Received: by 10.223.176.46 with SMTP id f43csp3343471wra; Mon, 22 Jan 2018 12:28:55 -0800 (PST) X-Google-Smtp-Source: AH8x226n8CJ0yhnwj66FCz3jGlBVaJzRbkHsN0U6s4cmPptxe4UKQ6qgbo2Gl+SzOhutTNXYcmUb X-Received: by 10.36.37.209 with SMTP id g200mr80561itg.152.1516652934889; Mon, 22 Jan 2018 12:28:54 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516652934; cv=none; d=google.com; s=arc-20160816; b=PCadFtl+EjSCAkEV4oobUYF2jsDk+KpxfBMNlAGRYhe12fAIR2vIHVfa6jPiSMGBAu H7sJBNxlc27ck7t5oHgIfG/OjeRGun8Pv86sqkCVDUOqDCSQMZCHJZsyMaj2xP/d3u+p 9tjcWayp5KckRiwwSv5Xv/JrTYGzg+YsACpI45BiOAJ0yd5X2kpMvvtEKYfbVVx4hDkK YRqSmBQWF6CFOtJs8Eg5jp/ulYxmJPGi9Ddpu4y03w4mW12QVX6A0UpGd1iYeD31oSY0 bBZ3oPZ0cfoFfnk/2xDEUW6zIeI7sGw2Z2AQWpx6RKCMgnkTlt0zGzgIEIdr3O+VqSXV UFhQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature:arc-authentication-results; bh=GQckZC5BsLVfiLXXLichFS4gdAgSpSnielAljCiS+O0=; b=HFMbKW0El/4DhqXB5gZgIR+l9kfKuK7zEKYlPaxlkn2zGoNB/T6VNuJa/VfgsvODeD FnZkNQrO2xYvRQwk6VhR9q5EXxEBRJ0fJS38R5STC4GWdFuupDKlVC9fv6Bkjcxhrsyc scq7kbZ5cSynqss9/s7jVq84upKbW8sZvm5dWZOJZP3DSSoQC4YRYmfshWOGluFD0+6X eKuS/RGt2Dl/UMpXmLyZU7oIuzjRagkTKXXSjgE8Tj37KgTCIVhly374X39UqyDn/380 u2DR5XaIiZ6FQH3nvawcVcpbFw1fBluD9Irlzil+3JfCFS/gMaGVL0JkTmWlgqILuv69 NgSQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@infradead.org header.s=bombadil.20170209 header.b=cBaaOUAv; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id s76si13184342ioe.191.2018.01.22.12.28.41; Mon, 22 Jan 2018 12:28:54 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@infradead.org header.s=bombadil.20170209 header.b=cBaaOUAv; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751408AbeAVUNJ (ORCPT + 99 others); Mon, 22 Jan 2018 15:13:09 -0500 Received: from bombadil.infradead.org ([65.50.211.133]:54561 "EHLO bombadil.infradead.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750973AbeAVUNC (ORCPT ); Mon, 22 Jan 2018 15:13:02 -0500 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=bombadil.20170209; h=References:In-Reply-To:Message-Id: Date:Subject:Cc:To:From:Sender:Reply-To:MIME-Version:Content-Type: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=GQckZC5BsLVfiLXXLichFS4gdAgSpSnielAljCiS+O0=; b=cBaaOUAvHAsZ1WRFGxOTIiGtK b3OrtU0HSHnpYXX19qLIB+TJojzngBLJV8CL3eJInxndLhcU6SN8bvtF9HOrTsszojWvNFZYBAwrO y+Z7aUNDwM0XlcmlrpuXugRNPANm5Msprtx6parOMdT8+AiV9Qb1Sv3pAa52q0a6yMzJuaHi2qvO/ 7tjDfJjoCh3o87qM5hKCwIkIn6GA4c4CIYLxtiUZ/dX4e8FN8gXW41T4MCNcMUZBYYDc9gUFwzBIy PIVRhBCkPuVUOogU8//b2jslbKwc60zSnYcHthEOl0ZZBxpQfdawVxPhD5rOFpdvNQXKlK5NtGzkw nd5A9Zrcw==; Received: from 178.114.226.247.wireless.dyn.drei.com ([178.114.226.247] helo=localhost) by bombadil.infradead.org with esmtpsa (Exim 4.89 #1 (Red Hat Linux)) id 1ediSh-0007WC-Jl; Mon, 22 Jan 2018 20:13:00 +0000 From: Christoph Hellwig To: viro@zeniv.linux.org.uk Cc: Avi Kivity , linux-aio@kvack.org, linux-fsdevel@vger.kernel.org, netdev@vger.kernel.org, linux-api@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH 04/36] aio: sanitize ki_list handling Date: Mon, 22 Jan 2018 21:12:11 +0100 Message-Id: <20180122201243.31610-5-hch@lst.de> X-Mailer: git-send-email 2.14.2 In-Reply-To: <20180122201243.31610-1-hch@lst.de> References: <20180122201243.31610-1-hch@lst.de> X-SRS-Rewrite: SMTP reverse-path rewritten from by bombadil.infradead.org. See http://www.infradead.org/rpr.html Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Instead of handcoded non-null checks always initialize ki_list to an empty list and use list_empty / list_empty_careful on it. While we're at it also error out on a double call to kiocb_set_cancel_fn instead of ignoring it. Signed-off-by: Christoph Hellwig Acked-by: Jeff Moyer --- fs/aio.c | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/fs/aio.c b/fs/aio.c index 6295fc00f104..c32c315f05b5 100644 --- a/fs/aio.c +++ b/fs/aio.c @@ -555,13 +555,12 @@ void kiocb_set_cancel_fn(struct kiocb *iocb, kiocb_cancel_fn *cancel) struct kioctx *ctx = req->ki_ctx; unsigned long flags; - spin_lock_irqsave(&ctx->ctx_lock, flags); - - if (!req->ki_list.next) - list_add(&req->ki_list, &ctx->active_reqs); + if (WARN_ON_ONCE(!list_empty(&req->ki_list))) + return; + spin_lock_irqsave(&ctx->ctx_lock, flags); + list_add_tail(&req->ki_list, &ctx->active_reqs); req->ki_cancel = cancel; - spin_unlock_irqrestore(&ctx->ctx_lock, flags); } EXPORT_SYMBOL(kiocb_set_cancel_fn); @@ -1034,7 +1033,7 @@ static inline struct aio_kiocb *aio_get_req(struct kioctx *ctx) goto out_put; percpu_ref_get(&ctx->reqs); - + INIT_LIST_HEAD(&req->ki_list); req->ki_ctx = ctx; return req; out_put: @@ -1080,7 +1079,7 @@ static void aio_complete(struct aio_kiocb *iocb, long res, long res2) unsigned tail, pos, head; unsigned long flags; - if (iocb->ki_list.next) { + if (!list_empty_careful(iocb->ki_list.next)) { unsigned long flags; spin_lock_irqsave(&ctx->ctx_lock, flags); -- 2.14.2