epoll: replace ->visited/visited_list with generation count

commit 18306c404abe18a0972587a6266830583c60c928 upstream.

removes the need to clear it, along with the races.

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

diff --git a/fs/eventpoll.c b/fs/eventpoll.c
index d5b68ebbb1631a25d6a907e253deaf0f30ba51ef..9da2547700fca62ca3dceb2a8f76c7e708c8f2af 100644 (file)
--- a/fs/eventpoll.c
+++ b/fs/eventpoll.c
@@ -222,8 +222,7 @@ struct eventpoll {
        struct file *file;
 
        /* used to optimize loop detection check */
-       int visited;
-       struct list_head visited_list_link;
+       u64 gen;
 };
 
 /* Wait structure used by the poll hooks */
@@ -267,6 +266,8 @@ static long max_user_watches __read_mostly;
  */
 static DEFINE_MUTEX(epmutex);
 
+static u64 loop_check_gen = 0;
+
 /* Used to check for epoll file descriptor inclusion loops */
 static struct nested_calls poll_loop_ncalls;
 
@@ -282,9 +283,6 @@ static struct kmem_cache *epi_cache __read_mostly;
 /* Slab cache used to allocate "struct eppoll_entry" */
 static struct kmem_cache *pwq_cache __read_mostly;
 
-/* Visited nodes during ep_loop_check(), so we can unset them when we finish */
-static LIST_HEAD(visited_list);
-
 /*
  * List of files with newly added links, where we may need to limit the number
  * of emanating paths. Protected by the epmutex.
@@ -1724,13 +1722,12 @@ static int ep_loop_check_proc(void *priv, void *cookie, int call_nests)
        struct epitem *epi;
 
        mutex_lock_nested(&ep->mtx, call_nests + 1);
-       ep->visited = 1;
-       list_add(&ep->visited_list_link, &visited_list);
+       ep->gen = loop_check_gen;
        for (rbp = rb_first(&ep->rbr); rbp; rbp = rb_next(rbp)) {
                epi = rb_entry(rbp, struct epitem, rbn);
                if (unlikely(is_file_epoll(epi->ffd.file))) {
                        ep_tovisit = epi->ffd.file->private_data;
-                       if (ep_tovisit->visited)
+                       if (ep_tovisit->gen == loop_check_gen)
                                continue;
                        error = ep_call_nested(&poll_loop_ncalls, EP_MAX_NESTS,
                                        ep_loop_check_proc, epi->ffd.file,
@@ -1771,18 +1768,8 @@ static int ep_loop_check_proc(void *priv, void *cookie, int call_nests)
  */
 static int ep_loop_check(struct eventpoll *ep, struct file *file)
 {
-       int ret;
-       struct eventpoll *ep_cur, *ep_next;
-
-       ret = ep_call_nested(&poll_loop_ncalls, EP_MAX_NESTS,
+       return ep_call_nested(&poll_loop_ncalls, EP_MAX_NESTS,
                              ep_loop_check_proc, file, ep, current);
-       /* clear visited list */
-       list_for_each_entry_safe(ep_cur, ep_next, &visited_list,
-                                                       visited_list_link) {
-               ep_cur->visited = 0;
-               list_del(&ep_cur->visited_list_link);
-       }
-       return ret;
 }
 
 static void clear_tfile_check_list(void)
@@ -1999,6 +1986,7 @@ SYSCALL_DEFINE4(epoll_ctl, int, epfd, int, op, int, fd,
 error_tgt_fput:
        if (full_check) {
                clear_tfile_check_list();
+               loop_check_gen++;
                mutex_unlock(&epmutex);
        }