Received: by 2002:a05:6a10:6744:0:0:0:0 with SMTP id w4csp4002123pxu; Mon, 12 Oct 2020 07:06:23 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwfwjT7q+zo1oGh7IohYrT5bst2p5pKrHmjUQdcQ8/CSJKYln1JIRN6QKVK6Epm1LNFrAR3 X-Received: by 2002:a05:6402:21e9:: with SMTP id ce9mr14628932edb.125.1602511583575; Mon, 12 Oct 2020 07:06:23 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1602511583; cv=none; d=google.com; s=arc-20160816; b=os6QlSSv0Lm3+tGLrU+L0VgLGLQ70lPxBNAnCHP5Ge2pgAmQKUtChc0yRezZ8HAp6V iUGIWURqNOI7A7cB09VAS8mEZDwBigt0q/+vKXay5GX32q3UhfzYqKpT5fjBoguQMayE eqPyrXc4HPmBZViwg0jg8qMmdgF68HLF2ugL0NHHLlqx8UziAOk++RRA3O6Hf5+R6o7K IUvTBwSs5GezNyJtAvl7bbjON8jTmUBz+KC9BSAMdE1Ye5ObkL1/pC0SdeAUtQ+VGJef mf0OfDyPJaS8dhNjRSkapVvqE4+NWUghEKEfTOapFYAKzFukOrRHX8ODzrAEg0+j7cbW aZeQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=tqwdBkyZF1a6aXCuQzMnp+onuEaA2T0Ppug1MurMHRM=; b=eSct4fSepY3eOzT449Kazz337GxLS8zBODUathyu/ru7DHIEIqJif2qw7NCd4zIMCn 6h6D5sLX8CulL/2Fo6cB4Zb4cj6c3z/TlFFNf/7gTON0wICuFgJDOlmxYb9Qor1WbvBr Z98mFtxePC2B5wtsX1BwgfrUrvg+LlomGA7CqTHdL55qFJGkCssyQhnnnVzBfTCCr24F hK/ryaMSlJBLBRdgPXtnKtM9b7jiIm0P8vcN/aWYPNobMXAjgNq8wqlyKMs/WdANBuvF tsCHNq/2jOo9U8Xm7YHZB4SsbYUPFT7XBbAEjkaTvJL0AUD2RgDv99N9JOSPGQdU5QE3 emdg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=QxGGyIBA; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id i10si12331588edn.390.2020.10.12.07.05.59; Mon, 12 Oct 2020 07:06:23 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=QxGGyIBA; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linuxfoundation.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2390885AbgJLOEF (ORCPT + 99 others); Mon, 12 Oct 2020 10:04:05 -0400 Received: from mail.kernel.org ([198.145.29.99]:39000 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2388678AbgJLNgT (ORCPT ); Mon, 12 Oct 2020 09:36:19 -0400 Received: from localhost (83-86-74-64.cable.dynamic.v4.ziggo.nl [83.86.74.64]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 1C63F20838; Mon, 12 Oct 2020 13:36:17 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1602509778; bh=F1rjjk2R6kRcGkQX/opbC9GH1bjipdoGnPPesNrUuuA=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=QxGGyIBAkRD9HPsnnI9u9svZRCw46i7J5gex7gvVnsxJt+ZSA3xsQyRVGIfvZUKTL dHJsxMvcoftFeQDtr0ZQAfGChJyvT/eg43d3jbdV38wi7LZQfaA6ciC+Dx9b26G29r J2NnMsBn9UMm4meQF2hzSe91SHYPXGjVzkw8Er74= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Al Viro Subject: [PATCH 4.14 26/70] epoll: do not insert into poll queues until all sanity checks are done Date: Mon, 12 Oct 2020 15:26:42 +0200 Message-Id: <20201012132631.469575068@linuxfoundation.org> X-Mailer: git-send-email 2.28.0 In-Reply-To: <20201012132630.201442517@linuxfoundation.org> References: <20201012132630.201442517@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Al Viro commit f8d4f44df056c5b504b0d49683fb7279218fd207 upstream. Signed-off-by: Al Viro Signed-off-by: Greg Kroah-Hartman --- fs/eventpoll.c | 37 ++++++++++++++++++------------------- 1 file changed, 18 insertions(+), 19 deletions(-) --- a/fs/eventpoll.c +++ b/fs/eventpoll.c @@ -1461,6 +1461,22 @@ static int ep_insert(struct eventpoll *e RCU_INIT_POINTER(epi->ws, NULL); } + /* Add the current item to the list of active epoll hook for this file */ + spin_lock(&tfile->f_lock); + list_add_tail_rcu(&epi->fllink, &tfile->f_ep_links); + spin_unlock(&tfile->f_lock); + + /* + * Add the current item to the RB tree. All RB tree operations are + * protected by "mtx", and ep_insert() is called with "mtx" held. + */ + ep_rbtree_insert(ep, epi); + + /* now check if we've created too many backpaths */ + error = -EINVAL; + if (full_check && reverse_path_check()) + goto error_remove_epi; + /* Initialize the poll table using the queue callback */ epq.epi = epi; init_poll_funcptr(&epq.pt, ep_ptable_queue_proc); @@ -1483,22 +1499,6 @@ static int ep_insert(struct eventpoll *e if (epi->nwait < 0) goto error_unregister; - /* Add the current item to the list of active epoll hook for this file */ - spin_lock(&tfile->f_lock); - list_add_tail_rcu(&epi->fllink, &tfile->f_ep_links); - spin_unlock(&tfile->f_lock); - - /* - * Add the current item to the RB tree. All RB tree operations are - * protected by "mtx", and ep_insert() is called with "mtx" held. - */ - ep_rbtree_insert(ep, epi); - - /* now check if we've created too many backpaths */ - error = -EINVAL; - if (full_check && reverse_path_check()) - goto error_remove_epi; - /* We have to drop the new item inside our item list to keep track of it */ spin_lock_irqsave(&ep->lock, flags); @@ -1527,6 +1527,8 @@ static int ep_insert(struct eventpoll *e return 0; +error_unregister: + ep_unregister_pollwait(ep, epi); error_remove_epi: spin_lock(&tfile->f_lock); list_del_rcu(&epi->fllink); @@ -1534,9 +1536,6 @@ error_remove_epi: rb_erase_cached(&epi->rbn, &ep->rbr); -error_unregister: - ep_unregister_pollwait(ep, epi); - /* * We need to do this because an event could have been arrived on some * allocated wait queue. Note that we don't care about the ep->ovflist