Received: by 2002:a05:6a10:f347:0:0:0:0 with SMTP id d7csp2443255pxu; Sat, 28 Nov 2020 14:20:40 -0800 (PST) X-Google-Smtp-Source: ABdhPJzJqV4UbWxz/hF6/fYU7ze/K4jm/EsmXlRIcSJBQPSgSyWmYUsFcrFh/M/2V6MLY7MSBiSV X-Received: by 2002:a17:906:6dc3:: with SMTP id j3mr14895933ejt.320.1606602040733; Sat, 28 Nov 2020 14:20:40 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1606602040; cv=none; d=google.com; s=arc-20160816; b=cio+84jWATwb1UnjZqNSn9ASaD+Ax7XrBULCqdF5yDiulJ1rAYLaySXMEBpzSInotK cOQuYK9JKbthlCfLtpA/0VEUFQcKrmfrGT8Z5vVXk91suvz7yHrEZzmTDDO+bsY5En7U O2hK5aPK7BgM2JysZwx5RFj4FrfVUWgmrQGgj5ew+LPgqxj06FZ9NMzu5ygWwHA7336D RW1mVSOPumJNZ8zH+tz7EDA4GFmJ8qnBONO7geDGYX0GwZZAQTWukK8P20jDjTu9G+BH tiCoXg6JnDAAbncpL4t3h6XHlFSt9yUgOA7/uBJgfZCTqcLaRz3zuB70ZyqPFui3PwdF bzoA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from; bh=zWkwojjJqHb6HCdVygErZshtktJkwkClGcJ5ZsG/vO4=; b=IilxXJjyHeZMEMyXNLiddzghOFyN33Z2kzGeuYzTstasEOFslq3KR/tDIMiNBpnI31 o+olcUB6249LJoKzLt4gBQyjFGtDC+6aOoK6kGRhFHbCWYpu/o+Jq3OHkKq+V1LUydOQ jJKMll9oDJ42yCb/BFsykrFh17ngPLb1m3em2eWZiKcilVnbw2JVXs12+x0em9jL6Awd CTGZZ+PdJO8WRFN/C6QnaIY3AuL2GfzprBcG/VUal9tS30vAi8eM0PPsme+8uhsW7dGi je/oKacpcEZr/9GsEBg4VxS1tqVuG3fG6hNBjkmv4GhO1/9vkKAWLNS4hVbgMqijuHSB KKfg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=alibaba.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id x15si8123194ejf.349.2020.11.28.14.20.18; Sat, 28 Nov 2020 14:20:40 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=alibaba.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2388957AbgK1Vts (ORCPT + 99 others); Sat, 28 Nov 2020 16:49:48 -0500 Received: from out30-132.freemail.mail.aliyun.com ([115.124.30.132]:40180 "EHLO out30-132.freemail.mail.aliyun.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1733149AbgK1R7z (ORCPT ); Sat, 28 Nov 2020 12:59:55 -0500 X-Alimail-AntiSpam: AC=PASS;BC=-1|-1;BR=01201311R111e4;CH=green;DM=||false|;DS=||;FP=0|-1|-1|-1|0|-1|-1|-1;HT=e01e04400;MF=wenyang@linux.alibaba.com;NM=1;PH=DS;RN=7;SR=0;TI=SMTPD_---0UGoMy0t_1606586341; Received: from localhost(mailfrom:wenyang@linux.alibaba.com fp:SMTPD_---0UGoMy0t_1606586341) by smtp.aliyun-inc.com(127.0.0.1); Sun, 29 Nov 2020 01:59:12 +0800 From: Wen Yang To: Alexey Dobriyan , Christian Brauner , ebiederm@xmission.com Cc: Wen Yang , Oleg Nesterov , linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org Subject: [PATCH] proc: add locking checks in proc_inode_is_dead Date: Sun, 29 Nov 2020 01:58:50 +0800 Message-Id: <20201128175850.19484-1-wenyang@linux.alibaba.com> X-Mailer: git-send-email 2.23.0 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org The proc_inode_is_dead function might race with __unhash_process. This will result in a whole bunch of stale proc entries being cached. To prevent that, add the required locking. Signed-off-by: Wen Yang Cc: Oleg Nesterov Cc: "Eric W. Biederman" Cc: Alexey Dobriyan Cc: Christian Brauner Cc: linux-kernel@vger.kernel.org Cc: linux-fsdevel@vger.kernel.org --- fs/proc/base.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/fs/proc/base.c b/fs/proc/base.c index 1bc9bcd..59720bc 100644 --- a/fs/proc/base.c +++ b/fs/proc/base.c @@ -1994,7 +1994,13 @@ static int pid_revalidate(struct dentry *dentry, unsigned int flags) static inline bool proc_inode_is_dead(struct inode *inode) { - return !proc_pid(inode)->tasks[PIDTYPE_PID].first; + bool has_task; + + read_lock(&tasklist_lock); + has_task = pid_has_task(proc_pid(inode), PIDTYPE_PID); + read_unlock(&tasklist_lock); + + return !has_task; } int pid_delete_dentry(const struct dentry *dentry) -- 1.8.3.1