1. Patchew
  2. linux
  3. View series

[PATCH] fs: delay sysctl_nr_open check in expand_files()

Mateusz Guzik posted 1 patch 5 days, 21 hours ago 
fs/file.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
[PATCH] fs: delay sysctl_nr_open check in expand_files()
Posted by Mateusz Guzik 5 days, 21 hours ago 
Suppose a thread sharing the table started a resize, while
sysctl_nr_open got lowered to a value which prohibits it. This is still
going to go through with and without the patch, which is fine.

Further suppose another thread shows up to do a matching expansion while
resize_in_progress == true. It is going to error out since it performs
the sysctl_nr_open check *before* finding out if there is an expansion
in progress. But the aformentioned thread is going to succeded, so the
error is spurious (and it would not happen if the thread showed up a
little bit later).

Checking the sysctl *after* we know there are no pending updates sorts
it out.

While here annotate the thing as unlikely.

Signed-off-by: Mateusz Guzik <mjguzik@gmail.com>
---

This is a random tidbit I found while looking at the code, I don't think
this is a particularly impactful problem but definitely worth sorting
out in master.

I doubt it warrants backports to stable so I'm not cc-ing it.

 fs/file.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/fs/file.c b/fs/file.c
index fb1011cf6b4a..019fb9acf91b 100644
--- a/fs/file.c
+++ b/fs/file.c
@@ -278,10 +278,6 @@ static int expand_files(struct files_struct *files, unsigned int nr)
 	if (nr < fdt->max_fds)
 		return 0;
 
-	/* Can we expand? */
-	if (nr >= sysctl_nr_open)
-		return -EMFILE;
-
 	if (unlikely(files->resize_in_progress)) {
 		spin_unlock(&files->file_lock);
 		wait_event(files->resize_wait, !files->resize_in_progress);
@@ -289,6 +285,10 @@ static int expand_files(struct files_struct *files, unsigned int nr)
 		goto repeat;
 	}
 
+	/* Can we expand? */
+	if (unlikely(nr >= sysctl_nr_open))
+		return -EMFILE;
+
 	/* All good, so we try */
 	files->resize_in_progress = true;
 	error = expand_fdtable(files, nr);
-- 
2.43.0
Re: [PATCH] fs: delay sysctl_nr_open check in expand_files()
Posted by Christian Brauner 1 day, 20 hours ago 
On Sat, 16 Nov 2024 07:41:28 +0100, Mateusz Guzik wrote:
> Suppose a thread sharing the table started a resize, while
> sysctl_nr_open got lowered to a value which prohibits it. This is still
> going to go through with and without the patch, which is fine.
> 
> Further suppose another thread shows up to do a matching expansion while
> resize_in_progress == true. It is going to error out since it performs
> the sysctl_nr_open check *before* finding out if there is an expansion
> in progress. But the aformentioned thread is going to succeded, so the
> error is spurious (and it would not happen if the thread showed up a
> little bit later).
> 
> [...]

Applied to the vfs-6.14.misc branch of the vfs/vfs.git tree.
Patches in the vfs-6.14.misc branch should appear in linux-next soon.

Please report any outstanding bugs that were missed during review in a
new review to the original patch series allowing us to drop it.

It's encouraged to provide Acked-bys and Reviewed-bys even though the
patch has now been applied. If possible patch trailers will be updated.

Note that commit hashes shown below are subject to change due to rebase,
trailer updates or similar. If in doubt, please check the listed branch.

tree:   https://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs.git
branch: vfs-6.14.misc

[1/1] fs: delay sysctl_nr_open check in expand_files()
      https://git.kernel.org/vfs/vfs/c/bb35f8709172
Re: [PATCH] fs: delay sysctl_nr_open check in expand_files()
Posted by Al Viro 5 days, 20 hours ago 
On Sat, Nov 16, 2024 at 07:41:28AM +0100, Mateusz Guzik wrote:
> Suppose a thread sharing the table started a resize, while
> sysctl_nr_open got lowered to a value which prohibits it. This is still
> going to go through with and without the patch, which is fine.
> 
> Further suppose another thread shows up to do a matching expansion while
> resize_in_progress == true. It is going to error out since it performs
> the sysctl_nr_open check *before* finding out if there is an expansion
> in progress. But the aformentioned thread is going to succeded, so the
> error is spurious (and it would not happen if the thread showed up a
> little bit later).
> 
> Checking the sysctl *after* we know there are no pending updates sorts
> it out.

	What for?  No, seriously - what's the point?  What could possibly
observe an inconsistent situation?  How would that look like?
Re: [PATCH] fs: delay sysctl_nr_open check in expand_files()
Posted by Al Viro 5 days, 20 hours ago 
On Sat, Nov 16, 2024 at 07:36:26AM +0000, Al Viro wrote:
> On Sat, Nov 16, 2024 at 07:41:28AM +0100, Mateusz Guzik wrote:
> > Suppose a thread sharing the table started a resize, while
> > sysctl_nr_open got lowered to a value which prohibits it. This is still
> > going to go through with and without the patch, which is fine.
> > 
> > Further suppose another thread shows up to do a matching expansion while
> > resize_in_progress == true. It is going to error out since it performs
> > the sysctl_nr_open check *before* finding out if there is an expansion
> > in progress. But the aformentioned thread is going to succeded, so the
> > error is spurious (and it would not happen if the thread showed up a
> > little bit later).
> > 
> > Checking the sysctl *after* we know there are no pending updates sorts
> > it out.
> 
> 	What for?  No, seriously - what's the point?  What could possibly
> observe an inconsistent situation?  How would that look like?

PS: I'm not saying I hate that patch; I just don't understand the point...
Re: [PATCH] fs: delay sysctl_nr_open check in expand_files()
Posted by Mateusz Guzik 5 days, 20 hours ago 
On Sat, Nov 16, 2024 at 8:42 AM Al Viro <viro@zeniv.linux.org.uk> wrote:
>
> On Sat, Nov 16, 2024 at 07:36:26AM +0000, Al Viro wrote:
> > On Sat, Nov 16, 2024 at 07:41:28AM +0100, Mateusz Guzik wrote:
> > > Suppose a thread sharing the table started a resize, while
> > > sysctl_nr_open got lowered to a value which prohibits it. This is still
> > > going to go through with and without the patch, which is fine.
> > >
> > > Further suppose another thread shows up to do a matching expansion while
> > > resize_in_progress == true. It is going to error out since it performs
> > > the sysctl_nr_open check *before* finding out if there is an expansion
> > > in progress. But the aformentioned thread is going to succeded, so the
> > > error is spurious (and it would not happen if the thread showed up a
> > > little bit later).
> > >
> > > Checking the sysctl *after* we know there are no pending updates sorts
> > > it out.
> >
> >       What for?  No, seriously - what's the point?  What could possibly
> > observe an inconsistent situation?  How would that look like?
>
> PS: I'm not saying I hate that patch; I just don't understand the point...

Per the description, if you get unlucky enough one thread is going to
spuriously error out. So basically any multithreaded program which
ends up trying to expand the fd table while racing against
sysctl_nr_open going down can in principle run into it. Except people
normally don't mess with sysctl_nr_open, so I don't think this shows
up during normal operation.

I explicitly noted this is not a serious problem, just a thing I
noticed while poking around. If you want to NAK this that's fine with
me, it's not worth arguing over.

-- 
Mateusz Guzik <mjguzik gmail.com>

Patchew 2.1-devel-b67e4c2

© 2016 - 2024 Red Hat, Inc.