[PATCH 0/2] fsnotify: fix mem overwritten
From: çç
Date: Tue May 30 2017 - 23:55:04 EST
From: "leilei.lin" <leilei.lin@xxxxxxxxxxxxxxx>
Slub alloced mem overwritten ocurrs when fsnotify thread was copying the
dentry name and another rename thread change the dentry name at same
time.
These patches do the following:
1. A new copy_dname method was created which copy file_name to new alloc mem.
The later patch (of 2) would use this method
2. Use the new copy_dname method instead of using the point of dentry->name,
which may be modified anytime
We can use script below to reproduce overwritten warning
```
#!/usr/bin/python
import os
import random
import time
import string
import multiprocessing
WRITE_SIZE = 100
filename = "/watch/tdc_admin.LOG"
#filename = "/watch/tdc_admin.LOG.1234567890.1234567890.1234567890"
def file_op_process():
for j in range(10):
n = random.randrange(0, 10)
tobe_wrote = "".join(random.sample(string.ascii_letters, 10))
for i in xrange(n):
try:
os.rename(filename, filename + ".1123123123")
except OSError:
pass
for i in xrange(n):
f = file(filename, "w+")
f.write(tobe_wrote * i * (1024 / 2))
f.flush()
f.close()
if __name__ == '__main__':
process_list = []
while True:
for i in range(100):
p0 = multiprocessing.Process(target=file_op_process)
p0.start()
process_list.append(p0)
#time.sleep(0.002)
for p in process_list:
if p.is_alive():
p.join(0.01)
else:
del p
```
leilei.lin (2):
fs/dcache.c: New copy_dname method
fsnotify: use method copy_dname copying filename
fs/dcache.c | 36 ++++++++++++++++++++++++++++++++++++
fs/notify/fsnotify.c | 14 ++++++++++++--
include/linux/dcache.h | 2 ++
3 files changed, 50 insertions(+), 2 deletions(-)
--
2.8.4.31.g9ed660f