NFS: fix two problems in lookup_revalidate in RCU-walk

1/ rcu_dereference isn't correct: that field isn't
   RCU protected.   It could potentially change at any time
   so ACCESS_ONCE might be justified.

   changes to ->d_parent are protected by ->d_seq.  However
   that isn't always checked after ->d_revalidate is called,
   so it is safest to keep the double-check that ->d_parent
   hasn't changed at the end of these functions.

2/ in nfs4_lookup_revalidate, "->d_parent" was forgotten.
   So 'parent' was not the parent of 'dentry'.
   This fails safe is the context is that dentry->d_inode is
   NULL, and the result of parent->d_inode being NULL is
   that ECHILD is returned, which is always safe.

Reported-by: kbuild test robot <fengguang.wu@intel.com>
Signed-off-by: NeilBrown <neilb@suse.de>
Signed-off-by: Trond Myklebust <trond.myklebust@primarydata.com>
This commit is contained in:
NeilBrown 2014-08-04 16:24:00 +10:00 committed by Trond Myklebust
parent f682a398b2
commit 50d77739fa

View file

@ -1102,7 +1102,7 @@ static int nfs_lookup_revalidate(struct dentry *dentry, unsigned int flags)
int error; int error;
if (flags & LOOKUP_RCU) { if (flags & LOOKUP_RCU) {
parent = rcu_dereference(dentry->d_parent); parent = ACCESS_ONCE(dentry->d_parent);
dir = ACCESS_ONCE(parent->d_inode); dir = ACCESS_ONCE(parent->d_inode);
if (!dir) if (!dir)
return -ECHILD; return -ECHILD;
@ -1184,7 +1184,7 @@ out_set_verifier:
nfs_advise_use_readdirplus(dir); nfs_advise_use_readdirplus(dir);
out_valid_noent: out_valid_noent:
if (flags & LOOKUP_RCU) { if (flags & LOOKUP_RCU) {
if (parent != rcu_dereference(dentry->d_parent)) if (parent != ACCESS_ONCE(dentry->d_parent))
return -ECHILD; return -ECHILD;
} else } else
dput(parent); dput(parent);
@ -1585,7 +1585,7 @@ static int nfs4_lookup_revalidate(struct dentry *dentry, unsigned int flags)
struct inode *dir; struct inode *dir;
if (flags & LOOKUP_RCU) { if (flags & LOOKUP_RCU) {
parent = rcu_dereference(dentry); parent = ACCESS_ONCE(dentry->d_parent);
dir = ACCESS_ONCE(parent->d_inode); dir = ACCESS_ONCE(parent->d_inode);
if (!dir) if (!dir)
return -ECHILD; return -ECHILD;
@ -1599,7 +1599,7 @@ static int nfs4_lookup_revalidate(struct dentry *dentry, unsigned int flags)
ret = -ECHILD; ret = -ECHILD;
if (!(flags & LOOKUP_RCU)) if (!(flags & LOOKUP_RCU))
dput(parent); dput(parent);
else if (parent != rcu_dereference(dentry)) else if (parent != ACCESS_ONCE(dentry->d_parent))
return -ECHILD; return -ECHILD;
goto out; goto out;
} }