summaryrefslogtreecommitdiff
path: root/fs/erofs/utils.c
diff options
context:
space:
mode:
authorGao Xiang <hsiangkao@linux.alibaba.com>2023-10-31 09:05:24 +0300
committerGao Xiang <hsiangkao@linux.alibaba.com>2023-10-31 13:59:49 +0300
commit1a0ac8bd7a4fa5b2f4ef14c3b1e9d6e5a5faae06 (patch)
tree44fc7354129097ff2775dcc4c2ede3e3860929e6 /fs/erofs/utils.c
parentf5deddce60b50b55bcafeebaab1408d203b0f204 (diff)
downloadlinux-1a0ac8bd7a4fa5b2f4ef14c3b1e9d6e5a5faae06.tar.xz
erofs: fix erofs_insert_workgroup() lockref usage
As Linus pointed out [1], lockref_put_return() is fundamentally designed to be something that can fail. It behaves as a fastpath-only thing, and the failure case needs to be handled anyway. Actually, since the new pcluster was just allocated without being populated, it won't be accessed by others until it is inserted into XArray, so lockref helpers are actually unneeded here. Let's just set the proper reference count on initializing. [1] https://lore.kernel.org/r/CAHk-=whCga8BeQnJ3ZBh_Hfm9ctba_wpF444LpwRybVNMzO6Dw@mail.gmail.com Fixes: 7674a42f35ea ("erofs: use struct lockref to replace handcrafted approach") Reviewed-by: Chao Yu <chao@kernel.org> Link: https://lore.kernel.org/r/20231031060524.1103921-1-hsiangkao@linux.alibaba.com Signed-off-by: Gao Xiang <hsiangkao@linux.alibaba.com>
Diffstat (limited to 'fs/erofs/utils.c')
-rw-r--r--fs/erofs/utils.c8
1 files changed, 1 insertions, 7 deletions
diff --git a/fs/erofs/utils.c b/fs/erofs/utils.c
index cc6fb9e98899..4256a85719a1 100644
--- a/fs/erofs/utils.c
+++ b/fs/erofs/utils.c
@@ -77,12 +77,7 @@ struct erofs_workgroup *erofs_insert_workgroup(struct super_block *sb,
struct erofs_sb_info *const sbi = EROFS_SB(sb);
struct erofs_workgroup *pre;
- /*
- * Bump up before making this visible to others for the XArray in order
- * to avoid potential UAF without serialized by xa_lock.
- */
- lockref_get(&grp->lockref);
-
+ DBG_BUGON(grp->lockref.count < 1);
repeat:
xa_lock(&sbi->managed_pslots);
pre = __xa_cmpxchg(&sbi->managed_pslots, grp->index,
@@ -96,7 +91,6 @@ repeat:
cond_resched();
goto repeat;
}
- lockref_put_return(&grp->lockref);
grp = pre;
}
xa_unlock(&sbi->managed_pslots);