Re: RFC: Fix f_flags races without the BKL

[Jonathan Corbet]

On Fri, 9 Jan 2009 11:08:21 +0100
Oleg Nesterov <oleg@xxxxxxxxxx> wrote:

> So, fasync_change() sets/clears FASYNC,
> 
> > +	lock_file_flags();
> >  	filp->f_flags = (arg & SETFL_MASK) | (filp->f_flags & ~SETFL_MASK);
> > +	unlock_file_flags();
> 
> and then we change f_flags again, including F_ASYNC bit.
> 
> This is racy?

No, I took FASYNC out of SETFL_MASK, so it isn't changed here.

> > +int fasync_change(int fd, struct file *filp, int on)
> > +{
> > +	int ret;
> > +	static DEFINE_MUTEX(fasync_mutex);
> > +
> > +	if (filp->f_op->fasync == NULL)
> > +		return -ENOTTY;
> > +
> > +	mutex_lock(&fasync_mutex);
> > +	lock_file_flags();
> > +	if (((filp->f_flags & FASYNC) == 0) == (on == 0)) {
> > +		unlock_file_flags();
> > +		return 0;
> > +	}
> > +	if (on)
> > +		filp->f_flags |= FASYNC;
> > +	else
> > +		filp->f_flags &= ~FASYNC;
> > +	unlock_file_flags();
> > +	ret = filp->f_op->fasync(fd, filp, on);
> > +	mutex_unlock(&fasync_mutex);
> > +	return ret;
> 
> But we must not change ->f_flags if ->fasync() fails?

Good point, that's not quite right.  That will make things a bit uglier -
we can't hold file_flags_lock when we call ->fasync() - but I'll fix it.
Unless people think that this approach is completely wrong too, of course. 
 
> Now we have the global mutex for ->fasync... Well, not very
> good but fasync_helper() takes fasync_lock anyway.

Not very good, but does anybody know of a workload which would result in
that mutex being contended ever?

Thanks,

jon
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/