Add lock to prevent a race with a file closing and also remove
useless and ugly sscanf code. The extra code was never needed
and the case it supposedly protected against is in fact handled
correctly by sock_from_file as pointed out by Al Viro.
CC: Neil Horman <[email protected]>
Reported-by: Al Viro <[email protected]>
Signed-off-by: John Fastabend <[email protected]>
---
net/core/netprio_cgroup.c | 15 ++++-----------
1 files changed, 4 insertions(+), 11 deletions(-)
diff --git a/net/core/netprio_cgroup.c b/net/core/netprio_cgroup.c
index ed0c043..0323ec3 100644
--- a/net/core/netprio_cgroup.c
+++ b/net/core/netprio_cgroup.c
@@ -296,29 +296,22 @@ void net_prio_attach(struct cgroup *cgrp, struct cgroup_taskset *tset)
continue;
}
- rcu_read_lock();
+ spin_lock(&files->file_lock);
fdt = files_fdtable(files);
for (fd = 0; fd < fdt->max_fds; fd++) {
- char *path;
struct file *file;
struct socket *sock;
- unsigned long s;
- int rv, err = 0;
+ int err;
file = fcheck_files(files, fd);
if (!file)
continue;
- path = d_path(&file->f_path, tmp, PAGE_SIZE);
- rv = sscanf(path, "socket:[%lu]", &s);
- if (rv <= 0)
- continue;
-
sock = sock_from_file(file, &err);
- if (!err)
+ if (sock)
sock_update_netprioidx(sock->sk, p);
}
- rcu_read_unlock();
+ spin_unlock(&files->file_lock);
task_unlock(p);
}
kfree(tmp);
A socket fd passed in a SCM_RIGHTS datagram was not getting
updated with the new tasks cgrp prioidx. This leaves IO on
the socket tagged with the old tasks priority.
To fix this add a check in the scm recvmsg path to update the
sock cgrp prioidx with the new tasks value.
Thanks to Al Viro for catching this.
CC: Neil Horman <[email protected]>
Reported-by: Al Viro <[email protected]>
Signed-off-by: John Fastabend <[email protected]>
---
net/core/scm.c | 5 +++++
1 files changed, 5 insertions(+), 0 deletions(-)
diff --git a/net/core/scm.c b/net/core/scm.c
index 8f6ccfd..053bd43 100644
--- a/net/core/scm.c
+++ b/net/core/scm.c
@@ -249,6 +249,7 @@ void scm_detach_fds(struct msghdr *msg, struct scm_cookie *scm)
struct file **fp = scm->fp->fp;
int __user *cmfptr;
int err = 0, i;
+ __u32 prioidx = task_netprioidx(current);
if (MSG_CMSG_COMPAT & msg->msg_flags) {
scm_detach_fds_compat(msg, scm);
@@ -265,6 +266,7 @@ void scm_detach_fds(struct msghdr *msg, struct scm_cookie *scm)
for (i=0, cmfptr=(__force int __user *)CMSG_DATA(cm); i<fdmax;
i++, cmfptr++)
{
+ struct socket *sock;
int new_fd;
err = security_file_receive(fp[i]);
if (err)
@@ -282,6 +284,9 @@ void scm_detach_fds(struct msghdr *msg, struct scm_cookie *scm)
/* Bump the usage count and install the file. */
get_file(fp[i]);
fd_install(new_fd, fp[i]);
+ sock = sock_from_file(fp[i], &err);
+ if (sock)
+ sock->sk->sk_cgrp_prioidx = prioidx;
}
if (i > 0)
On Mon, Aug 13, 2012 at 06:39:39PM -0700, John Fastabend wrote:
> - path = d_path(&file->f_path, tmp, PAGE_SIZE);
What's using tmp after that patch and do you still need to bother
allocating it?
On Mon, Aug 13, 2012 at 06:39:45PM -0700, John Fastabend wrote:
> /* Bump the usage count and install the file. */
> get_file(fp[i]);
> fd_install(new_fd, fp[i]);
> + sock = sock_from_file(fp[i], &err);
> + if (sock)
> + sock->sk->sk_cgrp_prioidx = prioidx;
Better to do that before fd_install() exposes the sucker; it's not
a serious issue, but it's more obviously correct that way.
On 8/13/2012 7:29 PM, Al Viro wrote:
> On Mon, Aug 13, 2012 at 06:39:39PM -0700, John Fastabend wrote:
>> - path = d_path(&file->f_path, tmp, PAGE_SIZE);
>
> What's using tmp after that patch and do you still need to bother
> allocating it?
>
nothing removed it in v2.
On 8/13/2012 7:31 PM, Al Viro wrote:
> On Mon, Aug 13, 2012 at 06:39:45PM -0700, John Fastabend wrote:
>> /* Bump the usage count and install the file. */
>> get_file(fp[i]);
>> fd_install(new_fd, fp[i]);
>> + sock = sock_from_file(fp[i], &err);
>> + if (sock)
>> + sock->sk->sk_cgrp_prioidx = prioidx;
>
> Better to do that before fd_install() exposes the sucker; it's not
> a serious issue, but it's more obviously correct that way.
>
Right. Moved it in v2.