Received: by 2002:a25:1506:0:0:0:0:0 with SMTP id 6csp1713890ybv; Thu, 6 Feb 2020 08:33:35 -0800 (PST) X-Google-Smtp-Source: APXvYqxpuEeHT7aNDNKs9+g9n2fw6kHxWSO176uJPBqSi2i862DDGAO0Qz1aIPr45ngTT/3icStx X-Received: by 2002:a05:6830:154c:: with SMTP id l12mr30599079otp.275.1581006815805; Thu, 06 Feb 2020 08:33:35 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1581006815; cv=none; d=google.com; s=arc-20160816; b=Ds4whN8u/Wfr84q8U2LJe5N3bNLc8xTwqvUrMmNsX7vsds1xxbRE3sNNsBVVFOnaJl Z9m1S8J6sltr4vaAv7hkNv9ZI+Rx4naTB5Ut/0CciizMV1tkfFI2lIMuMLY68VZgumWj D6Ro8pz6lpPew6T92wFLE1AfPrLtRiCA8GGt39Jw+OShPHzdowvrAf5d+TlfaooEIh+b fB3ly5FY0SWWo0e8ee+pBOPS25BqDq6NaMpg+PK1ww1PYAHi2+PaDjB8TxsxEaIrbeyZ wHfcjfXdR0I2TQp/0DmF1rnnHhzIuE18Dr3Ss+kw5CKRSXfnpHwCnXIuERRviQtdg0NJ 4nsA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:mime-version:user-agent:date:message-id:subject :from:to; bh=h4NJ77Axm5HHkQ9pFZIXjtmwio7QwnRdxVO06roUXTA=; b=uNHtLOVclLe690m9YZ7ZqXW5BEkjrhn+bsSaMlSSIrb9JMkcACgXBuqg8MuoxPjnOa Po00iupgI7gYzU7YRjz8LdAClMv0XaBSXshUvpmOMP0nzh78QAz5IKhcOowORUqbxTSc lPElL0CMRXd8vNWXV5VmoQORiVO0ronXyWCuI3qPhmE5+T+DT7WxTO6FAIjLXgW4w5FY k5UPig4/IJomgsbaUOp1o3+EEmTghY8HIrqmxs+8cR1gzRS0pn1krhkTNivZQwmHO52d VnwFweETHyBw6M4YPax7rlRNFmuQETONK8ooNjYuvA9v6Ry9Jr4sswmqhhSvFKTGO0Ao wrww== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=virtuozzo.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id n203si2199043oia.112.2020.02.06.08.33.23; Thu, 06 Feb 2020 08:33:35 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=virtuozzo.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727702AbgBFQc2 (ORCPT + 99 others); Thu, 6 Feb 2020 11:32:28 -0500 Received: from relay.sw.ru ([185.231.240.75]:36714 "EHLO relay.sw.ru" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727574AbgBFQc2 (ORCPT ); Thu, 6 Feb 2020 11:32:28 -0500 Received: from dhcp-172-16-24-104.sw.ru ([172.16.24.104]) by relay.sw.ru with esmtp (Exim 4.92.3) (envelope-from ) id 1izk4j-0008WP-7H; Thu, 06 Feb 2020 19:32:21 +0300 To: Jens Axboe , LKML , io-uring@vger.kernel.org From: Kirill Tkhai Subject: io_uring: io_grab_files() misses taking files->count? Message-ID: Date: Thu, 6 Feb 2020 19:32:20 +0300 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.4.2 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi, Jens, in io_grab_files() we take pointer to current->files without taking files->count. Later, this files become attached to worker in io_worker_handle_work() also without any manipulation with counter. But files->count is used for different optimizations. Say, in expand_fdtable() we avoid synchonize_rcu() in case of there is only files user. In case of there are more users, missing of synchronize_rcu() is not safe. Is this correct? Or maybe there is some hidden logic in io_uring, which prevents this problem? Say, IORING_OP_OPENAT/CLOSE/ETC can't be propagated to worker etc... Kirill