Received: by 2002:a05:6a10:22f:0:0:0:0 with SMTP id 15csp3447677pxk; Mon, 5 Oct 2020 09:52:20 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzWr3ZLAZ3E57K8FjD4Uo87t2InRskuyLKUitNTwqXzCao23cWdnssO2sYJFdGW6Z/cqxGL X-Received: by 2002:a17:906:3bc7:: with SMTP id v7mr603494ejf.245.1601916740662; Mon, 05 Oct 2020 09:52:20 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1601916740; cv=none; d=google.com; s=arc-20160816; b=tbawRS0r+ELsBB8xR6CCjn/l4Ugw7m6Nu2y91DjOHrMrn3tAquwUNvwNYNOuYI95ag Yc3xLgLubFpx8VPKKzUxfmX84fRb6zbuaj9+wNg3aBunjsbzioMFQ+IAYjfh0ojKVjTD gLXj7RUCykhMmOHpg+jxcDQVh4lC4jlAcumAMZkALk/V+I5AmF4txmCtiIs7HZwedH5g rtziSRgmqvwSgtOyOQnxSRnSkJOqnsoztg4YgHE5oUPR3nClBuG2nQc0f4lYiXZ0DSrz 2EvGuZB8e0VOQG/86qyC7vWPdTJSX3L2KJ/tKfA1m9rrhqqhVL7JTuMMBmB6UT5E9TIu BBAA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=UJB1LGrz/vWLuPM6T8PoqmVr8kdgwbS0wOslGS8fDuI=; b=F5Q3MmwlyYT+ua7Vkvt6qweor1Xo8ILHATPFRSSPuGW4woGwPmZfjMJMa78E7bJ2Vu vnWsSp5OMLY0HZXw1RrlNXfMhRYx3Px8bjAaNz4pU564321UzFsAtYriMCIIej1/NJXh APMdO5+B6MfEPm4u09iXusQ6PLJVxyKwzmZcV02M2/2qvAxUvyFFkmlJ02rphMXYYmFe lvxVOs7i/QG482zfyNzXYBPevG+8MKjHeIZGGm2TXoAYk8MfPHK0FS0g1Y88hTrxxs/W +Ek9awzvA0F2AEsn+dGr5tAGcG1tmi/KkaIY0ug9Z5TrbLAs/ONm0YV6BqUJwXg2Yn6k sjFA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=wL+4XGk2; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id t8si356707edw.331.2020.10.05.09.51.57; Mon, 05 Oct 2020 09:52:20 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=wL+4XGk2; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727344AbgJEP2J (ORCPT + 99 others); Mon, 5 Oct 2020 11:28:09 -0400 Received: from mail.kernel.org ([198.145.29.99]:52742 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726567AbgJEP16 (ORCPT ); Mon, 5 Oct 2020 11:27:58 -0400 Received: from localhost (83-86-74-64.cable.dynamic.v4.ziggo.nl [83.86.74.64]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 56AFA208B6; Mon, 5 Oct 2020 15:27:57 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1601911677; bh=Jjp1I3Ea/Svb85qKj3NhUAL/+7B7LLIit3yKbWsdiMo=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=wL+4XGk2yES2iRcFmfhk9mmmFMKrXc+3av5Nw22KOblNzujqk3+cS0Er87rSE8DPp EKUTWZE4Nz50kAOE1dvQBeWznJnoqWr3h6iI1ApJgwTyqcCZD3sAQsK0ID39BnWjHh IAkXtYpWLHlpPiXlanF2cS18opXNo898z3+0+bXo= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Al Viro Subject: [PATCH 4.19 34/38] epoll: do not insert into poll queues until all sanity checks are done Date: Mon, 5 Oct 2020 17:26:51 +0200 Message-Id: <20201005142110.322501594@linuxfoundation.org> X-Mailer: git-send-email 2.28.0 In-Reply-To: <20201005142108.650363140@linuxfoundation.org> References: <20201005142108.650363140@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Al Viro commit f8d4f44df056c5b504b0d49683fb7279218fd207 upstream. Signed-off-by: Al Viro Signed-off-by: Greg Kroah-Hartman --- fs/eventpoll.c | 37 ++++++++++++++++++------------------- 1 file changed, 18 insertions(+), 19 deletions(-) --- a/fs/eventpoll.c +++ b/fs/eventpoll.c @@ -1450,6 +1450,22 @@ static int ep_insert(struct eventpoll *e RCU_INIT_POINTER(epi->ws, NULL); } + /* Add the current item to the list of active epoll hook for this file */ + spin_lock(&tfile->f_lock); + list_add_tail_rcu(&epi->fllink, &tfile->f_ep_links); + spin_unlock(&tfile->f_lock); + + /* + * Add the current item to the RB tree. All RB tree operations are + * protected by "mtx", and ep_insert() is called with "mtx" held. + */ + ep_rbtree_insert(ep, epi); + + /* now check if we've created too many backpaths */ + error = -EINVAL; + if (full_check && reverse_path_check()) + goto error_remove_epi; + /* Initialize the poll table using the queue callback */ epq.epi = epi; init_poll_funcptr(&epq.pt, ep_ptable_queue_proc); @@ -1472,22 +1488,6 @@ static int ep_insert(struct eventpoll *e if (epi->nwait < 0) goto error_unregister; - /* Add the current item to the list of active epoll hook for this file */ - spin_lock(&tfile->f_lock); - list_add_tail_rcu(&epi->fllink, &tfile->f_ep_links); - spin_unlock(&tfile->f_lock); - - /* - * Add the current item to the RB tree. All RB tree operations are - * protected by "mtx", and ep_insert() is called with "mtx" held. - */ - ep_rbtree_insert(ep, epi); - - /* now check if we've created too many backpaths */ - error = -EINVAL; - if (full_check && reverse_path_check()) - goto error_remove_epi; - /* We have to drop the new item inside our item list to keep track of it */ spin_lock_irq(&ep->wq.lock); @@ -1516,6 +1516,8 @@ static int ep_insert(struct eventpoll *e return 0; +error_unregister: + ep_unregister_pollwait(ep, epi); error_remove_epi: spin_lock(&tfile->f_lock); list_del_rcu(&epi->fllink); @@ -1523,9 +1525,6 @@ error_remove_epi: rb_erase_cached(&epi->rbn, &ep->rbr); -error_unregister: - ep_unregister_pollwait(ep, epi); - /* * We need to do this because an event could have been arrived on some * allocated wait queue. Note that we don't care about the ep->ovflist