[PATCH 4/4] fs, afs: convert afs_volume.usage from atomic_t to refcount_t

From: Elena Reshetova
Date: Tue Feb 21 2017 - 10:45:10 EST

Next message: Juergen Gross: "Re: [PATCH] xen: do not re-use pirq number cached in pci device msi msg data"
Previous message: Elena Reshetova: "[PATCH 3/4] fs, afs: convert afs_server.usage from atomic_t to refcount_t"
In reply to: Elena Reshetova: "[PATCH 3/4] fs, afs: convert afs_server.usage from atomic_t to refcount_t"
Next in thread: David Howells: "Re: [PATCH 1/4] fs, afs: convert afs_cell.usage from atomic_t to refcount_t"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

refcount_t type and corresponding API should be
used instead of atomic_t when the variable is used as
a reference counter. This allows to avoid accidental
refcounter overflows that might lead to use-after-free
situations.

Signed-off-by: Elena Reshetova <elena.reshetova@xxxxxxxxx>
Signed-off-by: Hans Liljestrand <ishkamiel@xxxxxxxxx>
Signed-off-by: Kees Cook <keescook@xxxxxxxxxxxx>
Signed-off-by: David Windsor <dwindsor@xxxxxxxxx>
---
fs/afs/internal.h | 4 ++--
fs/afs/volume.c | 6 +++---
2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/fs/afs/internal.h b/fs/afs/internal.h
index 127567c..8f05daf 100644
--- a/fs/afs/internal.h
+++ b/fs/afs/internal.h
@@ -302,7 +302,7 @@ struct afs_server {
* AFS volume access record
*/
struct afs_volume {
- atomic_t usage;
+ refcount_t usage;
struct afs_cell *cell; /* cell to which belongs (unrefd ptr) */
struct afs_vlocation *vlocation; /* volume location */
#ifdef CONFIG_AFS_FSCACHE
@@ -694,7 +694,7 @@ extern int afs_vnode_release_lock(struct afs_vnode *, struct key *);
/*
* volume.c
*/
-#define afs_get_volume(V) do { atomic_inc(&(V)->usage); } while(0)
+#define afs_get_volume(V) do { refcount_inc(&(V)->usage); } while(0)

extern void afs_put_volume(struct afs_volume *);
extern struct afs_volume *afs_volume_lookup(struct afs_mount_params *);
diff --git a/fs/afs/volume.c b/fs/afs/volume.c
index 546f9d0..6590606 100644
--- a/fs/afs/volume.c
+++ b/fs/afs/volume.c
@@ -100,7 +100,7 @@ struct afs_volume *afs_volume_lookup(struct afs_mount_params *params)
if (!volume)
goto error_up;

- atomic_set(&volume->usage, 1);
+ refcount_set(&volume->usage, 1);
volume->type = params->type;
volume->type_force = params->force;
volume->cell = params->cell;
@@ -180,7 +180,7 @@ void afs_put_volume(struct afs_volume *volume)

_enter("%p", volume);

- ASSERTCMP(atomic_read(&volume->usage), >, 0);
+ ASSERTCMP(refcount_read(&volume->usage), >, 0);

vlocation = volume->vlocation;

@@ -188,7 +188,7 @@ void afs_put_volume(struct afs_volume *volume)
* atomic */
down_write(&vlocation->cell->vl_sem);

- if (likely(!atomic_dec_and_test(&volume->usage))) {
+ if (likely(!refcount_dec_and_test(&volume->usage))) {
up_write(&vlocation->cell->vl_sem);
_leave("");
return;
--
2.7.4

Next message: Juergen Gross: "Re: [PATCH] xen: do not re-use pirq number cached in pci device msi msg data"
Previous message: Elena Reshetova: "[PATCH 3/4] fs, afs: convert afs_server.usage from atomic_t to refcount_t"
In reply to: Elena Reshetova: "[PATCH 3/4] fs, afs: convert afs_server.usage from atomic_t to refcount_t"
Next in thread: David Howells: "Re: [PATCH 1/4] fs, afs: convert afs_cell.usage from atomic_t to refcount_t"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]