projects / GitHub / LineageOS / android_kernel_motorola_exynos9610.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 8753333)
autofs4: deal with autofs4_write/autofs4_write races
authorAl Viro <viro@zeniv.linux.org.uk>
Wed, 11 Jan 2012 03:35:38 +0000 (22:35 -0500)
committerAl Viro <viro@zeniv.linux.org.uk>
Wed, 11 Jan 2012 05:20:12 +0000 (00:20 -0500)
Just serialize the actual writing of packets into pipe on
a new mutex, independent from everything else in the locking
hierarchy.  As soon as something has started feeding a piece
of packet into the pipe to daemon, we *want* everything else
about to try the same to wait until we are done.

Acked-by: Ian Kent <raven@themaw.net>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
fs/autofs4/autofs_i.h patch | blob | blame | history
fs/autofs4/inode.c patch | blob | blame | history
fs/autofs4/waitq.c patch | blob | blame | history

diff --git a/fs/autofs4/autofs_i.h b/fs/autofs4/autofs_i.h
index 5869d4e974a94569b5457e0e7d7cf5b68f03ca5a..d8d8e7ba6a1e1bf52c367a73514aeaa202b8fcea 100644 (file)
--- a/fs/autofs4/autofs_i.h
+++ b/fs/autofs4/autofs_i.h
@@ -116,6 +116,7 @@ struct autofs_sb_info {
        int needs_reghost;
        struct super_block *sb;
        struct mutex wq_mutex;
+       struct mutex pipe_mutex;
        spinlock_t fs_lock;
        struct autofs_wait_queue *queues; /* Wait queue pointer */
        spinlock_t lookup_lock;
diff --git a/fs/autofs4/inode.c b/fs/autofs4/inode.c
index 2ba44c79d5486f7d39b999d0666eda0ddc3425b3..e16980b00b8d7315dda8d7b92d93fdaf7062e843 100644 (file)
--- a/fs/autofs4/inode.c
+++ b/fs/autofs4/inode.c
@@ -225,6 +225,7 @@ int autofs4_fill_super(struct super_block *s, void *data, int silent)
        sbi->min_proto = 0;
        sbi->max_proto = 0;
        mutex_init(&sbi->wq_mutex);
+       mutex_init(&sbi->pipe_mutex);
        spin_lock_init(&sbi->fs_lock);
        sbi->queues = NULL;
        spin_lock_init(&sbi->lookup_lock);
diff --git a/fs/autofs4/waitq.c b/fs/autofs4/waitq.c
index 9a0256da5d5655c2578c021b375ea5dc382cd235..9ef5b2914407c40327db81a5688850a808210991 100644 (file)
--- a/fs/autofs4/waitq.c
+++ b/fs/autofs4/waitq.c
@@ -56,26 +56,27 @@ void autofs4_catatonic_mode(struct autofs_sb_info *sbi)
        mutex_unlock(&sbi->wq_mutex);
 }
 
-static int autofs4_write(struct file *file, const void *addr, int bytes)
+static int autofs4_write(struct autofs_sb_info *sbi,
+                        struct file *file, const void *addr, int bytes)
 {
        unsigned long sigpipe, flags;
        mm_segment_t fs;
        const char *data = (const char *)addr;
        ssize_t wr = 0;
 
-       /** WARNING: this is not safe for writing more than PIPE_BUF bytes! **/
-
        sigpipe = sigismember(&current->pending.signal, SIGPIPE);
 
        /* Save pointer to user space and point back to kernel space */
        fs = get_fs();
        set_fs(KERNEL_DS);
 
+       mutex_lock(&sbi->pipe_mutex);
        while (bytes &&
               (wr = file->f_op->write(file,data,bytes,&file->f_pos)) > 0) {
                data += wr;
                bytes -= wr;
        }
+       mutex_lock(&sbi->pipe_mutex);
 
        set_fs(fs);
 
@@ -179,7 +180,7 @@ static void autofs4_notify_daemon(struct autofs_sb_info *sbi,
 
        mutex_unlock(&sbi->wq_mutex);
 
-       if (autofs4_write(pipe, &pkt, pktsz))
+       if (autofs4_write(sbi, pipe, &pkt, pktsz))
                autofs4_catatonic_mode(sbi);
        fput(pipe);
 }