diff options
author | Al Viro <viro@zeniv.linux.org.uk> | 2010-06-06 23:49:18 -0400 |
---|---|---|
committer | Al Viro <viro@zeniv.linux.org.uk> | 2010-08-09 16:48:15 -0400 |
commit | f8ad850f11e11d10e7de1a16ca53cb193afc9313 (patch) | |
tree | 4812193c6be29f41d3de3ae74705e95a9566546c | |
parent | f8d7e1877e5121841bc9a4d284a04dbc13f45bea (diff) |
try to get rid of races in hostfs open()
In case of mode mismatch, do *not* blindly close the descriptor
another openers might be using right now. Open the underlying
file with currently sufficient mode, then
* if current mode has grown so that it's sufficient for
us now, just close our new fd
* if current mode has grown and our fd is *not* enough
to cover it, close and repeat.
* otherwise, install our fd if the file hadn't been
opened at all or dup2() our fd over the current one (and close
our fd).
Critical section is protected by mutex; yes, system-wide. All
we do under it is a bunch of comparison and maybe an overwriting
dup2() on host.
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
-rw-r--r-- | fs/hostfs/hostfs.h | 1 | ||||
-rw-r--r-- | fs/hostfs/hostfs_kern.c | 43 | ||||
-rw-r--r-- | fs/hostfs/hostfs_user.c | 5 |
3 files changed, 37 insertions, 12 deletions
diff --git a/fs/hostfs/hostfs.h b/fs/hostfs/hostfs.h index ea87e224ed97..6bbd75c5589b 100644 --- a/fs/hostfs/hostfs.h +++ b/fs/hostfs/hostfs.h | |||
@@ -74,6 +74,7 @@ extern void *open_dir(char *path, int *err_out); | |||
74 | extern char *read_dir(void *stream, unsigned long long *pos, | 74 | extern char *read_dir(void *stream, unsigned long long *pos, |
75 | unsigned long long *ino_out, int *len_out); | 75 | unsigned long long *ino_out, int *len_out); |
76 | extern void close_file(void *stream); | 76 | extern void close_file(void *stream); |
77 | extern int replace_file(int oldfd, int fd); | ||
77 | extern void close_dir(void *stream); | 78 | extern void close_dir(void *stream); |
78 | extern int read_file(int fd, unsigned long long *offset, char *buf, int len); | 79 | extern int read_file(int fd, unsigned long long *offset, char *buf, int len); |
79 | extern int write_file(int fd, unsigned long long *offset, const char *buf, | 80 | extern int write_file(int fd, unsigned long long *offset, const char *buf, |
diff --git a/fs/hostfs/hostfs_kern.c b/fs/hostfs/hostfs_kern.c index 8130ce93a06a..dd1e55535a4e 100644 --- a/fs/hostfs/hostfs_kern.c +++ b/fs/hostfs/hostfs_kern.c | |||
@@ -302,27 +302,22 @@ int hostfs_readdir(struct file *file, void *ent, filldir_t filldir) | |||
302 | 302 | ||
303 | int hostfs_file_open(struct inode *ino, struct file *file) | 303 | int hostfs_file_open(struct inode *ino, struct file *file) |
304 | { | 304 | { |
305 | static DEFINE_MUTEX(open_mutex); | ||
305 | char *name; | 306 | char *name; |
306 | fmode_t mode = 0; | 307 | fmode_t mode = 0; |
308 | int err; | ||
307 | int r = 0, w = 0, fd; | 309 | int r = 0, w = 0, fd; |
308 | 310 | ||
309 | mode = file->f_mode & (FMODE_READ | FMODE_WRITE); | 311 | mode = file->f_mode & (FMODE_READ | FMODE_WRITE); |
310 | if ((mode & HOSTFS_I(ino)->mode) == mode) | 312 | if ((mode & HOSTFS_I(ino)->mode) == mode) |
311 | return 0; | 313 | return 0; |
312 | 314 | ||
313 | /* | 315 | mode |= HOSTFS_I(ino)->mode; |
314 | * The file may already have been opened, but with the wrong access, | ||
315 | * so this resets things and reopens the file with the new access. | ||
316 | */ | ||
317 | if (HOSTFS_I(ino)->fd != -1) { | ||
318 | close_file(&HOSTFS_I(ino)->fd); | ||
319 | HOSTFS_I(ino)->fd = -1; | ||
320 | } | ||
321 | 316 | ||
322 | HOSTFS_I(ino)->mode |= mode; | 317 | retry: |
323 | if (HOSTFS_I(ino)->mode & FMODE_READ) | 318 | if (mode & FMODE_READ) |
324 | r = 1; | 319 | r = 1; |
325 | if (HOSTFS_I(ino)->mode & FMODE_WRITE) | 320 | if (mode & FMODE_WRITE) |
326 | w = 1; | 321 | w = 1; |
327 | if (w) | 322 | if (w) |
328 | r = 1; | 323 | r = 1; |
@@ -335,7 +330,31 @@ int hostfs_file_open(struct inode *ino, struct file *file) | |||
335 | __putname(name); | 330 | __putname(name); |
336 | if (fd < 0) | 331 | if (fd < 0) |
337 | return fd; | 332 | return fd; |
338 | FILE_HOSTFS_I(file)->fd = fd; | 333 | |
334 | mutex_lock(&open_mutex); | ||
335 | /* somebody else had handled it first? */ | ||
336 | if ((mode & HOSTFS_I(ino)->mode) == mode) { | ||
337 | mutex_unlock(&open_mutex); | ||
338 | return 0; | ||
339 | } | ||
340 | if ((mode | HOSTFS_I(ino)->mode) != mode) { | ||
341 | mode |= HOSTFS_I(ino)->mode; | ||
342 | mutex_unlock(&open_mutex); | ||
343 | close_file(&fd); | ||
344 | goto retry; | ||
345 | } | ||
346 | if (HOSTFS_I(ino)->fd == -1) { | ||
347 | HOSTFS_I(ino)->fd = fd; | ||
348 | } else { | ||
349 | err = replace_file(fd, HOSTFS_I(ino)->fd); | ||
350 | close_file(&fd); | ||
351 | if (err < 0) { | ||
352 | mutex_unlock(&open_mutex); | ||
353 | return err; | ||
354 | } | ||
355 | } | ||
356 | HOSTFS_I(ino)->mode = mode; | ||
357 | mutex_unlock(&open_mutex); | ||
339 | 358 | ||
340 | return 0; | 359 | return 0; |
341 | } | 360 | } |
diff --git a/fs/hostfs/hostfs_user.c b/fs/hostfs/hostfs_user.c index 91ebfcefa409..6777aa06ce2c 100644 --- a/fs/hostfs/hostfs_user.c +++ b/fs/hostfs/hostfs_user.c | |||
@@ -160,6 +160,11 @@ int fsync_file(int fd, int datasync) | |||
160 | return 0; | 160 | return 0; |
161 | } | 161 | } |
162 | 162 | ||
163 | int replace_file(int oldfd, int fd) | ||
164 | { | ||
165 | return dup2(oldfd, fd); | ||
166 | } | ||
167 | |||
163 | void close_file(void *stream) | 168 | void close_file(void *stream) |
164 | { | 169 | { |
165 | close(*((int *) stream)); | 170 | close(*((int *) stream)); |