Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace

Pull namespace fix from Eric Biederman:
 "This has a single brown bag fix.

  The possible deadlock with dec_pid_namespaces that I had thought was
  fixed earlier turned out only to have been moved. So instead of being
  cleaver this change takes ucounts_lock with irqs disabled. So
  dec_ucount can be used from any context without fear of deadlock.

  The items accounted for dec_ucount and inc_ucount are all
  comparatively heavy weight objects so I don't exepct this will have
  any measurable performance impact"

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace:
  userns: Make ucounts lock irq-safe
This commit is contained in:
Linus Torvalds 2017-01-24 12:21:51 -08:00
commit 19ca2c8fec
1 changed files with 8 additions and 6 deletions

View File

@ -128,10 +128,10 @@ static struct ucounts *get_ucounts(struct user_namespace *ns, kuid_t uid)
struct hlist_head *hashent = ucounts_hashentry(ns, uid); struct hlist_head *hashent = ucounts_hashentry(ns, uid);
struct ucounts *ucounts, *new; struct ucounts *ucounts, *new;
spin_lock(&ucounts_lock); spin_lock_irq(&ucounts_lock);
ucounts = find_ucounts(ns, uid, hashent); ucounts = find_ucounts(ns, uid, hashent);
if (!ucounts) { if (!ucounts) {
spin_unlock(&ucounts_lock); spin_unlock_irq(&ucounts_lock);
new = kzalloc(sizeof(*new), GFP_KERNEL); new = kzalloc(sizeof(*new), GFP_KERNEL);
if (!new) if (!new)
@ -141,7 +141,7 @@ static struct ucounts *get_ucounts(struct user_namespace *ns, kuid_t uid)
new->uid = uid; new->uid = uid;
atomic_set(&new->count, 0); atomic_set(&new->count, 0);
spin_lock(&ucounts_lock); spin_lock_irq(&ucounts_lock);
ucounts = find_ucounts(ns, uid, hashent); ucounts = find_ucounts(ns, uid, hashent);
if (ucounts) { if (ucounts) {
kfree(new); kfree(new);
@ -152,16 +152,18 @@ static struct ucounts *get_ucounts(struct user_namespace *ns, kuid_t uid)
} }
if (!atomic_add_unless(&ucounts->count, 1, INT_MAX)) if (!atomic_add_unless(&ucounts->count, 1, INT_MAX))
ucounts = NULL; ucounts = NULL;
spin_unlock(&ucounts_lock); spin_unlock_irq(&ucounts_lock);
return ucounts; return ucounts;
} }
static void put_ucounts(struct ucounts *ucounts) static void put_ucounts(struct ucounts *ucounts)
{ {
unsigned long flags;
if (atomic_dec_and_test(&ucounts->count)) { if (atomic_dec_and_test(&ucounts->count)) {
spin_lock(&ucounts_lock); spin_lock_irqsave(&ucounts_lock, flags);
hlist_del_init(&ucounts->node); hlist_del_init(&ucounts->node);
spin_unlock(&ucounts_lock); spin_unlock_irqrestore(&ucounts_lock, flags);
kfree(ucounts); kfree(ucounts);
} }