Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S264810AbTGCFrH (ORCPT ); Thu, 3 Jul 2003 01:47:07 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S265135AbTGCFrH (ORCPT ); Thu, 3 Jul 2003 01:47:07 -0400 Received: from wiprom2mx1.wipro.com ([203.197.164.41]:25807 "EHLO wiprom2mx1.wipro.com") by vger.kernel.org with ESMTP id S264810AbTGCFrE (ORCPT ); Thu, 3 Jul 2003 01:47:04 -0400 Subject: PATCH] fix current->user->__count leak for processes From: Arvind Kandhare To: linux-kernel@vger.kernel.org Cc: eric@lammerts.org Content-Type: text/plain Content-Transfer-Encoding: 7bit X-Mailer: Ximian Evolution 1.0.8 (1.0.8-10) Date: 03 Jul 2003 11:34:19 +0530 Message-Id: <1057212259.6028.6.camel@m2-arvind> Mime-Version: 1.0 X-OriginalArrivalTime: 03 Jul 2003 06:01:21.0785 (UTC) FILETIME=[871D5690:01C34128] Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 2056 Lines: 52 Hi, I am trying to test a patch for limiting maximum number of users on the system(refer: [RFC][PATCH 2.5.70] Dynamically tunable maxusers, maxuprc and max_pt_cnt on 06 Jun 2003). I stumbled across this problem : when switch_uid is called, the reference count of the new user is incremented twice. I think the increment in the switch_uid is done because of the reparent_to_init() function which does not increase the __count for root user. But if switch_uid is called from any other function, the reference count is already incremented by the caller by calling alloc_uid for the new user. Hence the count is incremented twice. The user struct will not be deleted even when there are no processes holding a reference count for it. This does not cause any problem currently because nothing is dependent on timely deletion of the user struct. Here is a small patch to solve this problem. Thanks and regards, Arvind diff -Naur linux-2.5.73/kernel/exit.c linux-2.5.73.n/kernel/exit.c --- linux-2.5.73/kernel/exit.c 2003-06-23 00:03:15.000000000 +0530 +++ linux-2.5.73.n/kernel/exit.c 2003-07-03 10:48:32.000000000 +0530 @@ -230,6 +230,7 @@ /* signals? */ security_task_reparent_to_init(current); memcpy(current->rlim, init_task.rlim, sizeof(*(current->rlim))); + atomic_inc(&(INIT_USER->__count)); switch_uid(INIT_USER); write_unlock_irq(&tasklist_lock); diff -Naur linux-2.5.73/kernel/user.c linux-2.5.73.n/kernel/user.c --- linux-2.5.73/kernel/user.c 2003-06-23 00:02:41.000000000 +0530 +++ linux-2.5.73.n/kernel/user.c 2003-07-03 10:46:59.000000000 +0530 @@ -126,7 +126,6 @@ * we should be checking for it. -DaveM */ old_user = current->user; - atomic_inc(&new_user->__count); atomic_inc(&new_user->processes); atomic_dec(&old_user->processes); current->user = new_user; - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/