On Mon, Aug 17, 2020 at 05:04:17PM -0500, Eric W. Biederman wrote:
> As a companion to fget_task and fcheck_task implement fnext_task that
> will return the struct file for the first file descriptor show number
> is equal or greater than the fd argument value, or NULL if there is
> no such struct file.
>
> This allows file descriptors of foreign processes to be iterated through
> safely, without needed to increment the count on files_struct.
>
> Signed-off-by: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx>
> ---
> fs/file.c | 21 +++++++++++++++++++++
> include/linux/fdtable.h | 1 +
> 2 files changed, 22 insertions(+)
>
> diff --git a/fs/file.c b/fs/file.c
> index 8d4b385055e9..88f9f78869f8 100644
> --- a/fs/file.c
> +++ b/fs/file.c
> @@ -876,6 +876,27 @@ struct file *fcheck_task(struct task_struct *task, unsigned int fd)
> return file;
> }
>
> +struct file *fnext_task(struct task_struct *task, unsigned int *ret_fd)
> +{
> + /* Must be called with rcu_read_lock held */
> + struct files_struct *files;
> + unsigned int fd = *ret_fd;
> + struct file *file = NULL;
> +
> + task_lock(task);
> + files = task->files;
> + if (files) {
> + for (; fd < files_fdtable(files)->max_fds; fd++) {
> + file = fcheck_files(files, fd);
> + if (file)
> + break;
> + }
> + }
> + task_unlock(task);
> + *ret_fd = fd;
> + return file;
> +}
Eric, if only I'm not missing something obvious you could
escape @fd/@ret_fd operations in case if task->files = NULL,
iow
if (files) {
unsigned int fd = *ret_fd;
for (; fd < files_fdtable(files)->max_fds; fd++) {
file = fcheck_files(files, fd);
if (file)
break;
}
*ret_fd = fd;
}
