Use f_lock to protect f_flags

Traditionally, changes to struct file->f_flags have been done under BKL protection, or with no protection at all. This patch causes all f_flags changes after file open/creation time to be done under protection of f_lock. This allows the removal of some BKL usage and fixes a number of longstanding (if microscopic) races. Reviewed-by: Christoph Hellwig <hch@lst.de> Cc: Al Viro <viro@ZenIV.linux.org.uk> Signed-off-by: Jonathan Corbet <corbet@lwn.net>
author: Jonathan Corbet <corbet@lwn.net> 2009-02-06 17:25:24 -0500
committer: Jonathan Corbet <corbet@lwn.net> 2009-03-16 10:32:27 -0400
commit: db1dd4d376134eba0e08af523b61cc566a4ea1cd (patch)
tree: 8882c673abbaa5713511b7046493fa862b9140d1
parent: 684999149002dd046269666a390458e0acb38280 (diff)
13 files changed, 33 insertions, 9 deletions
diff --git a/drivers/char/tty_io.c b/drivers/char/tty_io.c
index bc84e125c6bc..224f271d8cbe 100644
--- a/drivers/char/tty_io.c
+++ b/drivers/char/tty_io.c
@@ -2162,13 +2162,12 @@ static int fionbio(struct file *file, int __user *p)
        if (get_user(nonblock, p))
                return -EFAULT;
-        /* file->f_flags is still BKL protected in the fs layer - vomit */
+        spin_lock(&file->f_lock);
-        lock_kernel();
        if (nonblock)
                file->f_flags |= O_NONBLOCK;
        else
                file->f_flags &= ~O_NONBLOCK;
-        unlock_kernel();
+        spin_unlock(&file->f_lock);
        return 0;
 }
diff --git a/drivers/usb/gadget/file_storage.c b/drivers/usb/gadget/file_storage.c
index 1ab9dac7e12d..33bb76cef33c 100644
--- a/drivers/usb/gadget/file_storage.c
+++ b/drivers/usb/gadget/file_storage.c
@@ -1711,7 +1711,9 @@ static int do_write(struct fsg_dev *fsg)
                curlun->sense_data = SS_WRITE_PROTECTED;
                return -EINVAL;
        }
+        spin_lock(&curlun->filp->f_lock);
        curlun->filp->f_flags &= ~O_SYNC;       // Default is not to wait
+        spin_unlock(&curlun->filp->f_lock);
        /* Get the starting Logical Block Address and check that it's
         * not too big */
@@ -1728,8 +1730,11 @@ static int do_write(struct fsg_dev *fsg)
                        curlun->sense_data = SS_INVALID_FIELD_IN_CDB;
                        return -EINVAL;
                }
-                if (fsg->cmnd[1] & 0x08)        // FUA
+                if (fsg->cmnd[1] & 0x08) {      // FUA
+                        spin_lock(&curlun->filp->f_lock);
                        curlun->filp->f_flags |= O_SYNC;
+                        spin_unlock(&curlun->filp->f_lock);
+                }
        }
        if (lba >= curlun->num_sectors) {
                curlun->sense_data = SS_LOGICAL_BLOCK_ADDRESS_OUT_OF_RANGE;
diff --git a/fs/fcntl.c b/fs/fcntl.c
index bd215cc791da..04df8570a2d2 100644
--- a/fs/fcntl.c
+++ b/fs/fcntl.c
@@ -189,7 +189,9 @@ static int setfl(int fd, struct file * filp, unsigned long arg)
                }
        }
+        spin_lock(&filp->f_lock);
        filp->f_flags = (arg & SETFL_MASK) | (filp->f_flags & ~SETFL_MASK);
+        spin_unlock(&filp->f_lock);
 out:
        unlock_kernel();
        return error;
diff --git a/fs/ioctl.c b/fs/ioctl.c
index 240ec63984cb..421aab465dab 100644
--- a/fs/ioctl.c
+++ b/fs/ioctl.c
@@ -404,10 +404,12 @@ static int ioctl_fionbio(struct file *filp, int __user *argp)
        if (O_NONBLOCK != O_NDELAY)
                flag |= O_NDELAY;
 #endif
+        spin_lock(&filp->f_lock);
        if (on)
                filp->f_flags |= flag;
        else
                filp->f_flags &= ~flag;
+        spin_unlock(&filp->f_lock);
        return error;
 }
@@ -432,10 +434,12 @@ static int ioctl_fioasync(unsigned int fd, struct file *filp,
        if (error)
                return error;
+        spin_lock(&filp->f_lock);
        if (on)
                filp->f_flags |= FASYNC;
        else
                filp->f_flags &= ~FASYNC;
+        spin_unlock(&filp->f_lock);
        return error;
 }
@@ -499,10 +503,7 @@ int do_vfs_ioctl(struct file *filp, unsigned int fd, unsigned int cmd,
                break;
        case FIONBIO:
-                /* BKL needed to avoid races tweaking f_flags */
-                lock_kernel();
                error = ioctl_fionbio(filp, argp);
-                unlock_kernel();
                break;
        case FIOASYNC:
diff --git a/fs/nfsd/vfs.c b/fs/nfsd/vfs.c
index 6e50aaa56ca2..c165a6403df0 100644
--- a/fs/nfsd/vfs.c
+++ b/fs/nfsd/vfs.c
@@ -998,8 +998,11 @@ nfsd_vfs_write(struct svc_rqst *rqstp, struct svc_fh *fhp, struct file *file,
        if (!EX_ISSYNC(exp))
                stable = 0;
-        if (stable && !EX_WGATHER(exp))
+        if (stable && !EX_WGATHER(exp)) {
+                spin_lock(&file->f_lock);
                file->f_flags |= O_SYNC;
+                spin_unlock(&file->f_lock);
+        }
        /* Write the data. */
        oldfs = get_fs(); set_fs(KERNEL_DS);
diff --git a/include/linux/fs.h b/include/linux/fs.h
index 2011600d12c7..7428c6d35e65 100644
--- a/include/linux/fs.h
+++ b/include/linux/fs.h
@@ -848,7 +848,7 @@ struct file {
 #define f_dentry        f_path.dentry
 #define f_vfsmnt        f_path.mnt
        const struct file_operations    *f_op;
-        spinlock_t              f_lock;  /* f_ep_links */
+        spinlock_t              f_lock;  /* f_ep_links, f_flags */
        atomic_long_t           f_count;
        unsigned int            f_flags;
        fmode_t                 f_mode;
diff --git a/ipc/mqueue.c b/ipc/mqueue.c
index 54b4077fed79..a8ddadbc7459 100644
--- a/ipc/mqueue.c
+++ b/ipc/mqueue.c
@@ -1156,10 +1156,12 @@ SYSCALL_DEFINE3(mq_getsetattr, mqd_t, mqdes,
        omqstat.mq_flags = filp->f_flags & O_NONBLOCK;
        if (u_mqstat) {
                audit_mq_getsetattr(mqdes, &mqstat);
+                spin_lock(&filp->f_lock);
                if (mqstat.mq_flags & O_NONBLOCK)
                        filp->f_flags |= O_NONBLOCK;
                else
                        filp->f_flags &= ~O_NONBLOCK;
+                spin_unlock(&filp->f_lock);
                inode->i_atime = inode->i_ctime = CURRENT_TIME;
        }
diff --git a/sound/core/oss/pcm_oss.c b/sound/core/oss/pcm_oss.c
index 0a1798eafb0b..d4460f18e76c 100644
--- a/sound/core/oss/pcm_oss.c
+++ b/sound/core/oss/pcm_oss.c
@@ -1895,7 +1895,9 @@ static int snd_pcm_oss_set_fragment(struct snd_pcm_oss_file *pcm_oss_file, unsig
 static int snd_pcm_oss_nonblock(struct file * file)
 {
+        spin_lock(&file->f_lock);
        file->f_flags |= O_NONBLOCK;
+        spin_unlock(&file->f_lock);
        return 0;
 }
diff --git a/sound/oss/au1550_ac97.c b/sound/oss/au1550_ac97.c
index 81e1f443d094..4191acccbcdb 100644
--- a/sound/oss/au1550_ac97.c
+++ b/sound/oss/au1550_ac97.c
@@ -1627,7 +1627,9 @@ au1550_ioctl(struct inode *inode, struct file *file, unsigned int cmd,
                                    sizeof(abinfo)) ? -EFAULT : 0;
        case SNDCTL_DSP_NONBLOCK:
+                spin_lock(&file->f_lock);
                file->f_flags |= O_NONBLOCK;
+                spin_unlock(&file->f_lock);
                return 0;
        case SNDCTL_DSP_GETODELAY:
diff --git a/sound/oss/audio.c b/sound/oss/audio.c
index 89bd27a5e865..b69c05b7ea7b 100644
--- a/sound/oss/audio.c
+++ b/sound/oss/audio.c
@@ -433,7 +433,9 @@ int audio_ioctl(int dev, struct file *file, unsigned int cmd, void __user *arg)
                        return dma_ioctl(dev, cmd, arg);
                
                case SNDCTL_DSP_NONBLOCK:
+                        spin_lock(&file->f_lock);
                        file->f_flags |= O_NONBLOCK;
+                        spin_unlock(&file->f_lock);
                        return 0;
                case SNDCTL_DSP_GETCAPS:
diff --git a/sound/oss/sh_dac_audio.c b/sound/oss/sh_dac_audio.c
index e5d423994918..78cfb66e4c59 100644
--- a/sound/oss/sh_dac_audio.c
+++ b/sound/oss/sh_dac_audio.c
@@ -135,7 +135,9 @@ static int dac_audio_ioctl(struct inode *inode, struct file *file,
                return put_user(AFMT_U8, (int *)arg);
        case SNDCTL_DSP_NONBLOCK:
+                spin_lock(&file->f_lock);
                file->f_flags |= O_NONBLOCK;
+                spin_unlock(&file->f_lock);
                return 0;
        case SNDCTL_DSP_GETCAPS:
diff --git a/sound/oss/swarm_cs4297a.c b/sound/oss/swarm_cs4297a.c
index 41562ecde5bb..1edab7b4ea83 100644
--- a/sound/oss/swarm_cs4297a.c
+++ b/sound/oss/swarm_cs4297a.c
@@ -2200,7 +2200,9 @@ static int cs4297a_ioctl(struct inode *inode, struct file *file,
                                    sizeof(abinfo)) ? -EFAULT : 0;
        case SNDCTL_DSP_NONBLOCK:
+                spin_lock(&file->f_lock);
                file->f_flags |= O_NONBLOCK;
+                spin_unlock(&file->f_lock);
                return 0;
        case SNDCTL_DSP_GETODELAY:
diff --git a/sound/oss/vwsnd.c b/sound/oss/vwsnd.c
index 78b8acc7c3b9..187f72750e8f 100644
--- a/sound/oss/vwsnd.c
+++ b/sound/oss/vwsnd.c
@@ -2673,7 +2673,9 @@ static int vwsnd_audio_do_ioctl(struct inode *inode,
        case SNDCTL_DSP_NONBLOCK:       /* _SIO  ('P',14) */
                DBGX("SNDCTL_DSP_NONBLOCK\n");
+                spin_lock(&file->f_lock);
                file->f_flags |= O_NONBLOCK;
+                spin_unlock(&file->f_lock);
                return 0;
        case SNDCTL_DSP_RESET:          /* _SIO  ('P', 0) */
author	Jonathan Corbet <corbet@lwn.net>	2009-02-06 17:25:24 -0500
committer	Jonathan Corbet <corbet@lwn.net>	2009-03-16 10:32:27 -0400
commit	db1dd4d376134eba0e08af523b61cc566a4ea1cd (patch)
tree	8882c673abbaa5713511b7046493fa862b9140d1
parent	684999149002dd046269666a390458e0acb38280 (diff)