git.ipfire.org Git - thirdparty/kernel/stable.git/commit

author	Christian Brauner <brauner@kernel.org>
	Mon, 24 Jul 2023 15:00:49 +0000 (17:00 +0200)
committer	Linus Torvalds <torvalds@linux-foundation.org>
	Mon, 24 Jul 2023 17:16:36 +0000 (10:16 -0700)
commit	20ea1e7d13c1b544fe67c4a8dc3943bb1ab33e6f
tree	028a89f1670036f51716ceadf448b55da937cac2	tree \| snapshot
parent	9e0ee0c7545c7ec012a53878e7687e05b87abc75	commit \| diff

file: always lock position for FMODE_ATOMIC_POS

The pidfd_getfd() system call allows a caller with ptrace_may_access()
abilities on another process to steal a file descriptor from this
process. This system call is used by debuggers, container runtimes,
system call supervisors, networking proxies etc. So while it is a
special interest system call it is used in common tools.

That ability ends up breaking our long-time optimization in fdget_pos(),
which "knew" that if we had exclusive access to the file descriptor
nobody else could access it, and we didn't need the lock for the file
position.

That check for file_count(file) was always fairly subtle - it depended
on __fdget() not incrementing the file count for single-threaded
processes and thus included that as part of the rule - but it did mean
that we didn't need to take the lock in all those traditional unix
process contexts.

So it's sad to see this go, and I'd love to have some way to re-instate
the optimization. At the same time, the lock obviously isn't ever
contended in the case we optimized, so all we were optimizing away is
the atomics and the cacheline dirtying. Let's see if anybody even
notices that the optimization is gone.

Link: https://lore.kernel.org/linux-fsdevel/20230724-vfs-fdget_pos-v1-1-a4abfd7103f3@kernel.org/
Fixes: 8649c322f75c ("pid: Implement pidfd_getfd syscall")
Cc: stable@kernel.org
Signed-off-by: Christian Brauner <brauner@kernel.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>