Commit db1dd4d376134eba0e08af523b61cc566a4ea1cd
1 parent
6849991490
Exists in
master
and in
4 other branches
Use f_lock to protect f_flags
Traditionally, changes to struct file->f_flags have been done under BKL protection, or with no protection at all. This patch causes all f_flags changes after file open/creation time to be done under protection of f_lock. This allows the removal of some BKL usage and fixes a number of longstanding (if microscopic) races. Reviewed-by: Christoph Hellwig <hch@lst.de> Cc: Al Viro <viro@ZenIV.linux.org.uk> Signed-off-by: Jonathan Corbet <corbet@lwn.net>
Showing 13 changed files with 33 additions and 9 deletions Side-by-side Diff
drivers/char/tty_io.c
| ... | ... | @@ -2162,13 +2162,12 @@ |
| 2162 | 2162 | if (get_user(nonblock, p)) |
| 2163 | 2163 | return -EFAULT; |
| 2164 | 2164 | |
| 2165 | - /* file->f_flags is still BKL protected in the fs layer - vomit */ | |
| 2166 | - lock_kernel(); | |
| 2165 | + spin_lock(&file->f_lock); | |
| 2167 | 2166 | if (nonblock) |
| 2168 | 2167 | file->f_flags |= O_NONBLOCK; |
| 2169 | 2168 | else |
| 2170 | 2169 | file->f_flags &= ~O_NONBLOCK; |
| 2171 | - unlock_kernel(); | |
| 2170 | + spin_unlock(&file->f_lock); | |
| 2172 | 2171 | return 0; |
| 2173 | 2172 | } |
| 2174 | 2173 |
drivers/usb/gadget/file_storage.c
| ... | ... | @@ -1711,7 +1711,9 @@ |
| 1711 | 1711 | curlun->sense_data = SS_WRITE_PROTECTED; |
| 1712 | 1712 | return -EINVAL; |
| 1713 | 1713 | } |
| 1714 | + spin_lock(&curlun->filp->f_lock); | |
| 1714 | 1715 | curlun->filp->f_flags &= ~O_SYNC; // Default is not to wait |
| 1716 | + spin_unlock(&curlun->filp->f_lock); | |
| 1715 | 1717 | |
| 1716 | 1718 | /* Get the starting Logical Block Address and check that it's |
| 1717 | 1719 | * not too big */ |
| 1718 | 1720 | |
| ... | ... | @@ -1728,8 +1730,11 @@ |
| 1728 | 1730 | curlun->sense_data = SS_INVALID_FIELD_IN_CDB; |
| 1729 | 1731 | return -EINVAL; |
| 1730 | 1732 | } |
| 1731 | - if (fsg->cmnd[1] & 0x08) // FUA | |
| 1733 | + if (fsg->cmnd[1] & 0x08) { // FUA | |
| 1734 | + spin_lock(&curlun->filp->f_lock); | |
| 1732 | 1735 | curlun->filp->f_flags |= O_SYNC; |
| 1736 | + spin_unlock(&curlun->filp->f_lock); | |
| 1737 | + } | |
| 1733 | 1738 | } |
| 1734 | 1739 | if (lba >= curlun->num_sectors) { |
| 1735 | 1740 | curlun->sense_data = SS_LOGICAL_BLOCK_ADDRESS_OUT_OF_RANGE; |
fs/fcntl.c
fs/ioctl.c
| ... | ... | @@ -404,10 +404,12 @@ |
| 404 | 404 | if (O_NONBLOCK != O_NDELAY) |
| 405 | 405 | flag |= O_NDELAY; |
| 406 | 406 | #endif |
| 407 | + spin_lock(&filp->f_lock); | |
| 407 | 408 | if (on) |
| 408 | 409 | filp->f_flags |= flag; |
| 409 | 410 | else |
| 410 | 411 | filp->f_flags &= ~flag; |
| 412 | + spin_unlock(&filp->f_lock); | |
| 411 | 413 | return error; |
| 412 | 414 | } |
| 413 | 415 | |
| 414 | 416 | |
| ... | ... | @@ -432,10 +434,12 @@ |
| 432 | 434 | if (error) |
| 433 | 435 | return error; |
| 434 | 436 | |
| 437 | + spin_lock(&filp->f_lock); | |
| 435 | 438 | if (on) |
| 436 | 439 | filp->f_flags |= FASYNC; |
| 437 | 440 | else |
| 438 | 441 | filp->f_flags &= ~FASYNC; |
| 442 | + spin_unlock(&filp->f_lock); | |
| 439 | 443 | return error; |
| 440 | 444 | } |
| 441 | 445 | |
| 442 | 446 | |
| ... | ... | @@ -499,10 +503,7 @@ |
| 499 | 503 | break; |
| 500 | 504 | |
| 501 | 505 | case FIONBIO: |
| 502 | - /* BKL needed to avoid races tweaking f_flags */ | |
| 503 | - lock_kernel(); | |
| 504 | 506 | error = ioctl_fionbio(filp, argp); |
| 505 | - unlock_kernel(); | |
| 506 | 507 | break; |
| 507 | 508 | |
| 508 | 509 | case FIOASYNC: |
fs/nfsd/vfs.c
| ... | ... | @@ -998,8 +998,11 @@ |
| 998 | 998 | |
| 999 | 999 | if (!EX_ISSYNC(exp)) |
| 1000 | 1000 | stable = 0; |
| 1001 | - if (stable && !EX_WGATHER(exp)) | |
| 1001 | + if (stable && !EX_WGATHER(exp)) { | |
| 1002 | + spin_lock(&file->f_lock); | |
| 1002 | 1003 | file->f_flags |= O_SYNC; |
| 1004 | + spin_unlock(&file->f_lock); | |
| 1005 | + } | |
| 1003 | 1006 | |
| 1004 | 1007 | /* Write the data. */ |
| 1005 | 1008 | oldfs = get_fs(); set_fs(KERNEL_DS); |
include/linux/fs.h
| ... | ... | @@ -848,7 +848,7 @@ |
| 848 | 848 | #define f_dentry f_path.dentry |
| 849 | 849 | #define f_vfsmnt f_path.mnt |
| 850 | 850 | const struct file_operations *f_op; |
| 851 | - spinlock_t f_lock; /* f_ep_links */ | |
| 851 | + spinlock_t f_lock; /* f_ep_links, f_flags */ | |
| 852 | 852 | atomic_long_t f_count; |
| 853 | 853 | unsigned int f_flags; |
| 854 | 854 | fmode_t f_mode; |
ipc/mqueue.c
| ... | ... | @@ -1156,10 +1156,12 @@ |
| 1156 | 1156 | omqstat.mq_flags = filp->f_flags & O_NONBLOCK; |
| 1157 | 1157 | if (u_mqstat) { |
| 1158 | 1158 | audit_mq_getsetattr(mqdes, &mqstat); |
| 1159 | + spin_lock(&filp->f_lock); | |
| 1159 | 1160 | if (mqstat.mq_flags & O_NONBLOCK) |
| 1160 | 1161 | filp->f_flags |= O_NONBLOCK; |
| 1161 | 1162 | else |
| 1162 | 1163 | filp->f_flags &= ~O_NONBLOCK; |
| 1164 | + spin_unlock(&filp->f_lock); | |
| 1163 | 1165 | |
| 1164 | 1166 | inode->i_atime = inode->i_ctime = CURRENT_TIME; |
| 1165 | 1167 | } |
sound/core/oss/pcm_oss.c
sound/oss/au1550_ac97.c
sound/oss/audio.c
sound/oss/sh_dac_audio.c
sound/oss/swarm_cs4297a.c
sound/oss/vwsnd.c
| ... | ... | @@ -2673,7 +2673,9 @@ |
| 2673 | 2673 | |
| 2674 | 2674 | case SNDCTL_DSP_NONBLOCK: /* _SIO ('P',14) */ |
| 2675 | 2675 | DBGX("SNDCTL_DSP_NONBLOCK\n"); |
| 2676 | + spin_lock(&file->f_lock); | |
| 2676 | 2677 | file->f_flags |= O_NONBLOCK; |
| 2678 | + spin_unlock(&file->f_lock); | |
| 2677 | 2679 | return 0; |
| 2678 | 2680 | |
| 2679 | 2681 | case SNDCTL_DSP_RESET: /* _SIO ('P', 0) */ |