[036/119] pidns: fix a leak in /proc dentries and inodes with pid namespaces.

From: Greg KH
Date: Sun Dec 06 2009 - 19:31:59 EST

Next message: Greg KH: "[026/119] V4L/DVB (13107): tda18271: fix overflow in FM radio frequency calculation"
Previous message: Greg KH: "[022/119] highmem: Fix debug_kmap_atomic() to also handle KM_IRQ_PTE, KM_NMI, and KM_NMI_PTE"
In reply to: Florian Mickler: "Re: [022/119] highmem: Fix debug_kmap_atomic() to also handleKM_IRQ_PTE, KM_NMI, and KM_NMI_PTE"
Next in thread: Greg KH: "[026/119] V4L/DVB (13107): tda18271: fix overflow in FM radio frequency calculation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

2.6.31-stable review patch. If anyone has any objections, please let us know.

------------------
From: Sukadev Bhattiprolu <sukadev@xxxxxxxxxxxxxxxxxx>

commit 29f12ca32122db98481150be09d35bd72b68045e upstream.

Daniel Lezcano reported a leak in 'struct pid' and 'struct pid_namespace'
that is discussed in:

http://lkml.org/lkml/2009/10/2/159.

To summarize the thread, when container-init is terminated, it sets the
PF_EXITING flag, zaps other processes in the container and waits to reap
them. As a part of reaping, the container-init should flush any /proc
dentries associated with the processes. But because the container-init is
itself exiting and the following PF_EXITING check, the dentries are not
flushed, resulting in leak in /proc inodes and dentries.

This fix reverts the commit 7766755a2f249e7e0 ("Fix /proc dcache deadlock
in do_exit") which introduced the check for PF_EXITING. At the time of
the commit, shrink_dcache_parent() flushed dentries from other filesystems
also and could have caused a deadlock which the commit fixed. But as
pointed out by Eric Biederman, after commit 0feae5c47aabdde59,
shrink_dcache_parent() no longer affects other filesystems. So reverting
the commit is now safe.

As pointed out by Jan Kara, the leak is not as critical since the
unclaimed space will be reclaimed under memory pressure or by:

echo 3 > /proc/sys/vm/drop_caches

But since this check is no longer required, its best to remove it.

Signed-off-by: Sukadev Bhattiprolu <sukadev@xxxxxxxxxx>
Reported-by: Daniel Lezcano <dlezcano@xxxxxxxxxx>
Acked-by: Eric W. Biederman <ebiederm@xxxxxxxxxxxx>
Acked-by: Jan Kara <jack@xxxxxx>
Cc: Andrea Arcangeli <andrea@xxxxxxxxxxxx>
Cc: Serge Hallyn <serue@xxxxxxxxxx>
Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx>
Signed-off-by: Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxx>

---
fs/proc/base.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)

--- a/fs/proc/base.c
+++ b/fs/proc/base.c
@@ -2580,8 +2580,7 @@ static void proc_flush_task_mnt(struct v
name.len = snprintf(buf, sizeof(buf), "%d", pid);
dentry = d_hash_and_lookup(mnt->mnt_root, &name);
if (dentry) {
- if (!(current->flags & PF_EXITING))
- shrink_dcache_parent(dentry);
+ shrink_dcache_parent(dentry);
d_drop(dentry);
dput(dentry);
}

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Greg KH: "[026/119] V4L/DVB (13107): tda18271: fix overflow in FM radio frequency calculation"
Previous message: Greg KH: "[022/119] highmem: Fix debug_kmap_atomic() to also handle KM_IRQ_PTE, KM_NMI, and KM_NMI_PTE"
In reply to: Florian Mickler: "Re: [022/119] highmem: Fix debug_kmap_atomic() to also handleKM_IRQ_PTE, KM_NMI, and KM_NMI_PTE"
Next in thread: Greg KH: "[026/119] V4L/DVB (13107): tda18271: fix overflow in FM radio frequency calculation"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]