git.kernel.dk Git - linux-block.git/commit

author	Sishuai Gong <sishuai.system@gmail.com>
	Fri, 18 Aug 2023 00:00:31 +0000 (20:00 -0400)
committer	Steven Rostedt (Google) <rostedt@goodmis.org>
	Tue, 22 Aug 2023 09:23:53 +0000 (05:23 -0400)
commit	086629773ec96216d06c72c801602cc56ebece27
tree	1265fa48fc3498d5af895092d6d944dac77e8407	tree \| snapshot
parent	a943188dabf78585fc5ddae0803b8b2c94f1c824	commit \| diff

tracefs: Avoid changing i_mode to a temp value

Right now inode->i_mode is updated twice to reach the desired value
in tracefs_apply_options(). Because there is no lock protecting the two
writes, other threads might read the intermediate value of inode->i_mode.

Thread-1 Thread-2
// tracefs_apply_options() //e.g., acl_permission_check
inode->i_mode &= ~S_IALLUGO;
unsigned int mode = inode->i_mode;
inode->i_mode |= opts->mode;

I think there is no need to introduce a lock but it is better to
only update inode->i_mode ONCE, so the readers will either see the old
or latest value, rather than an intermediate/temporary value.

Note, the race is not a security concern as the intermediate value is more
locked down than either the start or end version. This is more just to do
the conversion cleanly.

Link: https://lore.kernel.org/linux-trace-kernel/AB5B0A1C-75D9-4E82-A7F0-CF7D0715587B@gmail.com
Signed-off-by: Sishuai Gong <sishuai.system@gmail.com>
Signed-off-by: Steven Rostedt (Google) <rostedt@goodmis.org>