kernel_optimize_test/fs
Pavel Emelyanov 85c59580b3 locks: Fix potential OOPS in generic_setlease()
This code is run under lock_kernel(), which is dropped during
sleeping operations, so the following race is possible:

CPU1:                                CPU2:
  vfs_setlease();                    vfs_setlease();
  lock_kernel();
                                     lock_kernel(); /* spin */
  generic_setlease():
    ...
    for (before = ...)
    /* here we found some lease after
     * which we will insert the new one
     */
    fl = locks_alloc_lock();
    /* go to sleep in this allocation and
     * drop the BKL
     */
                                     generic_setlease():
                                       ...
                                       for (before = ...)
                                       /* here we find the "before" pointing
                                        * at the one we found on CPU1
                                        */
                                      ->fl_change(my_before, arg);
                                              lease_modify();
                                                     locks_free_lock();
                                                     /* and we freed it */
                                     ...
                                     unlock_kernel();
   locks_insert_lock(before, fl);
   /* OOPS! We have just tried to add the lease
    * at the tail of already removed one
    */

The similar races are already handled in other code - all the
allocations are performed before any checks/updates.

Thanks to Kamalesh Babulal for testing and for a bug report on an
earlier version.

Signed-off-by: Pavel Emelyanov <xemul@openvz.org>
Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu>
Cc: Kamalesh Babulal <kamalesh@linux.vnet.ibm.com>
2007-10-09 18:32:45 -04:00
..
9p 9p: remove deprecated v9fs_fid_lookup_remove() 2007-08-23 10:13:45 -05:00
adfs mm: Remove slab destructors from kmem_cache_create(). 2007-07-20 10:11:58 +09:00
affs mm: Remove slab destructors from kmem_cache_create(). 2007-07-20 10:11:58 +09:00
afs afs: mntput called before dput 2007-09-11 17:21:19 -07:00
autofs
autofs4 autofs4: deadlock during create 2007-08-22 19:52:46 -07:00
befs mm: Remove slab destructors from kmem_cache_create(). 2007-07-20 10:11:58 +09:00
bfs mm: Remove slab destructors from kmem_cache_create(). 2007-07-20 10:11:58 +09:00
cifs [CIFS] Check return code on failed alloc 2007-08-18 00:15:20 +00:00
coda coda: remove CODA_STORE/CODA_RELEASE upcalls 2007-07-21 17:49:14 -07:00
configfs mm: Remove slab destructors from kmem_cache_create(). 2007-07-20 10:11:58 +09:00
cramfs
debugfs debugfs: remove rmdir() non-empty complaint 2007-07-18 15:49:48 -07:00
devpts
dlm [DLM] fix basts for granted PR waiting CW 2007-08-14 10:31:02 +01:00
ecryptfs eCryptfs: fix possible fault in ecryptfs_sync_page 2007-08-31 01:42:23 -07:00
efs mm: Remove slab destructors from kmem_cache_create(). 2007-07-20 10:11:58 +09:00
exportfs knfsd: exportfs: split out reconnecting a dentry from find_exported_dentry 2007-07-17 10:23:06 -07:00
ext2 fix inode_table test in ext234_check_descriptors 2007-07-26 11:35:17 -07:00
ext3 ext34: ensure do_split leaves enough free space in both blocks 2007-09-19 11:24:18 -07:00
ext4 ext34: ensure do_split leaves enough free space in both blocks 2007-09-19 11:24:18 -07:00
fat mm: Remove slab destructors from kmem_cache_create(). 2007-07-20 10:11:58 +09:00
freevxfs mm: Remove slab destructors from kmem_cache_create(). 2007-07-20 10:11:58 +09:00
fuse mm: Remove slab destructors from kmem_cache_create(). 2007-07-20 10:11:58 +09:00
gfs2 [GFS2] Revert remounting w/o acl option leaves acls enabled 2007-08-14 10:34:40 +01:00
hfs mm: Remove slab destructors from kmem_cache_create(). 2007-07-20 10:11:58 +09:00
hfsplus mm: Remove slab destructors from kmem_cache_create(). 2007-07-20 10:11:58 +09:00
hostfs sendfile: remove .sendfile from filesystems that use generic_file_sendfile() 2007-07-10 08:04:13 +02:00
hpfs mm: Remove slab destructors from kmem_cache_create(). 2007-07-20 10:11:58 +09:00
hppfs
hugetlbfs hugepage: fix broken check for offset alignment in hugepage mappings 2007-08-31 01:42:23 -07:00
isofs isofs: mounting to regular file may succeed 2007-07-31 15:39:41 -07:00
jbd mm: Remove slab destructors from kmem_cache_create(). 2007-07-20 10:11:58 +09:00
jbd2 mm: Remove slab destructors from kmem_cache_create(). 2007-07-20 10:11:58 +09:00
jffs2 [JFFS2] fix write deadlock regression 2007-09-02 18:18:38 +01:00
jfs mm: Remove slab destructors from kmem_cache_create(). 2007-07-20 10:11:58 +09:00
lockd NLM: Fix a memory leak in nlmsvc_testlock 2007-10-09 12:38:26 -07:00
minix mm: Remove slab destructors from kmem_cache_create(). 2007-07-20 10:11:58 +09:00
msdos
ncpfs NCP: delete test of long-deceased CONFIG_NCPFS_DEBUGDENTRY 2007-07-31 15:39:41 -07:00
nfs NFS: Fix an Oops in encode_lookup() 2007-09-28 15:36:42 -07:00
nfs_common
nfsd knfsd: Validate filehandle type in fsid_source 2007-09-10 18:57:47 -07:00
nls NLS: Remove obsolete Makefile entries 2007-07-16 09:05:52 -07:00
ntfs mm: Remove slab destructors from kmem_cache_create(). 2007-07-20 10:11:58 +09:00
ocfs2 ocfs2: Unlock mutex in local alloc failure case 2007-10-03 11:14:45 -07:00
openpromfs mm: Remove slab destructors from kmem_cache_create(). 2007-07-20 10:11:58 +09:00
partitions [PARTITION]: Sun/Solaris VTOC table corrections 2007-07-30 00:27:31 -07:00
proc Fix select on /proc files without ->poll 2007-09-11 17:21:20 -07:00
qnx4 mm: Remove slab destructors from kmem_cache_create(). 2007-07-20 10:11:58 +09:00
ramfs NOMMU: Fix SYSV IPC SHM 2007-07-31 15:39:36 -07:00
reiserfs quota: fix infinite loop 2007-09-11 17:21:19 -07:00
romfs mm: Remove slab destructors from kmem_cache_create(). 2007-07-20 10:11:58 +09:00
smbfs mm: Remove slab destructors from kmem_cache_create(). 2007-07-20 10:11:58 +09:00
sysfs sysfs: don't warn on removal of a nonexistent binary file 2007-08-22 14:35:36 -07:00
sysv mm: Remove slab destructors from kmem_cache_create(). 2007-07-20 10:11:58 +09:00
udf Fix possible NULL pointer dereference in udf_table_free_blocks() 2007-08-31 01:42:22 -07:00
ufs ufs: fix sun state 2007-09-25 08:51:04 -07:00
vfat
xfs Revert "[XFS] Avoid replaying inode buffer initialisation log items if on-disk version is newer." 2007-10-01 07:59:03 -07:00
aio.c AIO: fix cleanup in io_submit_one(...) 2007-10-08 12:58:14 -07:00
anon_inodes.c Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/avi/kvm 2007-07-17 11:50:26 -07:00
attr.c Introduce is_owner_or_cap() to wrap CAP_FOWNER use with fsuid check 2007-07-17 12:00:03 -07:00
bad_inode.c sendfile: remove bad_sendfile() from bad_file_ops 2007-07-10 08:04:15 +02:00
binfmt_aout.c
binfmt_elf_fdpic.c coredump masking: ELF-FDPIC: enable core dump filtering 2007-07-19 10:04:47 -07:00
binfmt_elf.c revert "PIE randomization" 2007-07-21 17:49:14 -07:00
binfmt_em86.c
binfmt_flat.c binfmt_flat: checkpatch fixing minimum support for the blackfin relocations 2007-10-03 23:43:57 +08:00
binfmt_misc.c mm: variable length argument support 2007-07-19 10:04:45 -07:00
binfmt_script.c mm: variable length argument support 2007-07-19 10:04:45 -07:00
binfmt_som.c
bio.c [BLOCK] Get rid of request_queue_t typedef 2007-07-24 09:28:11 +02:00
block_dev.c mm: Remove slab destructors from kmem_cache_create(). 2007-07-20 10:11:58 +09:00
buffer.c fix some conversion overflows 2007-07-20 08:44:19 -07:00
char_dev.c unregister_chrdev() return void 2007-07-19 10:04:43 -07:00
compat_ioctl.c [PATCH] WE : Add missing auth compat-ioctl 2007-09-21 11:26:33 -04:00
compat.c mm: variable length argument support 2007-07-19 10:04:45 -07:00
dcache.c mm: Remove slab destructors from kmem_cache_create(). 2007-07-20 10:11:58 +09:00
dcookies.c Remove fs.h from mm.h 2007-07-29 17:09:29 -07:00
direct-io.c dio: zero struct dio with kzalloc instead of manually 2007-08-20 22:50:25 -07:00
dnotify.c mm: Remove slab destructors from kmem_cache_create(). 2007-07-20 10:11:58 +09:00
dquot.c mm: Remove slab destructors from kmem_cache_create(). 2007-07-20 10:11:58 +09:00
drop_caches.c invalidate_mapping_pages(): add cond_resched 2007-07-16 09:05:36 -07:00
eventfd.c
eventpoll.c mm: Remove slab destructors from kmem_cache_create(). 2007-07-20 10:11:58 +09:00
exec.c signalfd simplification 2007-09-20 13:19:59 -07:00
fcntl.c mm: Remove slab destructors from kmem_cache_create(). 2007-07-20 10:11:58 +09:00
fifo.c
file_table.c
file.c
filesystems.c
fs-writeback.c
generic_acl.c Introduce is_owner_or_cap() to wrap CAP_FOWNER use with fsuid check 2007-07-17 12:00:03 -07:00
inode.c mm: Remove slab destructors from kmem_cache_create(). 2007-07-20 10:11:58 +09:00
inotify_user.c mm: Remove slab destructors from kmem_cache_create(). 2007-07-20 10:11:58 +09:00
inotify.c
internal.h
ioctl.c drop obsolete sys_ioctl export 2007-07-16 09:05:48 -07:00
ioprio.c
Kconfig ocfs2: update docs for new features 2007-09-11 11:38:25 -07:00
Kconfig.binfmt
libfs.c
locks.c locks: Fix potential OOPS in generic_setlease() 2007-10-09 18:32:45 -04:00
Makefile
mbcache.c mm: Remove slab destructors from kmem_cache_create(). 2007-07-20 10:11:58 +09:00
mpage.c
namei.c fs: remove path_walk export 2007-07-19 10:04:45 -07:00
namespace.c mm: Remove slab destructors from kmem_cache_create(). 2007-07-20 10:11:58 +09:00
nfsctl.c nfsctl: use vfs_path_lookup 2007-07-19 10:04:45 -07:00
no-block.c
open.c VFS: fix a race in lease-breaking during truncate 2007-07-31 15:39:42 -07:00
pipe.c docbook: add pipes, other fixes 2007-07-27 08:08:51 +02:00
pnode.c
pnode.h
posix_acl.c
quota_v1.c
quota_v2.c
quota.c [IA64] Fix build failure in fs/quota.c 2007-07-27 15:40:13 -07:00
read_write.c Remove remnants of sendfile() 2007-07-10 08:04:15 +02:00
read_write.h
readdir.c
select.c Fix select on /proc files without ->poll 2007-09-11 17:21:20 -07:00
seq_file.c seq_file: more atomicity in traverse() 2007-07-16 09:05:45 -07:00
signalfd.c signalfd simplification 2007-09-20 13:19:59 -07:00
splice.c Fix possible splice() mmap_sem deadlock 2007-10-01 13:17:28 -07:00
stack.c
stat.c
super.c hugetlbfs: handle empty options string 2007-07-16 09:05:46 -07:00
sync.c
timerfd.c make timerfd return a u64 and fix the __put_user 2007-07-26 11:35:17 -07:00
utimes.c Introduce is_owner_or_cap() to wrap CAP_FOWNER use with fsuid check 2007-07-17 12:00:03 -07:00
xattr_acl.c
xattr.c Introduce is_owner_or_cap() to wrap CAP_FOWNER use with fsuid check 2007-07-17 12:00:03 -07:00