Skip to content

Commit 8b1bc25

Browse files
braunerbrauner
committed
fs: protect backing files with rcu
Currently backing files are not under any form of rcu protection. Switching to file_ref requires rcu protection and so does the speculative vma lookup. Switch backing files to the same rcu slab type as regular files. There should be no additional magic required as the lifetime of a backing file is always tied to a regular file. Link: https://lore.kernel.org/r/[email protected] Signed-off-by: Christian Brauner <[email protected]>
1 parent 8cf0b93 commit 8b1bc25

File tree

1 file changed

+13
-4
lines changed

1 file changed

+13
-4
lines changed

fs/file_table.c

Lines changed: 13 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -40,13 +40,17 @@ static struct files_stat_struct files_stat = {
4040

4141
/* SLAB cache for file structures */
4242
static struct kmem_cache *filp_cachep __ro_after_init;
43+
static struct kmem_cache *bfilp_cachep __ro_after_init;
4344

4445
static struct percpu_counter nr_files __cacheline_aligned_in_smp;
4546

4647
/* Container for backing file with optional user path */
4748
struct backing_file {
4849
struct file file;
49-
struct path user_path;
50+
union {
51+
struct path user_path;
52+
freeptr_t bf_freeptr;
53+
};
5054
};
5155

5256
static inline struct backing_file *backing_file(struct file *f)
@@ -68,7 +72,7 @@ static inline void file_free(struct file *f)
6872
put_cred(f->f_cred);
6973
if (unlikely(f->f_mode & FMODE_BACKING)) {
7074
path_put(backing_file_user_path(f));
71-
kfree(backing_file(f));
75+
kmem_cache_free(bfilp_cachep, backing_file(f));
7276
} else {
7377
kmem_cache_free(filp_cachep, f);
7478
}
@@ -267,13 +271,13 @@ struct file *alloc_empty_backing_file(int flags, const struct cred *cred)
267271
struct backing_file *ff;
268272
int error;
269273

270-
ff = kzalloc(sizeof(struct backing_file), GFP_KERNEL);
274+
ff = kmem_cache_zalloc(bfilp_cachep, GFP_KERNEL);
271275
if (unlikely(!ff))
272276
return ERR_PTR(-ENOMEM);
273277

274278
error = init_file(&ff->file, flags, cred);
275279
if (unlikely(error)) {
276-
kfree(ff);
280+
kmem_cache_free(bfilp_cachep, ff);
277281
return ERR_PTR(error);
278282
}
279283

@@ -529,6 +533,11 @@ void __init files_init(void)
529533
filp_cachep = kmem_cache_create("filp", sizeof(struct file), &args,
530534
SLAB_HWCACHE_ALIGN | SLAB_PANIC |
531535
SLAB_ACCOUNT | SLAB_TYPESAFE_BY_RCU);
536+
537+
args.freeptr_offset = offsetof(struct backing_file, bf_freeptr);
538+
bfilp_cachep = kmem_cache_create("bfilp", sizeof(struct backing_file),
539+
&args, SLAB_HWCACHE_ALIGN | SLAB_PANIC |
540+
SLAB_ACCOUNT | SLAB_TYPESAFE_BY_RCU);
532541
percpu_counter_init(&nr_files, 0, GFP_KERNEL);
533542
}
534543

0 commit comments

Comments
 (0)