shinys000114/linux
1
0
Fork 0
mirror of https://github.com/hardkernel/linux.git synced 2026-06-08 20:07:46 +09:00
Code Issues Packages Projects Releases Wiki Activity

misc: uidstat: avoid create_stat() race and blockage.

Browse Source 
* create_stat() race would lead to:
  [   58.132324] proc_dir_entry 'uid_stat/10061' already registered

* blocking kmalloc reported by sbranden
 tcp_read_sock()
  uid_stat_tcp_rcv()
    create_stat()
      kmalloc(GFP_KERNEL)

Signed-off-by: JP Abgrall <jpa@google.com>
This commit is contained in:
JP Abgrall
2013-05-30 15:31:17 -07:00
committed by Arve Hjønnevåg
parent 22dc2e1ba2
commit 760017d10a
1 changed files with 31 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

52
drivers/misc/uid_stat.c
View File

@@ -38,17 +38,13 @@ struct uid_stat {
};
static struct uid_stat *find_uid_stat(uid_t uid) {
unsigned long flags;
struct uid_stat *entry;
spin_lock_irqsave(&uid_lock, flags);
list_for_each_entry(entry, &uid_list, link) {
if (entry->uid == uid) {
spin_unlock_irqrestore(&uid_lock, flags);
return entry;
}
}
spin_unlock_irqrestore(&uid_lock, flags);
return NULL;
}
@@ -90,13 +86,10 @@ static int tcp_rcv_read_proc(char *page, char **start, off_t off,
/* Create a new entry for tracking the specified uid. */
static struct uid_stat *create_stat(uid_t uid) {
unsigned long flags;
char uid_s[32];
struct uid_stat *new_uid;
struct proc_dir_entry *entry;
/* Create the uid stat struct and append it to the list. */
if ((new_uid = kmalloc(sizeof(struct uid_stat), GFP_KERNEL)) == NULL)
new_uid = kmalloc(sizeof(struct uid_stat), GFP_ATOMIC);
if (!new_uid)
return NULL;
new_uid->uid = uid;
@@ -104,11 +97,15 @@ static struct uid_stat *create_stat(uid_t uid) {
atomic_set(&new_uid->tcp_rcv, INT_MIN);
atomic_set(&new_uid->tcp_snd, INT_MIN);
spin_lock_irqsave(&uid_lock, flags);
list_add_tail(&new_uid->link, &uid_list);
spin_unlock_irqrestore(&uid_lock, flags);
return new_uid;
}
sprintf(uid_s, "%d", uid);
static void create_stat_proc(struct uid_stat *new_uid)
{
char uid_s[32];
struct proc_dir_entry *entry;
sprintf(uid_s, "%d", new_uid->uid);
entry = proc_mkdir(uid_s, parent);
/* Keep reference to uid_stat so we know what uid to read stats from. */
@@ -117,17 +114,31 @@ static struct uid_stat *create_stat(uid_t uid) {
create_proc_read_entry("tcp_rcv", S_IRUGO, entry, tcp_rcv_read_proc,
(void *) new_uid);
}
return new_uid;
static struct uid_stat *find_or_create_uid_stat(uid_t uid)
{
struct uid_stat *entry;
unsigned long flags;
spin_lock_irqsave(&uid_lock, flags);
entry = find_uid_stat(uid);
if (entry) {
spin_unlock_irqrestore(&uid_lock, flags);
return entry;
}
entry = create_stat(uid);
spin_unlock_irqrestore(&uid_lock, flags);
if (entry)
create_stat_proc(entry);
return entry;
}
int uid_stat_tcp_snd(uid_t uid, int size) {
struct uid_stat *entry;
activity_stats_update();
if ((entry = find_uid_stat(uid)) == NULL &&
((entry = create_stat(uid)) == NULL)) {
return -1;
}
entry = find_or_create_uid_stat(uid);
if (!entry)
return -1;
atomic_add(size, &entry->tcp_snd);
return 0;
}
@@ -135,10 +146,9 @@ int uid_stat_tcp_snd(uid_t uid, int size) {
int uid_stat_tcp_rcv(uid_t uid, int size) {
struct uid_stat *entry;
activity_stats_update();
if ((entry = find_uid_stat(uid)) == NULL &&
((entry = create_stat(uid)) == NULL)) {
return -1;
}
entry = find_or_create_uid_stat(uid);
if (!entry)
return -1;
atomic_add(size, &entry->tcp_rcv);
return 0;
}