1
linux/fs
Eric W. Biederman 0804ef4b0d [PATCH] proc: readdir race fix (take 3)
The problem: An opendir, readdir, closedir sequence can fail to report
process ids that are continually in use throughout the sequence of system
calls.  For this race to trigger the process that proc_pid_readdir stops at
must exit before readdir is called again.

This can cause ps to fail to report processes, and it is in violation of
posix guarantees and normal application expectations with respect to
readdir.

Currently there is no way to work around this problem in user space short
of providing a gargantuan buffer to user space so the directory read all
happens in on system call.

This patch implements the normal directory semantics for proc, that
guarantee that a directory entry that is neither created nor destroyed
while reading the directory entry will be returned.  For directory that are
either created or destroyed during the readdir you may or may not see them.
 Furthermore you may seek to a directory offset you have previously seen.

These are the guarantee that ext[23] provides and that posix requires, and
more importantly that user space expects.  Plus it is a simple semantic to
implement reliable service.  It is just a matter of calling readdir a
second time if you are wondering if something new has show up.

These better semantics are implemented by scanning through the pids in
numerical order and by making the file offset a pid plus a fixed offset.

The pid scan happens on the pid bitmap, which when you look at it is
remarkably efficient for a brute force algorithm.  Given that a typical
cache line is 64 bytes and thus covers space for 64*8 == 200 pids.  There
are only 40 cache lines for the entire 32K pid space.  A typical system
will have 100 pids or more so this is actually fewer cache lines we have to
look at to scan a linked list, and the worst case of having to scan the
entire pid bitmap is pretty reasonable.

If we need something more efficient we can go to a more efficient data
structure for indexing the pids, but for now what we have should be
sufficient.

In addition this takes no additional locks and is actually less code than
what we are doing now.

Also another very subtle bug in this area has been fixed.  It is possible
to catch a task in the middle of de_thread where a thread is assuming the
thread of it's thread group leader.  This patch carefully handles that case
so if we hit it we don't fail to return the pid, that is undergoing the
de_thread dance.

Thanks to KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com> for
providing the first fix, pointing this out and working on it.

[oleg@tv-sign.ru: fix it]
Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
Acked-by: KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>
Signed-off-by: Oleg Nesterov <oleg@tv-sign.ru>
Cc: Jean Delvare <jdelvare@suse.de>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
2006-10-02 07:57:12 -07:00
..
9p [PATCH] r/o bind mount prepwork: inc_nlink() helper 2006-10-01 00:39:30 -07:00
adfs [PATCH] Streamline generic_file_* interfaces and filemap cleanups 2006-10-01 00:39:28 -07:00
affs [PATCH] Streamline generic_file_* interfaces and filemap cleanups 2006-10-01 00:39:28 -07:00
afs [PATCH] BLOCK: Remove no-longer necessary linux/buffer_head.h inclusions [try #6] 2006-09-30 20:52:31 +02:00
autofs [PATCH] r/o bind mount prepwork: inc_nlink() helper 2006-10-01 00:39:30 -07:00
autofs4 [PATCH] r/o bind mounts: monitor zeroing of i_nlink 2006-10-01 00:39:30 -07:00
befs [PATCH] inode-diet: Eliminate i_blksize from the inode structure 2006-09-27 08:26:18 -07:00
bfs [PATCH] r/o bind mount prepwork: inc_nlink() helper 2006-10-01 00:39:30 -07:00
cifs [PATCH] r/o bind mounts: monitor zeroing of i_nlink 2006-10-01 00:39:30 -07:00
coda [PATCH] r/o bind mount prepwork: inc_nlink() helper 2006-10-01 00:39:30 -07:00
configfs [PATCH] r/o bind mount prepwork: inc_nlink() helper 2006-10-01 00:39:30 -07:00
cramfs [PATCH] cramfs: make cramfs_uncompress_exit() return void 2006-09-29 09:18:20 -07:00
debugfs [PATCH] r/o bind mount prepwork: inc_nlink() helper 2006-10-01 00:39:30 -07:00
devpts [PATCH] inode-diet: Eliminate i_blksize from the inode structure 2006-09-27 08:26:18 -07:00
efs [PATCH] Really ignore kmem_cache_destroy return value 2006-09-27 08:26:10 -07:00
exportfs
ext2 [PATCH] r/o bind mounts: unlink: monitor i_nlink 2006-10-01 00:39:30 -07:00
ext3 [PATCH] r/o bind mounts: monitor zeroing of i_nlink 2006-10-01 00:39:30 -07:00
fat [PATCH] Remove readv/writev methods and use aio_read/aio_write instead 2006-10-01 00:39:28 -07:00
freevxfs [PATCH] freevxfs: fix leak on error path 2006-09-29 09:18:20 -07:00
fuse [PATCH] r/o bind mounts: monitor zeroing of i_nlink 2006-10-01 00:39:30 -07:00
hfs [PATCH] r/o bind mounts: monitor zeroing of i_nlink 2006-10-01 00:39:30 -07:00
hfsplus [PATCH] r/o bind mounts: monitor zeroing of i_nlink 2006-10-01 00:39:30 -07:00
hostfs [PATCH] Streamline generic_file_* interfaces and filemap cleanups 2006-10-01 00:39:28 -07:00
hpfs [PATCH] r/o bind mounts: monitor zeroing of i_nlink 2006-10-01 00:39:30 -07:00
hppfs [PATCH] inode-diet: Eliminate i_blksize from the inode structure 2006-09-27 08:26:18 -07:00
hugetlbfs [PATCH] r/o bind mount prepwork: inc_nlink() helper 2006-10-01 00:39:30 -07:00
isofs [PATCH] I/O Error attempting to read last partial block of a file in an ISO9660 file system 2006-09-29 09:18:15 -07:00
jbd [PATCH] JBD: memory leak in "journal_init_dev()" 2006-09-29 09:18:03 -07:00
jffs [PATCH] r/o bind mounts: unlink: monitor i_nlink 2006-10-01 00:39:30 -07:00
jffs2 [PATCH] r/o bind mount prepwork: inc_nlink() helper 2006-10-01 00:39:30 -07:00
jfs [PATCH] r/o bind mounts: monitor zeroing of i_nlink 2006-10-01 00:39:30 -07:00
lockd [PATCH] add newline to nfs dprintk 2006-09-27 08:26:19 -07:00
minix [PATCH] r/o bind mounts: unlink: monitor i_nlink 2006-10-01 00:39:30 -07:00
msdos [PATCH] r/o bind mounts: monitor zeroing of i_nlink 2006-10-01 00:39:30 -07:00
ncpfs [PATCH] Move ncpfs 32bit compat ioctl to ncpfs 2006-10-01 00:39:23 -07:00
nfs [PATCH] r/o bind mounts: monitor zeroing of i_nlink 2006-10-01 00:39:30 -07:00
nfs_common
nfsd [PATCH] Really ignore kmem_cache_destroy return value 2006-09-27 08:26:10 -07:00
nls Remove obsolete #include <linux/config.h> 2006-06-30 19:25:36 +02:00
ntfs [PATCH] Streamline generic_file_* interfaces and filemap cleanups 2006-10-01 00:39:28 -07:00
ocfs2 [PATCH] r/o bind mounts: clean up OCFS2 nlink handling 2006-10-01 00:39:30 -07:00
openpromfs Move several *_SUPER_MAGIC symbols to include/linux/magic.h. 2006-09-24 11:13:19 -04:00
partitions [PATCH] fs/partitions: Conversion to generic boolean 2006-10-01 00:39:19 -07:00
proc [PATCH] proc: readdir race fix (take 3) 2006-10-02 07:57:12 -07:00
qnx4 [PATCH] r/o bind mounts: monitor zeroing of i_nlink 2006-10-01 00:39:30 -07:00
ramfs [PATCH] r/o bind mount prepwork: inc_nlink() helper 2006-10-01 00:39:30 -07:00
reiserfs [PATCH] r/o bind mounts: monitor zeroing of i_nlink 2006-10-01 00:39:30 -07:00
romfs [PATCH] Really ignore kmem_cache_destroy return value 2006-09-27 08:26:10 -07:00
smbfs [PATCH] Streamline generic_file_* interfaces and filemap cleanups 2006-10-01 00:39:28 -07:00
sysfs [PATCH] r/o bind mount prepwork: inc_nlink() helper 2006-10-01 00:39:30 -07:00
sysv [PATCH] r/o bind mounts: unlink: monitor i_nlink 2006-10-01 00:39:30 -07:00
udf [PATCH] r/o bind mounts: monitor zeroing of i_nlink 2006-10-01 00:39:30 -07:00
ufs [PATCH] r/o bind mounts: unlink: monitor i_nlink 2006-10-01 00:39:30 -07:00
vfat [PATCH] r/o bind mounts: monitor zeroing of i_nlink 2006-10-01 00:39:30 -07:00
xfs [PATCH] Streamline generic_file_* interfaces and filemap cleanups 2006-10-01 00:39:28 -07:00
aio.c [PATCH] Add vector AIO support 2006-10-01 00:39:29 -07:00
attr.c
bad_inode.c [PATCH] Remove readv/writev methods and use aio_read/aio_write instead 2006-10-01 00:39:28 -07:00
binfmt_aout.c [PATCH] Require mmap handler for a.out executables 2006-09-29 09:18:08 -07:00
binfmt_elf_fdpic.c [PATCH] elf_fdpic_core_dump: don't take tasklist_lock 2006-09-29 09:18:14 -07:00
binfmt_elf.c [PATCH] Support piping into commands in /proc/sys/kernel/core_pattern 2006-10-01 00:39:33 -07:00
binfmt_em86.c
binfmt_flat.c Remove obsolete #include <linux/config.h> 2006-06-30 19:25:36 +02:00
binfmt_misc.c [PATCH] Fix unserialized task->files changing 2006-09-29 09:18:12 -07:00
binfmt_script.c
binfmt_som.c Remove obsolete #include <linux/config.h> 2006-06-30 19:25:36 +02:00
bio.c [PATCH] Update axboe@suse.de email address 2006-09-30 20:52:34 +02:00
block_dev.c [PATCH] Streamline generic_file_* interfaces and filemap cleanups 2006-10-01 00:39:28 -07:00
buffer.c [PATCH] BLOCK: Move functions out of buffer code [try #6] 2006-09-30 20:31:19 +02:00
char_dev.c [PATCH] BLOCK: Move extern declarations out of fs/*.c into header files [try #6] 2006-09-30 20:52:18 +02:00
compat_ioctl.c [PATCH] Move ncpfs 32bit compat ioctl to ncpfs 2006-10-01 00:39:23 -07:00
compat.c [PATCH] csa: convert CONFIG tag for extended accounting routines 2006-10-01 00:39:29 -07:00
dcache.c [PATCH] BLOCK: Move extern declarations out of fs/*.c into header files [try #6] 2006-09-30 20:52:18 +02:00
dcookies.c Remove obsolete #include <linux/config.h> 2006-06-30 19:25:36 +02:00
direct-io.c [PATCH] lockdep: annotate direct io 2006-07-03 15:27:06 -07:00
dnotify.c
dquot.c [PATCH] dquot: add proper locking when using current->signal->tty 2006-09-29 09:18:14 -07:00
drop_caches.c
eventpoll.c [PATCH] inode-diet: Eliminate i_blksize from the inode structure 2006-09-27 08:26:18 -07:00
exec.c [PATCH] Support piping into commands in /proc/sys/kernel/core_pattern 2006-10-01 00:39:33 -07:00
fcntl.c
fifo.c
file_table.c [PATCH] inode-diet: Move i_cdev into a union 2006-09-27 08:26:17 -07:00
file.c [PATCH] expand_fdtable(): remove pointless unlock+lock 2006-09-29 09:18:25 -07:00
filesystems.c [PATCH] Ban register_filesystem(NULL); 2006-09-29 09:18:20 -07:00
fs-writeback.c [PATCH] BLOCK: Remove dependence on existence of blockdev_superblock [try #6] 2006-09-30 20:52:26 +02:00
generic_acl.c [PATCH] Generic infrastructure for acls 2006-09-29 09:18:24 -07:00
inode.c [PATCH] BLOCK: Move __invalidate_device() to block_dev.c [try #6] 2006-09-30 20:52:27 +02:00
inotify_user.c [PATCH] inotify: fix deadlock found by lockdep 2006-07-31 13:28:41 -07:00
inotify.c [PATCH] inotify (4/5): allow watch removal from event handler 2006-06-20 05:25:19 -04:00
internal.h [PATCH] CONFIG_BLOCK internal.h cleanups 2006-09-30 20:52:32 +02:00
ioctl.c Remove obsolete #include <linux/config.h> 2006-06-30 19:25:36 +02:00
ioprio.c [PATCH] Update axboe@suse.de email address 2006-09-30 20:52:34 +02:00
Kconfig [PATCH] BLOCK: Make it possible to disable the block layer [try #6] 2006-09-30 20:52:31 +02:00
Kconfig.binfmt
libfs.c [PATCH] r/o bind mount prepwork: inc_nlink() helper 2006-10-01 00:39:30 -07:00
locks.c [PATCH] VFS: Use SEEK_{SET, CUR, END} instead of hardcoded values 2006-10-01 00:39:21 -07:00
Makefile [PATCH] Create fs/utimes.c 2006-10-01 00:39:19 -07:00
mbcache.c [PATCH] mbcache: add lock annotation for __mb_cache_entry_release_unlock() 2006-09-29 09:18:07 -07:00
mpage.c [PATCH] BLOCK: Dissociate generic_writepages() from mpage stuff [try #6] 2006-09-30 20:52:26 +02:00
namei.c [PATCH] r/o bind mount prepwork: move open_namei()'s vfs_create() 2006-10-01 00:39:30 -07:00
namespace.c [PATCH] BLOCK: Move extern declarations out of fs/*.c into header files [try #6] 2006-09-30 20:52:18 +02:00
nfsctl.c Remove obsolete #include <linux/config.h> 2006-06-30 19:25:36 +02:00
no-block.c [PATCH] BLOCK: Make it possible to disable the block layer [try #6] 2006-09-30 20:52:31 +02:00
open.c [PATCH] r/o bind mounts: prepare for write access checks: collapse if() 2006-10-01 00:39:30 -07:00
pipe.c [PATCH] Some cleanup in the pipe code 2006-10-01 00:39:33 -07:00
pnode.c [PATCH] core: use list_move() 2006-06-26 09:58:17 -07:00
pnode.h
posix_acl.c [PATCH] kmemdup: some users 2006-10-01 00:39:19 -07:00
quota_v1.c
quota_v2.c
quota.c [PATCH] BLOCK: Make it possible to disable the block layer [try #6] 2006-09-30 20:52:31 +02:00
read_write.c [PATCH] Add vector AIO support 2006-10-01 00:39:29 -07:00
read_write.h [PATCH] Remove readv/writev methods and use aio_read/aio_write instead 2006-10-01 00:39:28 -07:00
readdir.c
select.c [PATCH] enforce RLIMIT_NOFILE in poll() 2006-09-29 09:18:23 -07:00
seq_file.c
splice.c [PATCH] Update axboe@suse.de email address 2006-09-30 20:52:34 +02:00
stat.c [PATCH] inode-diet: Eliminate i_blksize from the inode structure 2006-09-27 08:26:18 -07:00
super.c [PATCH] BLOCK: Make it possible to disable the block layer [try #6] 2006-09-30 20:52:31 +02:00
sync.c [PATCH] BLOCK: Move functions out of buffer code [try #6] 2006-09-30 20:31:19 +02:00
utimes.c [PATCH] Create fs/utimes.c 2006-10-01 00:39:19 -07:00
xattr_acl.c
xattr.c [PATCH] log more info for directory entry change events 2006-06-20 05:25:28 -04:00