10 ` Greg KH
2012-04-02 20:27 ` Ken Moffat
2012-03-16 23:38 ` [ 07/41] [media] omap3isp: ccdc: Fix crash in HS/VS interrupt handler Greg KH
2012-03-16 23:38 ` [ 08/41] rt2x00: fix random stalls Greg KH
2012-03-16 23:38 ` [ 09/41] perf/x86: Fix local vs remote memory events for NHM/WSM Greg KH
2012-03-16 23:38 ` [ 10/41] CIFS: Do not kmalloc under the flocks spinlock Greg KH
2012-03-17 2:37 ` Ben Hutchings [this message]
2012-03-17 6:14 ` Pavel Shilovsky
2012-03-17 7:32 ` Ben Hutchings
2012-03-17 7:52 ` Pavel Shilovsky
2012-03-19 15:50 ` Greg KH
2012-03-19 19:11 ` Pavel Shilovsky
2012-03-19 19:24 ` Greg KH
2012-03-23 17:52 ` Greg KH
2012-03-16 23:38 ` [ 11/41] vfs: fix return value from do_last() Greg KH
2012-03-16 23:38 ` [ 12/41] vfs: fix double put after complete_walk() Greg KH
2012-03-16 23:38 ` [ 13/41] acer-wmi: No wifi rfkill on Lenovo machines Greg KH
2012-03-16 23:38 ` [ 14/41] atl1c: dont use highprio tx queue Greg KH
2012-03-16 23:38 ` [ 15/41] neighbour: Fixed race condition at tbl->nht Greg KH
2012-03-16 23:38 ` [ 16/41] ipsec: be careful of non existing mac headers Greg KH
2012-03-16 23:38 ` [ 17/41] ppp: fix ppp_mp_reconstruct bad seq errors Greg KH
2012-03-16 23:38 ` [ 18/41] sfc: Fix assignment of ip_summed for pre-allocated skbs Greg KH
2012-03-16 23:38 ` [ 19/41] tcp: fix false reordering signal in tcp_shifted_skb Greg KH
2012-03-16 23:38 ` [ 20/41] vmxnet3: Fix transport header size Greg KH
2012-03-16 23:38 ` [ 21/41] packetengines: fix config default Greg KH
2012-03-16 23:38 ` [ 22/41] r8169: corrupted IP fragments fix for large mtu Greg KH
2012-03-16 23:38 ` [ 23/41] tcp: dont fragment SACKed skbs in tcp_mark_head_lost() Greg KH
2012-03-16 23:38 ` [ 24/41] bridge: check return value of ipv6_dev_get_saddr() Greg KH
2012-03-16 23:38 ` [ 25/41] tcp: fix tcp_shift_skb_data() to not shift SACKed data below snd_una Greg KH
2012-03-16 23:38 ` [ 26/41] IPv6: Fix not join all-router mcast group when forwarding set Greg KH
2012-03-16 23:38 ` [ 27/41] usb: asix: Patch for Sitecom LN-031 Greg KH
2012-03-16 23:38 ` [ 28/41] regulator: Fix setting selector in tps6524x set_voltage function Greg KH
2012-03-16 23:38 ` [ 29/41] block: Fix NULL pointer dereference in sd_revalidate_disk Greg KH
2012-03-16 23:38 ` [ 30/41] block, sx8: fix pointer math issue getting fw version Greg KH
2012-03-16 23:38 ` [ 31/41] block: fix __blkdev_get and add_disk race condition Greg KH
2012-03-16 23:38 ` [ 32/41] Block: use a freezable workqueue for disk-event polling Greg KH
2012-03-16 23:38 ` [ 33/41] sparc32: Add -Av8 to assembler command line Greg KH
2012-03-16 23:38 ` [ 34/41] hwmon: (w83627ehf) Fix writing into fan_stop_time for NCT6775F/NCT6776F Greg KH
2012-03-16 23:38 ` [ 35/41] hwmon: (w83627ehf) Fix memory leak in probe function Greg KH
2012-03-16 23:38 ` [ 36/41] hwmon: (w83627ehf) Fix temp2 source for W83627UHG Greg KH
2012-03-16 23:38 ` [ 37/41] rapidio/tsi721: fix bug in register offset definitions Greg KH
2012-03-16 23:38 ` [ 38/41] i2c-algo-bit: Fix spurious SCL timeouts under heavy load Greg KH
2012-03-16 23:38 ` [ 39/41] iscsi-target: Fix reservation conflict -EBUSY response handling bug Greg KH
2012-03-16 23:38 ` [ 40/41] target: Fix compatible reservation handling (CRH=1) with legacy RESERVE/RELEASE Greg KH
2012-03-16 23:38 ` [ 41/41] hwmon: (zl6100) Enable interval between chip accesses for all chips Greg KH
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20120317023740.GH12704@decadent.org.uk \
--to=ben@decadent.org.uk \
--cc=akpm@linux-foundation.org \
--cc=alan@lxorguk.ukuu.org.uk \
--cc=gregkh@linuxfoundation.org \
--cc=jlayton@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=piastry@etersoft.ru \
--cc=sfrench@us.ibm.com \
--cc=stable@vger.kernel.org \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).