Re: [RFC 4/5] BKL: use no BKL in llseek

Geert Uytterhoeven <geert@xxxxxxxxxxxxxx> · Thu, 3 Jun 2010 09:41:58 +0200

On Thu, Jun 3, 2010 at 02:13, Arnd Bergmann <arnd@xxxxxxxx> wrote:
> We have shown that the BKL in default_llseek and other
> llseek operations never protects against concurrent access
> from another function:

> --- a/drivers/zorro/proc.c
> +++ b/drivers/zorro/proc.c
> @@ -23,7 +23,7 @@ proc_bus_zorro_lseek(struct file *file, loff_t off, int whence)
>  {
>        loff_t new = -1;
>
> -       lock_kernel();
> +       mutex_lock(&file->f_dentry->d_inode->i_mutex);
>        switch (whence) {
>        case 0:
>                new = off;
> @@ -36,10 +36,10 @@ proc_bus_zorro_lseek(struct file *file, loff_t off, int whence)
>                break;
>        }
>        if (new < 0 || new > sizeof(struct ConfigDev)) {
> -               unlock_kernel();
> +               mutex_unlock(&file->f_dentry->d_inode->i_mutex);
>                return -EINVAL;
>        }
> -       unlock_kernel();
> +       mutex_unlock(&file->f_dentry->d_inode->i_mutex);
>        return (file->f_pos = new);
>  }

I was about to fix this like drivers/pci/proc.c handles it
(origiginally I cloned it from that fil
anyway).
Compared to your version, that also moves the setting of file->f_pos
inside the mutex,
which is probably also needed in other places...

> --- a/drivers/pnp/isapnp/proc.c
> +++ b/drivers/pnp/isapnp/proc.c
> @@ -32,7 +32,7 @@ static loff_t isapnp_proc_bus_lseek(struct file *file, loff_t off, int whence)
>  {
>        loff_t new = -1;
>
> -       lock_kernel();
> +       mutex_lock(&file->f_dentry->d_inode->i_mutex);
>        switch (whence) {
>        case 0:
>                new = off;
> @@ -45,10 +45,10 @@ static loff_t isapnp_proc_bus_lseek(struct file *file, loff_t off, int whence)
>                break;
>        }
>        if (new < 0 || new > 256) {
> -               unlock_kernel();
> +               mutex_unlock(&file->f_dentry->d_inode->i_mutex);
>                return -EINVAL;
>        }
> -       unlock_kernel();
> +       mutex_unlock(&file->f_dentry->d_inode->i_mutex);
>        return (file->f_pos = new);

... like here?

>  }

Gr{oetje,eeting}s,

						Geert

--
Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert@xxxxxxxxxxxxxx

In personal conversations with technical people, I call myself a hacker. But
when I'm talking to journalists I just say "programmer" or something like that.
							    -- Linus Torvalds
--
To unsubscribe from this list: send the line "unsubscribe linux-usb" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html