Commit cf5bb09e authored Jun 28, 2024 by Jingbo Xu Committed by Christian Brauner Jul 03, 2024

cachefiles: add missing lock protection when polling



Add missing lock protection in poll routine when iterating xarray,
otherwise:

Even with RCU read lock held, only the slot of the radix tree is
ensured to be pinned there, while the data structure (e.g. struct
cachefiles_req) stored in the slot has no such guarantee.  The poll
routine will iterate the radix tree and dereference cachefiles_req
accordingly.  Thus RCU read lock is not adequate in this case and
spinlock is needed here.

Fixes: b817e22b ("cachefiles: narrow the scope of triggering EPOLLIN events in ondemand mode")
Signed-off-by: Jingbo Xu <jefflexu@linux.alibaba.com>
Signed-off-by: Baokun Li <libaokun1@huawei.com>
Link: https://lore.kernel.org/r/20240628062930.2467993-10-libaokun@huaweicloud.com


Acked-by: Jeff Layton <jlayton@kernel.org>
Reviewed-by: Jia Zhu <zhujia.zj@bytedance.com>
Reviewed-by: Gao Xiang <hsiangkao@linux.alibaba.com>
Signed-off-by: Christian Brauner <brauner@kernel.org>

parent 19f4f399

fs/cachefiles/daemon.c

+2 −2

Original line number	Diff line number	Diff line
		@@ -365,14 +365,14 @@ static __poll_t cachefiles_daemon_poll(struct file *file,

		if (cachefiles_in_ondemand_mode(cache)) {
		if (!xa_empty(&cache->reqs)) {
		rcu_read_lock();
		xas_lock(&xas);
		xas_for_each_marked(&xas, req, ULONG_MAX, CACHEFILES_REQ_NEW) {
		if (!cachefiles_ondemand_is_reopening_read(req)) {
		mask \|= EPOLLIN;
		break;
		}
		}
		rcu_read_unlock();
		xas_unlock(&xas);
		}
		} else {
		if (test_bit(CACHEFILES_STATE_CHANGED, &cache->flags))