vfs: fix RCU-lockdep false positive due to /proc

If a single-threaded process does a file-descriptor operation, and some
other process accesses that same file descriptor via /proc, the current
rcu_dereference_check_fdtable() can give a false-positive RCU-lockdep
splat due to the reference count being increased by the /proc access after
the reference-count check in fget_light() but before the check in
rcu_dereference_check_fdtable().

This commit prevents this false positive by checking for a single-threaded
process.  To avoid #include hell, this commit uses the wrapper for
thread_group_empty(current) defined by rcu_my_thread_group_empty()
provided in a separate commit.

Located-by: Miles Lane <[email protected]>
Located-by: Eric Dumazet <[email protected]>
Signed-off-by: Paul E. McKenney <[email protected]>
Cc: Al Viro <[email protected]>
Signed-off-by: Andrew Morton <[email protected]>
Signed-off-by: Linus Torvalds <[email protected]>

diff --git a/include/linux/fdtable.h b/include/linux/fdtable.h
index 013dc529e95ffc43121fbf8cfbac9d432fa29bc6..d147461bc2712b9c9fb7aae84d65e600d6c60fd4 100644 (file)
--- a/include/linux/fdtable.h
+++ b/include/linux/fdtable.h
@@ -61,7 +61,8 @@ struct files_struct {
        (rcu_dereference_check((fdtfd), \
                               rcu_read_lock_held() || \
                               lockdep_is_held(&(files)->file_lock) || \
-                              atomic_read(&(files)->count) == 1))
+                              atomic_read(&(files)->count) == 1 || \
+                              rcu_my_thread_group_empty()))
 
 #define files_fdtable(files) \
                (rcu_dereference_check_fdtable((files), (files)->fdt))