|author||Davidlohr Bueso <firstname.lastname@example.org>||2015-04-16 12:47:59 -0700|
|committer||Linus Torvalds <email@example.com>||2015-04-17 09:04:07 -0400|
prctl: avoid using mmap_sem for exe_file serialization
Oleg cleverly suggested using xchg() to set the new mm->exe_file instead of calling set_mm_exe_file() which requires some form of serialization -- mmap_sem in this case. For archs that do not have atomic rmw instructions we still fallback to a spinlock alternative, so this should always be safe. As such, we only need the mmap_sem for looking up the backing vm_file, which can be done sharing the lock. Naturally, this means we need to manually deal with both the new and old file reference counting, and we need not worry about the MMF_EXE_FILE_CHANGED bits, which can probably be deleted in the future anyway. Signed-off-by: Davidlohr Bueso <firstname.lastname@example.org> Suggested-by: Oleg Nesterov <email@example.com> Acked-by: Oleg Nesterov <firstname.lastname@example.org> Reviewed-by: Konstantin Khlebnikov <email@example.com> Signed-off-by: Andrew Morton <firstname.lastname@example.org> Signed-off-by: Linus Torvalds <email@example.com>
Diffstat (limited to 'kernel/fork.c')
1 files changed, 13 insertions, 6 deletions
diff --git a/kernel/fork.c b/kernel/fork.c
index 259202637531..0d23e76a0c61 100644
@@ -711,15 +711,22 @@ EXPORT_SYMBOL_GPL(mmput);
* This changes mm's executable file (shown as symlink /proc/[pid]/exe).
- * Main users are mmput(), sys_execve() and sys_prctl(PR_SET_MM_MAP/EXE_FILE).
- * Callers prevent concurrent invocations: in mmput() nobody alive left,
- * in execve task is single-threaded, prctl holds mmap_sem exclusively.
+ * Main users are mmput() and sys_execve(). Callers prevent concurrent
+ * invocations: in mmput() nobody alive left, in execve task is single
+ * threaded. sys_prctl(PR_SET_MM_MAP/EXE_FILE) also needs to set the
+ * mm->exe_file, but does so without using set_mm_exe_file() in order
+ * to do avoid the need for any locks.
void set_mm_exe_file(struct mm_struct *mm, struct file *new_exe_file)
- struct file *old_exe_file = rcu_dereference_protected(mm->exe_file,
- !atomic_read(&mm->mm_users) || current->in_execve ||
+ struct file *old_exe_file;
+ * It is safe to dereference the exe_file without RCU as
+ * this function is only called if nobody else can access
+ * this mm -- see comment above for justification.
+ old_exe_file = rcu_dereference_raw(mm->exe_file);