diff options
author | JP Abgrall <jpa@google.com> | 2013-05-30 15:31:17 -0700 |
---|---|---|
committer | John Stultz <john.stultz@linaro.org> | 2016-02-16 13:53:30 -0800 |
commit | f7a812174033fe620509e6e8ca7022abd924b1c4 (patch) | |
tree | 3ecdd3a9005b474d4c86d1bc8bc7df7f1d991b63 /drivers/misc/uid_stat.c | |
parent | 2665ab98e7ae58a197fb455269b23f84ca5675b8 (diff) |
misc: uidstat: avoid create_stat() race and blockage.
* create_stat() race would lead to:
[ 58.132324] proc_dir_entry 'uid_stat/10061' already registered
* blocking kmalloc reported by sbranden
tcp_read_sock()
uid_stat_tcp_rcv()
create_stat()
kmalloc(GFP_KERNEL)
Signed-off-by: JP Abgrall <jpa@google.com>
Diffstat (limited to 'drivers/misc/uid_stat.c')
-rw-r--r-- | drivers/misc/uid_stat.c | 52 |
1 files changed, 31 insertions, 21 deletions
diff --git a/drivers/misc/uid_stat.c b/drivers/misc/uid_stat.c index 2141124a6c12..509822c81e97 100644 --- a/drivers/misc/uid_stat.c +++ b/drivers/misc/uid_stat.c @@ -38,17 +38,13 @@ struct uid_stat { }; static struct uid_stat *find_uid_stat(uid_t uid) { - unsigned long flags; struct uid_stat *entry; - spin_lock_irqsave(&uid_lock, flags); list_for_each_entry(entry, &uid_list, link) { if (entry->uid == uid) { - spin_unlock_irqrestore(&uid_lock, flags); return entry; } } - spin_unlock_irqrestore(&uid_lock, flags); return NULL; } @@ -90,13 +86,10 @@ static int tcp_rcv_read_proc(char *page, char **start, off_t off, /* Create a new entry for tracking the specified uid. */ static struct uid_stat *create_stat(uid_t uid) { - unsigned long flags; - char uid_s[32]; struct uid_stat *new_uid; - struct proc_dir_entry *entry; - /* Create the uid stat struct and append it to the list. */ - if ((new_uid = kmalloc(sizeof(struct uid_stat), GFP_KERNEL)) == NULL) + new_uid = kmalloc(sizeof(struct uid_stat), GFP_ATOMIC); + if (!new_uid) return NULL; new_uid->uid = uid; @@ -104,11 +97,15 @@ static struct uid_stat *create_stat(uid_t uid) { atomic_set(&new_uid->tcp_rcv, INT_MIN); atomic_set(&new_uid->tcp_snd, INT_MIN); - spin_lock_irqsave(&uid_lock, flags); list_add_tail(&new_uid->link, &uid_list); - spin_unlock_irqrestore(&uid_lock, flags); + return new_uid; +} - sprintf(uid_s, "%d", uid); +static void create_stat_proc(struct uid_stat *new_uid) +{ + char uid_s[32]; + struct proc_dir_entry *entry; + sprintf(uid_s, "%d", new_uid->uid); entry = proc_mkdir(uid_s, parent); /* Keep reference to uid_stat so we know what uid to read stats from. */ @@ -117,17 +114,31 @@ static struct uid_stat *create_stat(uid_t uid) { create_proc_read_entry("tcp_rcv", S_IRUGO, entry, tcp_rcv_read_proc, (void *) new_uid); +} - return new_uid; +static struct uid_stat *find_or_create_uid_stat(uid_t uid) +{ + struct uid_stat *entry; + unsigned long flags; + spin_lock_irqsave(&uid_lock, flags); + entry = find_uid_stat(uid); + if (entry) { + spin_unlock_irqrestore(&uid_lock, flags); + return entry; + } + entry = create_stat(uid); + spin_unlock_irqrestore(&uid_lock, flags); + if (entry) + create_stat_proc(entry); + return entry; } int uid_stat_tcp_snd(uid_t uid, int size) { struct uid_stat *entry; activity_stats_update(); - if ((entry = find_uid_stat(uid)) == NULL && - ((entry = create_stat(uid)) == NULL)) { - return -1; - } + entry = find_or_create_uid_stat(uid); + if (!entry) + return -1; atomic_add(size, &entry->tcp_snd); return 0; } @@ -135,10 +146,9 @@ int uid_stat_tcp_snd(uid_t uid, int size) { int uid_stat_tcp_rcv(uid_t uid, int size) { struct uid_stat *entry; activity_stats_update(); - if ((entry = find_uid_stat(uid)) == NULL && - ((entry = create_stat(uid)) == NULL)) { - return -1; - } + entry = find_or_create_uid_stat(uid); + if (!entry) + return -1; atomic_add(size, &entry->tcp_rcv); return 0; } |