Re: [PATCH] perf: Fix race in perf_mmap_close function
From: Michael Petlan
Date: Tue Sep 15 2020 - 18:23:02 EST
On Mon, 14 Sep 2020, Jiri Olsa wrote:
> On Mon, Sep 14, 2020 at 09:48:43PM +0900, Namhyung Kim wrote:
> > On Fri, Sep 11, 2020 at 4:49 PM Jiri Olsa <jolsa@xxxxxxxxxx> wrote:
> > > ugh, that's right.. how about change below
> >
> > Acked-by: Namhyung Kim <namhyung@xxxxxxxxxx>
>
> thanks, I'll send full patch after we're done testing this
>
> jirka
I've tested the change and seems OK to me.
Tested-by: Michael Petlan <mpetlan@xxxxxxxxxx>
>
> >
> > Thanks
> > Namhyung
> >
> >
> > >
> > > jirka
> > >
> > >
> > > ---
> > > diff --git a/kernel/events/core.c b/kernel/events/core.c
> > > index 7ed5248f0445..8ab2400aef55 100644
> > > --- a/kernel/events/core.c
> > > +++ b/kernel/events/core.c
> > > @@ -5868,11 +5868,11 @@ static void perf_pmu_output_stop(struct perf_event *event);
> > > static void perf_mmap_close(struct vm_area_struct *vma)
> > > {
> > > struct perf_event *event = vma->vm_file->private_data;
> > > -
> > > struct perf_buffer *rb = ring_buffer_get(event);
> > > struct user_struct *mmap_user = rb->mmap_user;
> > > int mmap_locked = rb->mmap_locked;
> > > unsigned long size = perf_data_size(rb);
> > > + bool detach_rest = false;
> > >
> > > if (event->pmu->event_unmapped)
> > > event->pmu->event_unmapped(event, vma->vm_mm);
> > > @@ -5903,7 +5903,8 @@ static void perf_mmap_close(struct vm_area_struct *vma)
> > > mutex_unlock(&event->mmap_mutex);
> > > }
> > >
> > > - atomic_dec(&rb->mmap_count);
> > > + if (atomic_dec_and_test(&rb->mmap_count))
> > > + detach_rest = true;
> > >
> > > if (!atomic_dec_and_mutex_lock(&event->mmap_count, &event->mmap_mutex))
> > > goto out_put;
> > > @@ -5912,7 +5913,7 @@ static void perf_mmap_close(struct vm_area_struct *vma)
> > > mutex_unlock(&event->mmap_mutex);
> > >
> > > /* If there's still other mmap()s of this buffer, we're done. */
> > > - if (atomic_read(&rb->mmap_count))
> > > + if (!detach_rest)
> > > goto out_put;
> > >
> > > /*
> > >
> >
>