path: root/fs/notify/fanotify/fanotify_user.c
diff options
authorEric Paris <eparis@redhat.com>2010-08-18 12:25:50 -0400
committerEric Paris <eparis@redhat.com>2010-08-22 20:28:16 -0400
commit2eebf582c9b3106abb9c33f4fc0a347fb9391037 (patch)
tree0fab23d7e456713815890fc01a148132b9b857f8 /fs/notify/fanotify/fanotify_user.c
parent84e1ab4d875922c034db7f4f814ac445a20a14bd (diff)
fanotify: flush outstanding perm requests on group destroy
When an fanotify listener is closing it may cause a deadlock between the listener and the original task doing an fs operation. If the original task is waiting for a permissions response it will be holding the srcu lock. The listener cannot clean up and exit until after that srcu lock is syncronized. Thus deadlock. The fix introduced here is to stop accepting new permissions events when a listener is shutting down and to grant permission for all outstanding events. Thus the original task will eventually release the srcu lock and the listener can complete shutdown. Reported-by: Andreas Gruenbacher <agruen@suse.de> Cc: Andreas Gruenbacher <agruen@suse.de> Signed-off-by: Eric Paris <eparis@redhat.com>
Diffstat (limited to 'fs/notify/fanotify/fanotify_user.c')
1 files changed, 27 insertions, 0 deletions
diff --git a/fs/notify/fanotify/fanotify_user.c b/fs/notify/fanotify/fanotify_user.c
index 032b837fcd1..b966b7230f4 100644
--- a/fs/notify/fanotify/fanotify_user.c
+++ b/fs/notify/fanotify/fanotify_user.c
@@ -195,6 +195,14 @@ static int prepare_for_access_response(struct fsnotify_group *group,
re->fd = fd;
+ if (group->fanotify_data.bypass_perm) {
+ mutex_unlock(&group->fanotify_data.access_mutex);
+ kmem_cache_free(fanotify_response_event_cache, re);
+ event->response = FAN_ALLOW;
+ return 0;
+ }
list_add_tail(&re->list, &group->fanotify_data.access_list);
@@ -364,9 +372,28 @@ static ssize_t fanotify_write(struct file *file, const char __user *buf, size_t
static int fanotify_release(struct inode *ignored, struct file *file)
struct fsnotify_group *group = file->private_data;
+ struct fanotify_response_event *re, *lre;
pr_debug("%s: file=%p group=%p\n", __func__, file, group);
+ mutex_lock(&group->fanotify_data.access_mutex);
+ group->fanotify_data.bypass_perm = true;
+ list_for_each_entry_safe(re, lre, &group->fanotify_data.access_list, list) {
+ pr_debug("%s: found group=%p re=%p event=%p\n", __func__, group,
+ re, re->event);
+ list_del_init(&re->list);
+ re->event->response = FAN_ALLOW;
+ kmem_cache_free(fanotify_response_event_cache, re);
+ }
+ mutex_unlock(&group->fanotify_data.access_mutex);
+ wake_up(&group->fanotify_data.access_waitq);
/* matches the fanotify_init->fsnotify_alloc_group */