aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAl Viro <viro@zeniv.linux.org.uk>2010-06-06 23:49:18 -0400
committerAl Viro <viro@zeniv.linux.org.uk>2010-08-09 16:48:15 -0400
commitf8ad850f11e11d10e7de1a16ca53cb193afc9313 (patch)
tree4812193c6be29f41d3de3ae74705e95a9566546c
parentf8d7e1877e5121841bc9a4d284a04dbc13f45bea (diff)
try to get rid of races in hostfs open()
In case of mode mismatch, do *not* blindly close the descriptor another openers might be using right now. Open the underlying file with currently sufficient mode, then * if current mode has grown so that it's sufficient for us now, just close our new fd * if current mode has grown and our fd is *not* enough to cover it, close and repeat. * otherwise, install our fd if the file hadn't been opened at all or dup2() our fd over the current one (and close our fd). Critical section is protected by mutex; yes, system-wide. All we do under it is a bunch of comparison and maybe an overwriting dup2() on host. Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
-rw-r--r--fs/hostfs/hostfs.h1
-rw-r--r--fs/hostfs/hostfs_kern.c43
-rw-r--r--fs/hostfs/hostfs_user.c5
3 files changed, 37 insertions, 12 deletions
diff --git a/fs/hostfs/hostfs.h b/fs/hostfs/hostfs.h
index ea87e224ed97..6bbd75c5589b 100644
--- a/fs/hostfs/hostfs.h
+++ b/fs/hostfs/hostfs.h
@@ -74,6 +74,7 @@ extern void *open_dir(char *path, int *err_out);
74extern char *read_dir(void *stream, unsigned long long *pos, 74extern char *read_dir(void *stream, unsigned long long *pos,
75 unsigned long long *ino_out, int *len_out); 75 unsigned long long *ino_out, int *len_out);
76extern void close_file(void *stream); 76extern void close_file(void *stream);
77extern int replace_file(int oldfd, int fd);
77extern void close_dir(void *stream); 78extern void close_dir(void *stream);
78extern int read_file(int fd, unsigned long long *offset, char *buf, int len); 79extern int read_file(int fd, unsigned long long *offset, char *buf, int len);
79extern int write_file(int fd, unsigned long long *offset, const char *buf, 80extern int write_file(int fd, unsigned long long *offset, const char *buf,
diff --git a/fs/hostfs/hostfs_kern.c b/fs/hostfs/hostfs_kern.c
index 8130ce93a06a..dd1e55535a4e 100644
--- a/fs/hostfs/hostfs_kern.c
+++ b/fs/hostfs/hostfs_kern.c
@@ -302,27 +302,22 @@ int hostfs_readdir(struct file *file, void *ent, filldir_t filldir)
302 302
303int hostfs_file_open(struct inode *ino, struct file *file) 303int hostfs_file_open(struct inode *ino, struct file *file)
304{ 304{
305 static DEFINE_MUTEX(open_mutex);
305 char *name; 306 char *name;
306 fmode_t mode = 0; 307 fmode_t mode = 0;
308 int err;
307 int r = 0, w = 0, fd; 309 int r = 0, w = 0, fd;
308 310
309 mode = file->f_mode & (FMODE_READ | FMODE_WRITE); 311 mode = file->f_mode & (FMODE_READ | FMODE_WRITE);
310 if ((mode & HOSTFS_I(ino)->mode) == mode) 312 if ((mode & HOSTFS_I(ino)->mode) == mode)
311 return 0; 313 return 0;
312 314
313 /* 315 mode |= HOSTFS_I(ino)->mode;
314 * The file may already have been opened, but with the wrong access,
315 * so this resets things and reopens the file with the new access.
316 */
317 if (HOSTFS_I(ino)->fd != -1) {
318 close_file(&HOSTFS_I(ino)->fd);
319 HOSTFS_I(ino)->fd = -1;
320 }
321 316
322 HOSTFS_I(ino)->mode |= mode; 317retry:
323 if (HOSTFS_I(ino)->mode & FMODE_READ) 318 if (mode & FMODE_READ)
324 r = 1; 319 r = 1;
325 if (HOSTFS_I(ino)->mode & FMODE_WRITE) 320 if (mode & FMODE_WRITE)
326 w = 1; 321 w = 1;
327 if (w) 322 if (w)
328 r = 1; 323 r = 1;
@@ -335,7 +330,31 @@ int hostfs_file_open(struct inode *ino, struct file *file)
335 __putname(name); 330 __putname(name);
336 if (fd < 0) 331 if (fd < 0)
337 return fd; 332 return fd;
338 FILE_HOSTFS_I(file)->fd = fd; 333
334 mutex_lock(&open_mutex);
335 /* somebody else had handled it first? */
336 if ((mode & HOSTFS_I(ino)->mode) == mode) {
337 mutex_unlock(&open_mutex);
338 return 0;
339 }
340 if ((mode | HOSTFS_I(ino)->mode) != mode) {
341 mode |= HOSTFS_I(ino)->mode;
342 mutex_unlock(&open_mutex);
343 close_file(&fd);
344 goto retry;
345 }
346 if (HOSTFS_I(ino)->fd == -1) {
347 HOSTFS_I(ino)->fd = fd;
348 } else {
349 err = replace_file(fd, HOSTFS_I(ino)->fd);
350 close_file(&fd);
351 if (err < 0) {
352 mutex_unlock(&open_mutex);
353 return err;
354 }
355 }
356 HOSTFS_I(ino)->mode = mode;
357 mutex_unlock(&open_mutex);
339 358
340 return 0; 359 return 0;
341} 360}
diff --git a/fs/hostfs/hostfs_user.c b/fs/hostfs/hostfs_user.c
index 91ebfcefa409..6777aa06ce2c 100644
--- a/fs/hostfs/hostfs_user.c
+++ b/fs/hostfs/hostfs_user.c
@@ -160,6 +160,11 @@ int fsync_file(int fd, int datasync)
160 return 0; 160 return 0;
161} 161}
162 162
163int replace_file(int oldfd, int fd)
164{
165 return dup2(oldfd, fd);
166}
167
163void close_file(void *stream) 168void close_file(void *stream)
164{ 169{
165 close(*((int *) stream)); 170 close(*((int *) stream));