diff options
author | Alexey Dobriyan <adobriyan@gmail.com> | 2009-03-25 15:48:06 -0400 |
---|---|---|
committer | Alexey Dobriyan <adobriyan@gmail.com> | 2009-03-30 17:14:44 -0400 |
commit | 99b76233803beab302123d243eea9e41149804f3 (patch) | |
tree | 398178210fe66845ccd6fa4258ba762a87e023ad /fs/proc/inode.c | |
parent | 3dec7f59c370c7b58184d63293c3dc984d475840 (diff) |
proc 2/2: remove struct proc_dir_entry::owner
Setting ->owner as done currently (pde->owner = THIS_MODULE) is racy
as correctly noted at bug #12454. Someone can lookup entry with NULL
->owner, thus not pinning enything, and release it later resulting
in module refcount underflow.
We can keep ->owner and supply it at registration time like ->proc_fops
and ->data.
But this leaves ->owner as easy-manipulative field (just one C assignment)
and somebody will forget to unpin previous/pin current module when
switching ->owner. ->proc_fops is declared as "const" which should give
some thoughts.
->read_proc/->write_proc were just fixed to not require ->owner for
protection.
rmmod'ed directories will be empty and return "." and ".." -- no harm.
And directories with tricky enough readdir and lookup shouldn't be modular.
We definitely don't want such modular code.
Removing ->owner will also make PDE smaller.
So, let's nuke it.
Kudos to Jeff Layton for reminding about this, let's say, oversight.
http://bugzilla.kernel.org/show_bug.cgi?id=12454
Signed-off-by: Alexey Dobriyan <adobriyan@gmail.com>
Diffstat (limited to 'fs/proc/inode.c')
-rw-r--r-- | fs/proc/inode.c | 19 |
1 files changed, 3 insertions, 16 deletions
diff --git a/fs/proc/inode.c b/fs/proc/inode.c index e11dc22c6511..d78ade305541 100644 --- a/fs/proc/inode.c +++ b/fs/proc/inode.c | |||
@@ -58,11 +58,8 @@ static void proc_delete_inode(struct inode *inode) | |||
58 | 58 | ||
59 | /* Let go of any associated proc directory entry */ | 59 | /* Let go of any associated proc directory entry */ |
60 | de = PROC_I(inode)->pde; | 60 | de = PROC_I(inode)->pde; |
61 | if (de) { | 61 | if (de) |
62 | if (de->owner) | ||
63 | module_put(de->owner); | ||
64 | de_put(de); | 62 | de_put(de); |
65 | } | ||
66 | if (PROC_I(inode)->sysctl) | 63 | if (PROC_I(inode)->sysctl) |
67 | sysctl_head_put(PROC_I(inode)->sysctl); | 64 | sysctl_head_put(PROC_I(inode)->sysctl); |
68 | clear_inode(inode); | 65 | clear_inode(inode); |
@@ -449,12 +446,9 @@ struct inode *proc_get_inode(struct super_block *sb, unsigned int ino, | |||
449 | { | 446 | { |
450 | struct inode * inode; | 447 | struct inode * inode; |
451 | 448 | ||
452 | if (!try_module_get(de->owner)) | ||
453 | goto out_mod; | ||
454 | |||
455 | inode = iget_locked(sb, ino); | 449 | inode = iget_locked(sb, ino); |
456 | if (!inode) | 450 | if (!inode) |
457 | goto out_ino; | 451 | return NULL; |
458 | if (inode->i_state & I_NEW) { | 452 | if (inode->i_state & I_NEW) { |
459 | inode->i_mtime = inode->i_atime = inode->i_ctime = CURRENT_TIME; | 453 | inode->i_mtime = inode->i_atime = inode->i_ctime = CURRENT_TIME; |
460 | PROC_I(inode)->fd = 0; | 454 | PROC_I(inode)->fd = 0; |
@@ -485,16 +479,9 @@ struct inode *proc_get_inode(struct super_block *sb, unsigned int ino, | |||
485 | } | 479 | } |
486 | } | 480 | } |
487 | unlock_new_inode(inode); | 481 | unlock_new_inode(inode); |
488 | } else { | 482 | } else |
489 | module_put(de->owner); | ||
490 | de_put(de); | 483 | de_put(de); |
491 | } | ||
492 | return inode; | 484 | return inode; |
493 | |||
494 | out_ino: | ||
495 | module_put(de->owner); | ||
496 | out_mod: | ||
497 | return NULL; | ||
498 | } | 485 | } |
499 | 486 | ||
500 | int proc_fill_super(struct super_block *s) | 487 | int proc_fill_super(struct super_block *s) |