| Message ID | CAM_iQpUtirzcm901Gh6918g2yROo3FFKb6Vx87Wtj7M31wE6DA@mail.gmail.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
On Fri, Jan 20, 2017 at 5:57 AM, Cong Wang <xiyou.wangcong@gmail.com> wrote: >>>>>> > Why do we do autobind there, anyway, and why is it conditional on >>>>>> > SOCK_PASSCRED? Note that e.g. for SOCK_STREAM we can bloody well get >>>>>> > to sending stuff without autobind ever done - just use socketpair() >>>>>> > to create that sucker and we won't be going through the connect() >>>>>> > at all. >>>>>> >>>>>> In the case Dmitry reported, unix_dgram_sendmsg() calls unix_autobind(), >>>>>> not SOCK_STREAM. >>>>> >>>>> Yes, I've noticed. What I'm asking is what in there needs autobind triggered >>>>> on sendmsg and why doesn't the same need affect the SOCK_STREAM case? >>>>> >>>>>> I guess some lock, perhaps the u->bindlock could be dropped before >>>>>> acquiring the next one (sb_writer), but I need to double check. >>>>> >>>>> Bad idea, IMO - do you *want* autobind being able to come through while >>>>> bind(2) is busy with mknod? >>>> >>>> >>>> Ping. This is still happening on HEAD. >>>> >>> >>> Thanks for your reminder. Mind to give the attached patch (compile only) >>> a try? I take another approach to fix this deadlock, which moves the >>> unix_mknod() out of unix->bindlock. Not sure if there is any unexpected >>> impact with this way. >> >> >> I instantly hit: >> > > Oh, sorry about it, I forgot to initialize struct path... > > Attached is the updated version, I just did a boot test, no crash at least. ;) > > Thanks! This works! I did not see the deadlock warning, nor any other related crashes. Tested-by: Dmitry Vyukov <dvyukov@google.com> -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
On Fri, Jan 20, 2017 at 2:52 PM, Dmitry Vyukov <dvyukov@google.com> wrote: > > This works! I did not see the deadlock warning, nor any other related crashes. > > Tested-by: Dmitry Vyukov <dvyukov@google.com> Thanks for verifying it. I will send it out formally soon. -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/net/unix/af_unix.c b/net/unix/af_unix.c index 127656e..cef7987 100644 --- a/net/unix/af_unix.c +++ b/net/unix/af_unix.c @@ -995,6 +995,7 @@ static int unix_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len) unsigned int hash; struct unix_address *addr; struct hlist_head *list; + struct path path = { NULL, NULL }; err = -EINVAL; if (sunaddr->sun_family != AF_UNIX) @@ -1010,9 +1011,20 @@ static int unix_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len) goto out; addr_len = err; + if (sun_path[0]) { + umode_t mode = S_IFSOCK | + (SOCK_INODE(sock)->i_mode & ~current_umask()); + err = unix_mknod(sun_path, mode, &path); + if (err) { + if (err == -EEXIST) + err = -EADDRINUSE; + goto out; + } + } + err = mutex_lock_interruptible(&u->bindlock); if (err) - goto out; + goto out_put; err = -EINVAL; if (u->addr) @@ -1029,16 +1041,6 @@ static int unix_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len) atomic_set(&addr->refcnt, 1); if (sun_path[0]) { - struct path path; - umode_t mode = S_IFSOCK | - (SOCK_INODE(sock)->i_mode & ~current_umask()); - err = unix_mknod(sun_path, mode, &path); - if (err) { - if (err == -EEXIST) - err = -EADDRINUSE; - unix_release_addr(addr); - goto out_up; - } addr->hash = UNIX_HASH_SIZE; hash = d_backing_inode(path.dentry)->i_ino & (UNIX_HASH_SIZE - 1); spin_lock(&unix_table_lock); @@ -1065,6 +1067,9 @@ static int unix_bind(struct socket *sock, struct sockaddr *uaddr, int addr_len) spin_unlock(&unix_table_lock); out_up: mutex_unlock(&u->bindlock); +out_put: + if (err) + path_put(&path); out: return err; }