From htejun@gmail.com Sat Apr 28 06:39:59 2007 From: Tejun Heo Date: Sat, 28 Apr 2007 22:39:40 +0900 Subject: [PATCH 05/21] sysfs: allocate inode number using ida To: gregkh@suse.de, dmitry.torokhov@gmail.com, cornelia.huck@de.ibm.com, oneukum@suse.de, rpurdie@rpsys.net, stern@rowland.harvard.edu, maneesh@in.ibm.com, akpm@linux-foundation.org, linux-kernel@vger.kernel.org, htejun@gmail.com Cc: Tejun Heo Message-ID: <117776758093-git-send-email-htejun@gmail.com> Inode number handling was incorrect in two ways. 1. sysfs uses the inode number allocated by new_inode() and never hashes it. When reporting the inode number, it uses iunique() if inode is inaccessible. This is incorrect because iunique() assumes the inodes are hashed. This can cause duplicate inode numbers and the condition is likely to happen because new_inode() and iunique() use separate increasing static counters to scan for empty slot. 2. sysfs_dirent->s_dentry can go away anytime and can't be referenced unless the caller knows the dentry is not and not going to be deleted. This patch adds sysfs_dirent->s_ino and uses ida to give each sd a unique inode number on allocation which is freed when the sd is released. Signed-off-by: Tejun Heo Signed-off-by: Greg Kroah-Hartman --- fs/sysfs/dir.c | 43 ++++++++++++++++++++++++++++++++++++++----- fs/sysfs/inode.c | 1 + fs/sysfs/mount.c | 1 + fs/sysfs/sysfs.h | 1 + 4 files changed, 41 insertions(+), 5 deletions(-) --- a/fs/sysfs/dir.c +++ b/fs/sysfs/dir.c @@ -9,11 +9,41 @@ #include #include #include +#include #include #include "sysfs.h" DECLARE_RWSEM(sysfs_rename_sem); +static spinlock_t sysfs_ino_lock = SPIN_LOCK_UNLOCKED; +static DEFINE_IDA(sysfs_ino_ida); + +int sysfs_alloc_ino(ino_t *pino) +{ + int ino, rc; + + retry: + spin_lock(&sysfs_ino_lock); + rc = ida_get_new_above(&sysfs_ino_ida, 2, &ino); + spin_unlock(&sysfs_ino_lock); + + if (rc == -EAGAIN) { + if (ida_pre_get(&sysfs_ino_ida, GFP_KERNEL)) + goto retry; + rc = -ENOMEM; + } + + *pino = ino; + return rc; +} + +static void sysfs_free_ino(ino_t ino) +{ + spin_lock(&sysfs_ino_lock); + ida_remove(&sysfs_ino_ida, ino); + spin_unlock(&sysfs_ino_lock); +} + void release_sysfs_dirent(struct sysfs_dirent * sd) { if (sd->s_type & SYSFS_KOBJ_LINK) { @@ -23,6 +53,7 @@ void release_sysfs_dirent(struct sysfs_d kfree(sl); } kfree(sd->s_iattr); + sysfs_free_ino(sd->s_ino); kmem_cache_free(sysfs_dir_cachep, sd); } @@ -53,6 +84,11 @@ static struct sysfs_dirent * __sysfs_new if (!sd) return NULL; + if (sysfs_alloc_ino(&sd->s_ino)) { + kmem_cache_free(sysfs_dir_cachep, sd); + return NULL; + } + atomic_set(&sd->s_count, 1); atomic_set(&sd->s_event, 1); INIT_LIST_HEAD(&sd->s_children); @@ -521,7 +557,7 @@ static int sysfs_readdir(struct file * f switch (i) { case 0: - ino = dentry->d_inode->i_ino; + ino = parent_sd->s_ino; if (filldir(dirent, ".", 1, i, ino, DT_DIR) < 0) break; filp->f_pos++; @@ -550,10 +586,7 @@ static int sysfs_readdir(struct file * f name = sysfs_get_name(next); len = strlen(name); - if (next->s_dentry) - ino = next->s_dentry->d_inode->i_ino; - else - ino = iunique(sysfs_sb, 2); + ino = next->s_ino; if (filldir(dirent, name, len, filp->f_pos, ino, dt_type(next)) < 0) --- a/fs/sysfs/inode.c +++ b/fs/sysfs/inode.c @@ -140,6 +140,7 @@ struct inode * sysfs_new_inode(mode_t mo inode->i_mapping->a_ops = &sysfs_aops; inode->i_mapping->backing_dev_info = &sysfs_backing_dev_info; inode->i_op = &sysfs_inode_operations; + inode->i_ino = sd->s_ino; lockdep_set_class(&inode->i_mutex, &sysfs_inode_imutex_key); if (sd->s_iattr) { --- a/fs/sysfs/mount.c +++ b/fs/sysfs/mount.c @@ -32,6 +32,7 @@ static struct sysfs_dirent sysfs_root = .s_children = LIST_HEAD_INIT(sysfs_root.s_children), .s_element = NULL, .s_type = SYSFS_ROOT, + .s_ino = 1, .s_iattr = NULL, }; --- a/fs/sysfs/sysfs.h +++ b/fs/sysfs/sysfs.h @@ -5,6 +5,7 @@ struct sysfs_dirent { void * s_element; int s_type; umode_t s_mode; + ino_t s_ino; struct dentry * s_dentry; struct iattr * s_iattr; atomic_t s_event;