diff options
| author | Kees Cook <keescook@chromium.org> | 2011-11-17 15:58:07 -0500 |
|---|---|---|
| committer | Tony Luck <tony.luck@intel.com> | 2011-11-17 15:58:07 -0500 |
| commit | f6f8285132907757ef84ef8dae0a1244b8cde6ac (patch) | |
| tree | f3d3b37349e79251cfe16ef0f39e0b4af1a266b1 /fs/pstore | |
| parent | cfcfc9eca2bcbd26a8e206baeb005b055dbf8e37 (diff) | |
pstore: pass allocated memory region back to caller
The buf_lock cannot be held while populating the inodes, so make the backend
pass forward an allocated and filled buffer instead. This solves the following
backtrace. The effect is that "buf" is only ever used to notify the backends
that something was written to it, and shouldn't be used in the read path.
To replace the buf_lock during the read path, isolate the open/read/close
loop with a separate mutex to maintain serialized access to the backend.
Note that is is up to the pstore backend to cope if the (*write)() path is
called in the middle of the read path.
[ 59.691019] BUG: sleeping function called from invalid context at .../mm/slub.c:847
[ 59.691019] in_atomic(): 0, irqs_disabled(): 1, pid: 1819, name: mount
[ 59.691019] Pid: 1819, comm: mount Not tainted 3.0.8 #1
[ 59.691019] Call Trace:
[ 59.691019] [<810252d5>] __might_sleep+0xc3/0xca
[ 59.691019] [<810a26e6>] kmem_cache_alloc+0x32/0xf3
[ 59.691019] [<810b53ac>] ? __d_lookup_rcu+0x6f/0xf4
[ 59.691019] [<810b68b1>] alloc_inode+0x2a/0x64
[ 59.691019] [<810b6903>] new_inode+0x18/0x43
[ 59.691019] [<81142447>] pstore_get_inode.isra.1+0x11/0x98
[ 59.691019] [<81142623>] pstore_mkfile+0xae/0x26f
[ 59.691019] [<810a2a66>] ? kmem_cache_free+0x19/0xb1
[ 59.691019] [<8116c821>] ? ida_get_new_above+0x140/0x158
[ 59.691019] [<811708ea>] ? __init_rwsem+0x1e/0x2c
[ 59.691019] [<810b67e8>] ? inode_init_always+0x111/0x1b0
[ 59.691019] [<8102127e>] ? should_resched+0xd/0x27
[ 59.691019] [<8137977f>] ? _cond_resched+0xd/0x21
[ 59.691019] [<81142abf>] pstore_get_records+0x52/0xa7
[ 59.691019] [<8114254b>] pstore_fill_super+0x7d/0x91
[ 59.691019] [<810a7ff5>] mount_single+0x46/0x82
[ 59.691019] [<8114231a>] pstore_mount+0x15/0x17
[ 59.691019] [<811424ce>] ? pstore_get_inode.isra.1+0x98/0x98
[ 59.691019] [<810a8199>] mount_fs+0x5a/0x12d
[ 59.691019] [<810b9174>] ? alloc_vfsmnt+0xa4/0x14a
[ 59.691019] [<810b9474>] vfs_kern_mount+0x4f/0x7d
[ 59.691019] [<810b9d7e>] do_kern_mount+0x34/0xb2
[ 59.691019] [<810bb15f>] do_mount+0x5fc/0x64a
[ 59.691019] [<810912fb>] ? strndup_user+0x2e/0x3f
[ 59.691019] [<810bb3cb>] sys_mount+0x66/0x99
[ 59.691019] [<8137b537>] sysenter_do_call+0x12/0x26
Signed-off-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Tony Luck <tony.luck@intel.com>
Diffstat (limited to 'fs/pstore')
| -rw-r--r-- | fs/pstore/platform.c | 13 |
1 files changed, 8 insertions, 5 deletions
diff --git a/fs/pstore/platform.c b/fs/pstore/platform.c index 2bd620f0d796..57bbf9078ac8 100644 --- a/fs/pstore/platform.c +++ b/fs/pstore/platform.c | |||
| @@ -167,6 +167,7 @@ int pstore_register(struct pstore_info *psi) | |||
| 167 | } | 167 | } |
| 168 | 168 | ||
| 169 | psinfo = psi; | 169 | psinfo = psi; |
| 170 | mutex_init(&psinfo->read_mutex); | ||
| 170 | spin_unlock(&pstore_lock); | 171 | spin_unlock(&pstore_lock); |
| 171 | 172 | ||
| 172 | if (owner && !try_module_get(owner)) { | 173 | if (owner && !try_module_get(owner)) { |
| @@ -195,30 +196,32 @@ EXPORT_SYMBOL_GPL(pstore_register); | |||
| 195 | void pstore_get_records(int quiet) | 196 | void pstore_get_records(int quiet) |
| 196 | { | 197 | { |
| 197 | struct pstore_info *psi = psinfo; | 198 | struct pstore_info *psi = psinfo; |
| 199 | char *buf = NULL; | ||
| 198 | ssize_t size; | 200 | ssize_t size; |
| 199 | u64 id; | 201 | u64 id; |
| 200 | enum pstore_type_id type; | 202 | enum pstore_type_id type; |
| 201 | struct timespec time; | 203 | struct timespec time; |
| 202 | int failed = 0, rc; | 204 | int failed = 0, rc; |
| 203 | unsigned long flags; | ||
| 204 | 205 | ||
| 205 | if (!psi) | 206 | if (!psi) |
| 206 | return; | 207 | return; |
| 207 | 208 | ||
| 208 | spin_lock_irqsave(&psinfo->buf_lock, flags); | 209 | mutex_lock(&psi->read_mutex); |
| 209 | rc = psi->open(psi); | 210 | rc = psi->open(psi); |
| 210 | if (rc) | 211 | if (rc) |
| 211 | goto out; | 212 | goto out; |
| 212 | 213 | ||
| 213 | while ((size = psi->read(&id, &type, &time, psi)) > 0) { | 214 | while ((size = psi->read(&id, &type, &time, &buf, psi)) > 0) { |
| 214 | rc = pstore_mkfile(type, psi->name, id, psi->buf, (size_t)size, | 215 | rc = pstore_mkfile(type, psi->name, id, buf, (size_t)size, |
| 215 | time, psi); | 216 | time, psi); |
| 217 | kfree(buf); | ||
| 218 | buf = NULL; | ||
| 216 | if (rc && (rc != -EEXIST || !quiet)) | 219 | if (rc && (rc != -EEXIST || !quiet)) |
| 217 | failed++; | 220 | failed++; |
| 218 | } | 221 | } |
| 219 | psi->close(psi); | 222 | psi->close(psi); |
| 220 | out: | 223 | out: |
| 221 | spin_unlock_irqrestore(&psinfo->buf_lock, flags); | 224 | mutex_unlock(&psi->read_mutex); |
| 222 | 225 | ||
| 223 | if (failed) | 226 | if (failed) |
| 224 | printk(KERN_WARNING "pstore: failed to load %d record(s) from '%s'\n", | 227 | printk(KERN_WARNING "pstore: failed to load %d record(s) from '%s'\n", |