aboutsummaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
authorEric W. Biederman <ebiederm@xmission.com>2006-10-02 05:17:04 -0400
committerLinus Torvalds <torvalds@g5.osdl.org>2006-10-02 10:57:12 -0400
commit0804ef4b0de7121261f77c565b20a11ac694e877 (patch)
treeff12e3b999dc2ce66d97fce5d76cd7df073c0d5c /include
parent2bc2d61a9638dab670d8361e928d1a5a291173ef (diff)
[PATCH] proc: readdir race fix (take 3)
The problem: An opendir, readdir, closedir sequence can fail to report process ids that are continually in use throughout the sequence of system calls. For this race to trigger the process that proc_pid_readdir stops at must exit before readdir is called again. This can cause ps to fail to report processes, and it is in violation of posix guarantees and normal application expectations with respect to readdir. Currently there is no way to work around this problem in user space short of providing a gargantuan buffer to user space so the directory read all happens in on system call. This patch implements the normal directory semantics for proc, that guarantee that a directory entry that is neither created nor destroyed while reading the directory entry will be returned. For directory that are either created or destroyed during the readdir you may or may not see them. Furthermore you may seek to a directory offset you have previously seen. These are the guarantee that ext[23] provides and that posix requires, and more importantly that user space expects. Plus it is a simple semantic to implement reliable service. It is just a matter of calling readdir a second time if you are wondering if something new has show up. These better semantics are implemented by scanning through the pids in numerical order and by making the file offset a pid plus a fixed offset. The pid scan happens on the pid bitmap, which when you look at it is remarkably efficient for a brute force algorithm. Given that a typical cache line is 64 bytes and thus covers space for 64*8 == 200 pids. There are only 40 cache lines for the entire 32K pid space. A typical system will have 100 pids or more so this is actually fewer cache lines we have to look at to scan a linked list, and the worst case of having to scan the entire pid bitmap is pretty reasonable. If we need something more efficient we can go to a more efficient data structure for indexing the pids, but for now what we have should be sufficient. In addition this takes no additional locks and is actually less code than what we are doing now. Also another very subtle bug in this area has been fixed. It is possible to catch a task in the middle of de_thread where a thread is assuming the thread of it's thread group leader. This patch carefully handles that case so if we hit it we don't fail to return the pid, that is undergoing the de_thread dance. Thanks to KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com> for providing the first fix, pointing this out and working on it. [oleg@tv-sign.ru: fix it] Signed-off-by: Eric W. Biederman <ebiederm@xmission.com> Acked-by: KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com> Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru> Cc: Jean Delvare <jdelvare@suse.de> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Diffstat (limited to 'include')
-rw-r--r--include/linux/pid.h1
-rw-r--r--include/linux/sched.h11
2 files changed, 12 insertions, 0 deletions
diff --git a/include/linux/pid.h b/include/linux/pid.h
index 93da7e2d9f30..359121086de1 100644
--- a/include/linux/pid.h
+++ b/include/linux/pid.h
@@ -89,6 +89,7 @@ extern struct pid *FASTCALL(find_pid(int nr));
89 * Lookup a PID in the hash table, and return with it's count elevated. 89 * Lookup a PID in the hash table, and return with it's count elevated.
90 */ 90 */
91extern struct pid *find_get_pid(int nr); 91extern struct pid *find_get_pid(int nr);
92extern struct pid *find_ge_pid(int nr);
92 93
93extern struct pid *alloc_pid(void); 94extern struct pid *alloc_pid(void);
94extern void FASTCALL(free_pid(struct pid *pid)); 95extern void FASTCALL(free_pid(struct pid *pid));
diff --git a/include/linux/sched.h b/include/linux/sched.h
index 7ef899c47c29..be658e33bd26 100644
--- a/include/linux/sched.h
+++ b/include/linux/sched.h
@@ -1358,6 +1358,17 @@ extern void wait_task_inactive(struct task_struct * p);
1358/* de_thread depends on thread_group_leader not being a pid based check */ 1358/* de_thread depends on thread_group_leader not being a pid based check */
1359#define thread_group_leader(p) (p == p->group_leader) 1359#define thread_group_leader(p) (p == p->group_leader)
1360 1360
1361/* Do to the insanities of de_thread it is possible for a process
1362 * to have the pid of the thread group leader without actually being
1363 * the thread group leader. For iteration through the pids in proc
1364 * all we care about is that we have a task with the appropriate
1365 * pid, we don't actually care if we have the right task.
1366 */
1367static inline int has_group_leader_pid(struct task_struct *p)
1368{
1369 return p->pid == p->tgid;
1370}
1371
1361static inline struct task_struct *next_thread(const struct task_struct *p) 1372static inline struct task_struct *next_thread(const struct task_struct *p)
1362{ 1373{
1363 return list_entry(rcu_dereference(p->thread_group.next), 1374 return list_entry(rcu_dereference(p->thread_group.next),