summaryrefslogtreecommitdiffstats
path: root/fs/notify
diff options
context:
space:
mode:
authorJan Kara <jack@suse.cz>2016-10-08 01:56:58 +0200
committerLinus Torvalds <torvalds@linux-foundation.org>2016-10-08 03:46:26 +0200
commit0b1b86527df4b1f398266c23e926dd788925bb69 (patch)
tree04d4ba30ad9e2e17a9e68b344964fe06bcfcfd88 /fs/notify
parentfanotify: use notification_lock instead of access_lock (diff)
downloadlinux-0b1b86527df4b1f398266c23e926dd788925bb69.tar.xz
linux-0b1b86527df4b1f398266c23e926dd788925bb69.zip
fanotify: fix possible false warning when freeing events
When freeing permission events by fsnotify_destroy_event(), the warning WARN_ON(!list_empty(&event->list)); may falsely hit. This is because although fanotify_get_response() saw event->response set, there is nothing to make sure the current CPU also sees the removal of the event from the list. Add proper locking around the WARN_ON() to avoid the false warning. Link: http://lkml.kernel.org/r/1473797711-14111-7-git-send-email-jack@suse.cz Reported-by: Miklos Szeredi <mszeredi@redhat.com> Signed-off-by: Jan Kara <jack@suse.cz> Reviewed-by: Lino Sanfilippo <LinoSanfilippo@gmx.de> Cc: Eric Paris <eparis@redhat.com> Cc: Al Viro <viro@ZenIV.linux.org.uk> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'fs/notify')
-rw-r--r--fs/notify/notification.c13
1 files changed, 11 insertions, 2 deletions
diff --git a/fs/notify/notification.c b/fs/notify/notification.c
index 8a7a8cd041e8..1a8010e7a2a0 100644
--- a/fs/notify/notification.c
+++ b/fs/notify/notification.c
@@ -74,8 +74,17 @@ void fsnotify_destroy_event(struct fsnotify_group *group,
/* Overflow events are per-group and we don't want to free them */
if (!event || event->mask == FS_Q_OVERFLOW)
return;
- /* If the event is still queued, we have a problem... */
- WARN_ON(!list_empty(&event->list));
+ /*
+ * If the event is still queued, we have a problem... Do an unreliable
+ * lockless check first to avoid locking in the common case. The
+ * locking may be necessary for permission events which got removed
+ * from the list by a different CPU than the one freeing the event.
+ */
+ if (!list_empty(&event->list)) {
+ spin_lock(&group->notification_lock);
+ WARN_ON(!list_empty(&event->list));
+ spin_unlock(&group->notification_lock);
+ }
group->ops->free_event(event);
}