git.kernel.dk Git - linux-block.git/commit

author	Jeff Layton <jlayton@kernel.org>
	Sun, 11 Dec 2022 11:19:33 +0000 (06:19 -0500)
committer	Chuck Lever <chuck.lever@oracle.com>
	Sun, 11 Dec 2022 16:03:09 +0000 (11:03 -0500)
commit	ac3a2585f018f10039b4a856dcb122da88c1c1c9
tree	dcac7a566c69ec566e4b1c90b5984a2a06ce6402	tree \| snapshot
parent	e78e274eb22d966258a3845acc71d3c5b8ee2ea8	commit \| diff

nfsd: rework refcounting in filecache

The filecache refcounting is a bit non-standard for something searchable
by RCU, in that we maintain a sentinel reference while it's hashed. This
in turn requires that we have to do things differently in the "put"
depending on whether its hashed, which we believe to have led to races.

There are other problems in here too. nfsd_file_close_inode_sync can end
up freeing an nfsd_file while there are still outstanding references to
it, and there are a number of subtle ToC/ToU races.

Rework the code so that the refcount is what drives the lifecycle. When
the refcount goes to zero, then unhash and rcu free the object. A task
searching for a nfsd_file is allowed to bump its refcount, but only if
it's not already 0. Ensure that we don't make any other changes to it
until a reference is held.

With this change, the LRU carries a reference. Take special care to deal
with it when removing an entry from the list, and ensure that we only
repurpose the nf_lru list_head when the refcount is 0 to ensure
exclusive access to it.

Signed-off-by: Jeff Layton <jlayton@kernel.org>
Signed-off-by: Chuck Lever <chuck.lever@oracle.com>

fs/nfsd/filecache.c		diff \| blob \| blame \| history
fs/nfsd/trace.h		diff \| blob \| blame \| history