From 4ebabb66f4132186152edf8e1907fce436bf5c69 Mon Sep 17 00:00:00 2001 From: "Dr. David Alan Gilbert" Date: Mon, 27 Jan 2020 19:02:06 +0100 Subject: [PATCH 095/116] virtiofsd: make lo_release() atomic MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit RH-Author: Dr. David Alan Gilbert Message-id: <20200127190227.40942-92-dgilbert@redhat.com> Patchwork-id: 93545 O-Subject: [RHEL-AV-8.2 qemu-kvm PATCH 091/112] virtiofsd: make lo_release() atomic Bugzilla: 1694164 RH-Acked-by: Philippe Mathieu-Daudé RH-Acked-by: Stefan Hajnoczi RH-Acked-by: Sergio Lopez Pascual From: Stefan Hajnoczi Hold the lock across both lo_map_get() and lo_map_remove() to prevent races between two FUSE_RELEASE requests. In this case I don't see a serious bug but it's safer to do things atomically. Signed-off-by: Stefan Hajnoczi Reviewed-by: Daniel P. Berrangé Signed-off-by: Dr. David Alan Gilbert (cherry picked from commit baed65c060c0e524530bc243eec427fb408bd477) Signed-off-by: Miroslav Rezanina --- tools/virtiofsd/passthrough_ll.c | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c index 9414935..690edbc 100644 --- a/tools/virtiofsd/passthrough_ll.c +++ b/tools/virtiofsd/passthrough_ll.c @@ -1772,14 +1772,18 @@ static void lo_release(fuse_req_t req, fuse_ino_t ino, struct fuse_file_info *fi) { struct lo_data *lo = lo_data(req); - int fd; + struct lo_map_elem *elem; + int fd = -1; (void)ino; - fd = lo_fi_fd(req, fi); - pthread_mutex_lock(&lo->mutex); - lo_map_remove(&lo->fd_map, fi->fh); + elem = lo_map_get(&lo->fd_map, fi->fh); + if (elem) { + fd = elem->fd; + elem = NULL; + lo_map_remove(&lo->fd_map, fi->fh); + } pthread_mutex_unlock(&lo->mutex); close(fd); -- 1.8.3.1