diff options
| author | NeilBrown <neilb@suse.de> | 2014-08-04 02:24:00 -0400 |
|---|---|---|
| committer | Trond Myklebust <trond.myklebust@primarydata.com> | 2014-08-04 09:22:08 -0400 |
| commit | 50d77739fa1972030daf1c8902404551e49bf232 (patch) | |
| tree | 2e88b257ab14a66d790f5741137269965e06c444 /fs | |
| parent | f682a398b2e24ae0a775ddf37cced83b897198ee (diff) | |
NFS: fix two problems in lookup_revalidate in RCU-walk
1/ rcu_dereference isn't correct: that field isn't
RCU protected. It could potentially change at any time
so ACCESS_ONCE might be justified.
changes to ->d_parent are protected by ->d_seq. However
that isn't always checked after ->d_revalidate is called,
so it is safest to keep the double-check that ->d_parent
hasn't changed at the end of these functions.
2/ in nfs4_lookup_revalidate, "->d_parent" was forgotten.
So 'parent' was not the parent of 'dentry'.
This fails safe is the context is that dentry->d_inode is
NULL, and the result of parent->d_inode being NULL is
that ECHILD is returned, which is always safe.
Reported-by: kbuild test robot <fengguang.wu@intel.com>
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Trond Myklebust <trond.myklebust@primarydata.com>
Diffstat (limited to 'fs')
| -rw-r--r-- | fs/nfs/dir.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/fs/nfs/dir.c b/fs/nfs/dir.c index 1b5f38f48dab..36d921f0c602 100644 --- a/fs/nfs/dir.c +++ b/fs/nfs/dir.c | |||
| @@ -1102,7 +1102,7 @@ static int nfs_lookup_revalidate(struct dentry *dentry, unsigned int flags) | |||
| 1102 | int error; | 1102 | int error; |
| 1103 | 1103 | ||
| 1104 | if (flags & LOOKUP_RCU) { | 1104 | if (flags & LOOKUP_RCU) { |
| 1105 | parent = rcu_dereference(dentry->d_parent); | 1105 | parent = ACCESS_ONCE(dentry->d_parent); |
| 1106 | dir = ACCESS_ONCE(parent->d_inode); | 1106 | dir = ACCESS_ONCE(parent->d_inode); |
| 1107 | if (!dir) | 1107 | if (!dir) |
| 1108 | return -ECHILD; | 1108 | return -ECHILD; |
| @@ -1184,7 +1184,7 @@ out_set_verifier: | |||
| 1184 | nfs_advise_use_readdirplus(dir); | 1184 | nfs_advise_use_readdirplus(dir); |
| 1185 | out_valid_noent: | 1185 | out_valid_noent: |
| 1186 | if (flags & LOOKUP_RCU) { | 1186 | if (flags & LOOKUP_RCU) { |
| 1187 | if (parent != rcu_dereference(dentry->d_parent)) | 1187 | if (parent != ACCESS_ONCE(dentry->d_parent)) |
| 1188 | return -ECHILD; | 1188 | return -ECHILD; |
| 1189 | } else | 1189 | } else |
| 1190 | dput(parent); | 1190 | dput(parent); |
| @@ -1585,7 +1585,7 @@ static int nfs4_lookup_revalidate(struct dentry *dentry, unsigned int flags) | |||
| 1585 | struct inode *dir; | 1585 | struct inode *dir; |
| 1586 | 1586 | ||
| 1587 | if (flags & LOOKUP_RCU) { | 1587 | if (flags & LOOKUP_RCU) { |
| 1588 | parent = rcu_dereference(dentry); | 1588 | parent = ACCESS_ONCE(dentry->d_parent); |
| 1589 | dir = ACCESS_ONCE(parent->d_inode); | 1589 | dir = ACCESS_ONCE(parent->d_inode); |
| 1590 | if (!dir) | 1590 | if (!dir) |
| 1591 | return -ECHILD; | 1591 | return -ECHILD; |
| @@ -1599,7 +1599,7 @@ static int nfs4_lookup_revalidate(struct dentry *dentry, unsigned int flags) | |||
| 1599 | ret = -ECHILD; | 1599 | ret = -ECHILD; |
| 1600 | if (!(flags & LOOKUP_RCU)) | 1600 | if (!(flags & LOOKUP_RCU)) |
| 1601 | dput(parent); | 1601 | dput(parent); |
| 1602 | else if (parent != rcu_dereference(dentry)) | 1602 | else if (parent != ACCESS_ONCE(dentry->d_parent)) |
| 1603 | return -ECHILD; | 1603 | return -ECHILD; |
| 1604 | goto out; | 1604 | goto out; |
| 1605 | } | 1605 | } |