On 5/3/20 8:42 AM, Jens Axboe wrote:
> On 5/3/20 7:46 AM, Al Viro wrote:
>> On Fri, May 01, 2020 at 05:54:09PM -0600, Jens Axboe wrote:
>>> On 5/1/20 5:12 PM, Al Viro wrote:
>>>> On Fri, May 01, 2020 at 01:11:09PM -0600, Jens Axboe wrote:
>>>>> + flags &= EFD_SHARED_FCNTL_FLAGS;
>>>>> + flags |= O_RDWR;
>>>>> + fd = get_unused_fd_flags(flags);
>>>>> if (fd < 0)
>>>>> - eventfd_free_ctx(ctx);
>>>>> + goto err;
>>>>> +
>>>>> + file = anon_inode_getfile("[eventfd]", &eventfd_fops, ctx, flags);
>>>>> + if (IS_ERR(file)) {
>>>>> + put_unused_fd(fd);
>>>>> + fd = PTR_ERR(file);
>>>>> + goto err;
>>>>> + }
>>>>>
>>>>> + file->f_mode |= FMODE_NOWAIT;
>>>>> + fd_install(fd, file);
>>>>> + return fd;
>>>>> +err:
>>>>> + eventfd_free_ctx(ctx);
>>>>> return fd;
>>>>> }
>>>>
>>>> Looks sane... I can take it via vfs.git, or leave it for you if you
>>>> have other stuff in the same area...
>>>
>>> Would be great if you can queue it up in vfs.git, thanks! Don't have
>>> anything else that'd conflict with this.
>>
>> Applied; BTW, what happens if
>> ctx->id = ida_simple_get(&eventfd_ida, 0, 0, GFP_KERNEL);
>> fails? Quitely succeed with BS value (-ENOSPC/-ENOMEM) shown by
>> eventfd_show_fdinfo()?
>
> Huh yeah that's odd, not sure how I missed that when touching code
> near it. Want a followup patch to fix that issue?
This should do the trick. Ideally we'd change the order of these, and
shove this fix into 5.7, but not sure it's super important since this
bug is pretty old. Would make stable backports easier, though...
Let me know how you want to handle it, as it'll impact the one you
have already queued up.
diff --git a/fs/eventfd.c b/fs/eventfd.c
index 20f0fd4d56e1..96081efdd0c9 100644
--- a/fs/eventfd.c
+++ b/fs/eventfd.c
@@ -422,6 +422,10 @@ static int do_eventfd(unsigned int count, int flags)
ctx->count = count;
ctx->flags = flags;
ctx->id = ida_simple_get(&eventfd_ida, 0, 0, GFP_KERNEL);
+ if (ctx->id < 0) {
+ fd = ctx->id;
+ goto err;
+ }
flags &= EFD_SHARED_FCNTL_FLAGS;
flags |= O_RDWR;
--
Jens Axboe
