Call retain_dentry() with refcount 0

Instead of bumping it from 0 to 1, calling retain_dentry(), then
decrementing it back to 0 (with ->d_lock held all the way through),
just leave refcount at 0 through all of that.

It will have a visible effect for ->d_delete() - now it can be
called with refcount 0 instead of 1 and it can no longer play
silly buggers with dropping/regaining ->d_lock.  Not that any
in-tree instances tried to (it's pretty hard to get right).

Any out-of-tree ones will have to adjust (assuming they need any
changes).

Note that we do not need to extend rcu-critical area here - we have
verified that refcount is non-negative after having grabbed ->d_lock,
so nobody will be able to free dentry until they get into __dentry_kill(),
which won't happen until they manage to grab ->d_lock.

Reviewed-by: Christian Brauner <brauner@kernel.org>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>

diff --git a/Documentation/filesystems/porting.rst b/Documentation/filesystems/porting.rst
index 331405f4b29ffd63429bbc7e01fce1768c12a163..da8073b592ff8583bcc6336bd7f12810f62786e6 100644 (file)
--- a/Documentation/filesystems/porting.rst
+++ b/Documentation/filesystems/porting.rst
@@ -1070,3 +1070,11 @@ The list of children anchored in parent dentry got turned into hlist now.
 Field names got changed (->d_children/->d_sib instead of ->d_subdirs/->d_child
 for anchor/entries resp.), so any affected places will be immediately caught
 by compiler.
+
+---
+
+**mandatory**
+
+->d_delete() instances are now called for dentries with ->d_lock held
+and refcount equal to 0.  They are not permitted to drop/regain ->d_lock.
+None of in-tree instances did anything of that sort.  Make sure yours do not...

diff --git a/fs/dcache.c b/fs/dcache.c
index 80992e49561c008d1e86bf9ff78e95ca71fdd6bd..8ce0fe70f3033442ec5c358d94977d62c0d13a45 100644 (file)
--- a/fs/dcache.c
+++ b/fs/dcache.c
@@ -888,15 +888,14 @@ void dput(struct dentry *dentry)
                }
 
                /* Slow case: now with the dentry lock held */
-               dentry->d_lockref.count = 1;
                rcu_read_unlock();
 
                if (likely(retain_dentry(dentry))) {
-                       dentry->d_lockref.count--;
                        spin_unlock(&dentry->d_lock);
                        return;
                }
 
+               dentry->d_lockref.count = 1;
                dentry = dentry_kill(dentry);
        }
 }
@@ -921,13 +920,8 @@ void dput_to_list(struct dentry *dentry, struct list_head *list)
                return;
        }
        rcu_read_unlock();
-       dentry->d_lockref.count = 1;
-       if (!retain_dentry(dentry)) {
-               --dentry->d_lockref.count;
+       if (!retain_dentry(dentry))
                to_shrink_list(dentry, list);
-       } else {
-               --dentry->d_lockref.count;
-       }
        spin_unlock(&dentry->d_lock);
 }