diff options
author | Eric Van Hensbergen <ericvh@gmail.com> | 2007-01-26 03:57:06 -0500 |
---|---|---|
committer | Linus Torvalds <torvalds@woody.linux-foundation.org> | 2007-01-26 16:51:00 -0500 |
commit | da977b2c7eb4d6312f063a7b486f2aad99809710 (patch) | |
tree | bb8a2afc766c16e3349e03dfb8a706dca6408395 /fs/9p/vfs_file.c | |
parent | ff76e1dfc8728278ee231feeb93146f9c57c3ec3 (diff) |
[PATCH] 9p: fix segfault caused by race condition in meta-data operations
Running dbench multithreaded exposed a race condition where fid structures
were removed while in use. This patch adds semaphores to meta-data operations
to protect the fid structure. Some cleanup of error-case handling in the
inode operations is also included.
Signed-off-by: Eric Van Hensbergen <ericvh@gmail.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'fs/9p/vfs_file.c')
-rw-r--r-- | fs/9p/vfs_file.c | 47 |
1 files changed, 7 insertions, 40 deletions
diff --git a/fs/9p/vfs_file.c b/fs/9p/vfs_file.c index e86a07151280..9f17b0cacdd0 100644 --- a/fs/9p/vfs_file.c +++ b/fs/9p/vfs_file.c | |||
@@ -55,53 +55,22 @@ int v9fs_file_open(struct inode *inode, struct file *file) | |||
55 | struct v9fs_fid *vfid; | 55 | struct v9fs_fid *vfid; |
56 | struct v9fs_fcall *fcall = NULL; | 56 | struct v9fs_fcall *fcall = NULL; |
57 | int omode; | 57 | int omode; |
58 | int fid = V9FS_NOFID; | ||
59 | int err; | 58 | int err; |
60 | 59 | ||
61 | dprintk(DEBUG_VFS, "inode: %p file: %p \n", inode, file); | 60 | dprintk(DEBUG_VFS, "inode: %p file: %p \n", inode, file); |
62 | 61 | ||
63 | vfid = v9fs_fid_lookup(file->f_path.dentry); | 62 | vfid = v9fs_fid_clone(file->f_path.dentry); |
64 | if (!vfid) { | 63 | if (IS_ERR(vfid)) |
65 | dprintk(DEBUG_ERROR, "Couldn't resolve fid from dentry\n"); | 64 | return PTR_ERR(vfid); |
66 | return -EBADF; | ||
67 | } | ||
68 | |||
69 | fid = v9fs_get_idpool(&v9ses->fidpool); | ||
70 | if (fid < 0) { | ||
71 | eprintk(KERN_WARNING, "newfid fails!\n"); | ||
72 | return -ENOSPC; | ||
73 | } | ||
74 | 65 | ||
75 | err = v9fs_t_walk(v9ses, vfid->fid, fid, NULL, &fcall); | ||
76 | if (err < 0) { | ||
77 | dprintk(DEBUG_ERROR, "rewalk didn't work\n"); | ||
78 | if (fcall && fcall->id == RWALK) | ||
79 | goto clunk_fid; | ||
80 | else { | ||
81 | v9fs_put_idpool(fid, &v9ses->fidpool); | ||
82 | goto free_fcall; | ||
83 | } | ||
84 | } | ||
85 | kfree(fcall); | ||
86 | |||
87 | /* TODO: do special things for O_EXCL, O_NOFOLLOW, O_SYNC */ | ||
88 | /* translate open mode appropriately */ | ||
89 | omode = v9fs_uflags2omode(file->f_flags); | 66 | omode = v9fs_uflags2omode(file->f_flags); |
90 | err = v9fs_t_open(v9ses, fid, omode, &fcall); | 67 | err = v9fs_t_open(v9ses, vfid->fid, omode, &fcall); |
91 | if (err < 0) { | 68 | if (err < 0) { |
92 | PRINT_FCALL_ERROR("open failed", fcall); | 69 | PRINT_FCALL_ERROR("open failed", fcall); |
93 | goto clunk_fid; | 70 | goto Clunk_Fid; |
94 | } | ||
95 | |||
96 | vfid = kmalloc(sizeof(struct v9fs_fid), GFP_KERNEL); | ||
97 | if (vfid == NULL) { | ||
98 | dprintk(DEBUG_ERROR, "out of memory\n"); | ||
99 | err = -ENOMEM; | ||
100 | goto clunk_fid; | ||
101 | } | 71 | } |
102 | 72 | ||
103 | file->private_data = vfid; | 73 | file->private_data = vfid; |
104 | vfid->fid = fid; | ||
105 | vfid->fidopen = 1; | 74 | vfid->fidopen = 1; |
106 | vfid->fidclunked = 0; | 75 | vfid->fidclunked = 0; |
107 | vfid->iounit = fcall->params.ropen.iounit; | 76 | vfid->iounit = fcall->params.ropen.iounit; |
@@ -112,10 +81,8 @@ int v9fs_file_open(struct inode *inode, struct file *file) | |||
112 | 81 | ||
113 | return 0; | 82 | return 0; |
114 | 83 | ||
115 | clunk_fid: | 84 | Clunk_Fid: |
116 | v9fs_t_clunk(v9ses, fid); | 85 | v9fs_fid_clunk(v9ses, vfid); |
117 | |||
118 | free_fcall: | ||
119 | kfree(fcall); | 86 | kfree(fcall); |
120 | 87 | ||
121 | return err; | 88 | return err; |