[systemd-devel] [PATCH 0/7] kdbus: improve user domain accounting

[Djalal Harouni]

On Wed, Jul 23, 2014 at 10:19:04PM +0100, Djalal Harouni wrote:
> Hi,
> 
> This series improves user domain accounting and fixes some bugs.
> 
> On top of the "kdbus: allow multiple policies" series:
> http://lists.freedesktop.org/archives/systemd-devel/2014-July/021514.html
> 
> 
> Patches 1, 2, 3 and 4 are preparation patches to improve the code.
> 
> Patch 5 fixes kdbus_domain_user_find_or_new(), callers assume that
> kdbus_domain_user_find_or_new() will fail only with -ENOMEM, but it
> may fail with -ESHUTDOWN, so adapt the code to return the appropriate
> errors and fix all callers.
I noticed that there is a race when two threads with the same parameters
call into kdbus_bus_new():

For this series in:

kdbus_bus_new()
 1) kdbus_domain_user_find()  (take and release the domain lock)
 2) mutex_lock(&domain->lock)
 3) __kdbus_domain_user_account()

So if the same threads fail at kdbus_domain_user_find(), they will race
for __kdbus_domain_user_account() and register the same user twice, we
end up with invalid user IDs.


The old unpatched version of kdbus_domain_user_find_or_new() also suffer
from this race, we need to check if we already have a matching user
domain or allocate and register a new one under the same one domain
lock, not take/release the lock then take it again.

The good news, this allows to rewrite a lockless version of
kdbus_domain_user_find_or_new(), and have only a one domain lock in the
kdbus_bus_new() path.

I'll send an updated version. Thanks

-- 
Djalal Harouni
http://opendz.org