mirror of
https://github.com/followmsi/android_kernel_google_msm.git
synced 2024-11-06 23:17:41 +00:00
3b9b8ab65d
Fixed race on put_files_struct on exec with proc. Restoring files on current on error path may lead to proc having a pointer to already kfree-d files_struct. ->files changing at exit.c and khtread.c are safe as exit_files() makes all things under lock. Found during OpenVZ stress testing. [akpm@osdl.org: add export] Signed-off-by: Pavel Emelianov <xemul@openvz.org> Signed-off-by: Kirill Korotaev <dev@openvz.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
117 lines
2.9 KiB
C
117 lines
2.9 KiB
C
/*
|
|
* Wrapper functions for accessing the file_struct fd array.
|
|
*/
|
|
|
|
#ifndef __LINUX_FILE_H
|
|
#define __LINUX_FILE_H
|
|
|
|
#include <asm/atomic.h>
|
|
#include <linux/posix_types.h>
|
|
#include <linux/compiler.h>
|
|
#include <linux/spinlock.h>
|
|
#include <linux/rcupdate.h>
|
|
#include <linux/types.h>
|
|
|
|
/*
|
|
* The default fd array needs to be at least BITS_PER_LONG,
|
|
* as this is the granularity returned by copy_fdset().
|
|
*/
|
|
#define NR_OPEN_DEFAULT BITS_PER_LONG
|
|
|
|
/*
|
|
* The embedded_fd_set is a small fd_set,
|
|
* suitable for most tasks (which open <= BITS_PER_LONG files)
|
|
*/
|
|
struct embedded_fd_set {
|
|
unsigned long fds_bits[1];
|
|
};
|
|
|
|
/*
|
|
* More than this number of fds: we use a separately allocated fd_set
|
|
*/
|
|
#define EMBEDDED_FD_SET_SIZE (BITS_PER_BYTE * sizeof(struct embedded_fd_set))
|
|
|
|
struct fdtable {
|
|
unsigned int max_fds;
|
|
int max_fdset;
|
|
struct file ** fd; /* current fd array */
|
|
fd_set *close_on_exec;
|
|
fd_set *open_fds;
|
|
struct rcu_head rcu;
|
|
struct files_struct *free_files;
|
|
struct fdtable *next;
|
|
};
|
|
|
|
/*
|
|
* Open file table structure
|
|
*/
|
|
struct files_struct {
|
|
/*
|
|
* read mostly part
|
|
*/
|
|
atomic_t count;
|
|
struct fdtable *fdt;
|
|
struct fdtable fdtab;
|
|
/*
|
|
* written part on a separate cache line in SMP
|
|
*/
|
|
spinlock_t file_lock ____cacheline_aligned_in_smp;
|
|
int next_fd;
|
|
struct embedded_fd_set close_on_exec_init;
|
|
struct embedded_fd_set open_fds_init;
|
|
struct file * fd_array[NR_OPEN_DEFAULT];
|
|
};
|
|
|
|
#define files_fdtable(files) (rcu_dereference((files)->fdt))
|
|
|
|
extern void FASTCALL(__fput(struct file *));
|
|
extern void FASTCALL(fput(struct file *));
|
|
|
|
static inline void fput_light(struct file *file, int fput_needed)
|
|
{
|
|
if (unlikely(fput_needed))
|
|
fput(file);
|
|
}
|
|
|
|
extern struct file * FASTCALL(fget(unsigned int fd));
|
|
extern struct file * FASTCALL(fget_light(unsigned int fd, int *fput_needed));
|
|
extern void FASTCALL(set_close_on_exec(unsigned int fd, int flag));
|
|
extern void put_filp(struct file *);
|
|
extern int get_unused_fd(void);
|
|
extern void FASTCALL(put_unused_fd(unsigned int fd));
|
|
struct kmem_cache;
|
|
|
|
extern struct file ** alloc_fd_array(int);
|
|
extern void free_fd_array(struct file **, int);
|
|
|
|
extern fd_set *alloc_fdset(int);
|
|
extern void free_fdset(fd_set *, int);
|
|
|
|
extern int expand_files(struct files_struct *, int nr);
|
|
extern void free_fdtable(struct fdtable *fdt);
|
|
extern void __init files_defer_init(void);
|
|
|
|
static inline struct file * fcheck_files(struct files_struct *files, unsigned int fd)
|
|
{
|
|
struct file * file = NULL;
|
|
struct fdtable *fdt = files_fdtable(files);
|
|
|
|
if (fd < fdt->max_fds)
|
|
file = rcu_dereference(fdt->fd[fd]);
|
|
return file;
|
|
}
|
|
|
|
/*
|
|
* Check whether the specified fd has an open file.
|
|
*/
|
|
#define fcheck(fd) fcheck_files(current->files, fd)
|
|
|
|
extern void FASTCALL(fd_install(unsigned int fd, struct file * file));
|
|
|
|
struct task_struct;
|
|
|
|
struct files_struct *get_files_struct(struct task_struct *);
|
|
void FASTCALL(put_files_struct(struct files_struct *fs));
|
|
void reset_files_struct(struct task_struct *, struct files_struct *);
|
|
|
|
#endif /* __LINUX_FILE_H */
|