• Nicolai Stange's avatar
    debugfs: implement per-file removal protection · e9117a5a
    Nicolai Stange authored
    Since commit 49d200de ("debugfs: prevent access to removed files'
    private data"), accesses to a file's private data are protected from
    concurrent removal by covering all file_operations with a SRCU read section
    and sychronizing with those before returning from debugfs_remove() by means
    of synchronize_srcu().
    
    As pointed out by Johannes Berg, there are debugfs files with forever
    blocking file_operations. Their corresponding SRCU read side sections would
    block any debugfs_remove() forever as well, even unrelated ones. This
    results in a livelock. Because a remover can't cancel any indefinite
    blocking within foreign files, this is a problem.
    
    Resolve this by introducing support for more granular protection on a
    per-file basis.
    
    This is implemented by introducing an  'active_users' refcount_t to the
    per-file struct debugfs_fsdata state. At file creation time, it is set to
    one and a debugfs_remove() will drop that initial reference. The new
    debugfs_file_get() and debugfs_file_put(), intended to be used in place of
    former debugfs_use_file_start() and debugfs_use_file_finish(), increment
    and decrement it respectively. Once the count drops to zero,
    debugfs_file_put() will signal a completion which is possibly being waited
    for from debugfs_remove().
    Thus, as long as there is a debugfs_file_get() not yet matched by a
    corresponding debugfs_file_put() around, debugfs_remove() will block.
    
    Actual users of debugfs_use_file_start() and -finish() will get converted
    to the new debugfs_file_get() and debugfs_file_put() by followup patches.
    
    Fixes: 49d200de ("debugfs: prevent access to removed files' private data")
    Reported-by: default avatarJohannes Berg <johannes@sipsolutions.net>
    Signed-off-by: default avatarNicolai Stange <nicstange@gmail.com>
    Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
    e9117a5a
file.c 40 KB