aboutsummaryrefslogtreecommitdiffstats
path: root/fs/proc/inode.c
diff options
context:
space:
mode:
authorAlexey Dobriyan <adobriyan@gmail.com>2009-03-25 15:48:06 -0400
committerAlexey Dobriyan <adobriyan@gmail.com>2009-03-30 17:14:44 -0400
commit99b76233803beab302123d243eea9e41149804f3 (patch)
tree398178210fe66845ccd6fa4258ba762a87e023ad /fs/proc/inode.c
parent3dec7f59c370c7b58184d63293c3dc984d475840 (diff)
proc 2/2: remove struct proc_dir_entry::owner
Setting ->owner as done currently (pde->owner = THIS_MODULE) is racy as correctly noted at bug #12454. Someone can lookup entry with NULL ->owner, thus not pinning enything, and release it later resulting in module refcount underflow. We can keep ->owner and supply it at registration time like ->proc_fops and ->data. But this leaves ->owner as easy-manipulative field (just one C assignment) and somebody will forget to unpin previous/pin current module when switching ->owner. ->proc_fops is declared as "const" which should give some thoughts. ->read_proc/->write_proc were just fixed to not require ->owner for protection. rmmod'ed directories will be empty and return "." and ".." -- no harm. And directories with tricky enough readdir and lookup shouldn't be modular. We definitely don't want such modular code. Removing ->owner will also make PDE smaller. So, let's nuke it. Kudos to Jeff Layton for reminding about this, let's say, oversight. http://bugzilla.kernel.org/show_bug.cgi?id=12454 Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com>
Diffstat (limited to 'fs/proc/inode.c')
-rw-r--r--fs/proc/inode.c19
1 files changed, 3 insertions, 16 deletions
diff --git a/fs/proc/inode.c b/fs/proc/inode.c
index e11dc22c6511..d78ade305541 100644
--- a/fs/proc/inode.c
+++ b/fs/proc/inode.c
@@ -58,11 +58,8 @@ static void proc_delete_inode(struct inode *inode)
58 58
59 /* Let go of any associated proc directory entry */ 59 /* Let go of any associated proc directory entry */
60 de = PROC_I(inode)->pde; 60 de = PROC_I(inode)->pde;
61 if (de) { 61 if (de)
62 if (de->owner)
63 module_put(de->owner);
64 de_put(de); 62 de_put(de);
65 }
66 if (PROC_I(inode)->sysctl) 63 if (PROC_I(inode)->sysctl)
67 sysctl_head_put(PROC_I(inode)->sysctl); 64 sysctl_head_put(PROC_I(inode)->sysctl);
68 clear_inode(inode); 65 clear_inode(inode);
@@ -449,12 +446,9 @@ struct inode *proc_get_inode(struct super_block *sb, unsigned int ino,
449{ 446{
450 struct inode * inode; 447 struct inode * inode;
451 448
452 if (!try_module_get(de->owner))
453 goto out_mod;
454
455 inode = iget_locked(sb, ino); 449 inode = iget_locked(sb, ino);
456 if (!inode) 450 if (!inode)
457 goto out_ino; 451 return NULL;
458 if (inode->i_state & I_NEW) { 452 if (inode->i_state & I_NEW) {
459 inode->i_mtime = inode->i_atime = inode->i_ctime = CURRENT_TIME; 453 inode->i_mtime = inode->i_atime = inode->i_ctime = CURRENT_TIME;
460 PROC_I(inode)->fd = 0; 454 PROC_I(inode)->fd = 0;
@@ -485,16 +479,9 @@ struct inode *proc_get_inode(struct super_block *sb, unsigned int ino,
485 } 479 }
486 } 480 }
487 unlock_new_inode(inode); 481 unlock_new_inode(inode);
488 } else { 482 } else
489 module_put(de->owner);
490 de_put(de); 483 de_put(de);
491 }
492 return inode; 484 return inode;
493
494out_ino:
495 module_put(de->owner);
496out_mod:
497 return NULL;
498} 485}
499 486
500int proc_fill_super(struct super_block *s) 487int proc_fill_super(struct super_block *s)