Re: local denial-of-service with file leases

[Trond Myklebust]

On Fri, 2005-11-11 at 00:45 -0800, Chris Wright wrote:
> * Avi Kivity (avi@xxxxxxxxxx) wrote:
> > the following program will oom a the 2.6.14.1 kernel, running as an 
> > ordinary user:
> 
> I don't have a good mechanism for testing leases, but this should fix
> the leak.  Mind testing?
> 

Bruce has a simpler patch (see attachment). The call to fasync_helper()
in order to free active structures will have already been done in
locks_delete_lock(), so in principle, all we want to do is to skip the
fasync_helper() call in fcntl_setlease().

Cheers,
  Trond


> --- Begin Message ---
> On Thu, Nov 10, 2005 at 05:54:28PM -0500, bfields wrote:
> > Sorry, that should ahve been an obvious thing to try after that last
> > complaint.  OK, looking....
>
> Yup:
>
> http://linux.bkbits.net:8080/linux-2.6/diffs/fs/locks.c@xxxx?nav=index.html|src/|src/fs|hist/fs/locks.c
>
> (Isn't there someone with a complete kernel history in git and a gitweb
> interface?  Sure would be convenient.)
>
> This seems to fix it, but I want to investigate a little more tommorow.
> --b.
>
>
> ---
>
>  linux-2.6.14-bfields/fs/locks.c |    2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff -puN fs/locks.c~locks-fix-fasync-leak fs/locks.c
> --- linux-2.6.14/fs/locks.c~locks-fix-fasync-leak	2005-11-10 18:49:15.000000000 -0500
> +++ linux-2.6.14-bfields/fs/locks.c	2005-11-10 18:50:12.000000000 -0500
> @@ -1446,7 +1446,7 @@ int fcntl_setlease(unsigned int fd, stru
>  	lock_kernel();
>  
>  	error = __setlease(filp, arg, &flp);
> -	if (error)
> +	if (error || arg == F_UNLCK)
>  		goto out_unlock;
>  
>  	error = fasync_helper(fd, filp, 1, &flp->fl_fasync);
> _
>
> --- End Message ---