On Tue, Jul 10, 2018 at 6:02 AM Jan Kara <jack(a)suse.cz> wrote:
When an inode is tagged with a tree, tag_chunk() checks whether there
is
audit_tree_group mark attached to the inode and adds one if not. However
nothing protects another tag_chunk() to add the mark between we've
checked and try to add the fsnotify mark thus resulting in an error from
fsnotify_add_mark() and consequently an ENOSPC error from tag_chunk().
Fix the problem by holding mark_mutex over the whole check-insert code
sequence.
Signed-off-by: Jan Kara <jack(a)suse.cz>
---
kernel/audit_tree.c | 26 ++++++++++++++++----------
1 file changed, 16 insertions(+), 10 deletions(-)
...
diff --git a/kernel/audit_tree.c b/kernel/audit_tree.c
index 1c82eb6674c4..de8d344d91b1 100644
--- a/kernel/audit_tree.c
+++ b/kernel/audit_tree.c
@@ -342,25 +342,29 @@ static void untag_chunk(struct node *p)
spin_lock(&hash_lock);
}
+/* Call with group->mark_mutex held, releases it */
Stuff like that always makes me nervous. Could we defer releasing the
mutex to the caller, after create_chunk() returns? It looks like
fsnotify_destroy_mark() allows a single level of nesting so it should
be okay, yes?
--
paul moore
www.paul-moore.com