From: Stefan Hajnoczi <stefanha@redhat.com>
Date: Mon, 27 Jan 2020 19:02:08 +0000
Subject: [PATCH] virtiofsd: rename inode->refcount to inode->nlookup
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
This reference counter plays a specific role in the FUSE protocol. It's
not a generic object reference counter and the FUSE kernel code calls it
"nlookup".
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Dr. David Alan Gilbert <dgilbert@redhat.com>
(cherry picked from commit 1222f015558fc34cea02aa3a5a92de608c82cec8)
---
tools/virtiofsd/passthrough_ll.c | 37 +++++++++++++++++++++-----------
1 file changed, 25 insertions(+), 12 deletions(-)
diff --git a/tools/virtiofsd/passthrough_ll.c b/tools/virtiofsd/passthrough_ll.c
index 2d703b57e5..c819b5f782 100644
--- a/tools/virtiofsd/passthrough_ll.c
+++ b/tools/virtiofsd/passthrough_ll.c
@@ -99,7 +99,20 @@ struct lo_inode {
int fd;
bool is_symlink;
struct lo_key key;
- uint64_t refcount; /* protected by lo->mutex */
+
+ /*
+ * This counter keeps the inode alive during the FUSE session.
+ * Incremented when the FUSE inode number is sent in a reply
+ * (FUSE_LOOKUP, FUSE_READDIRPLUS, etc). Decremented when an inode is
+ * released by requests like FUSE_FORGET, FUSE_RMDIR, FUSE_RENAME, etc.
+ *
+ * Note that this value is untrusted because the client can manipulate
+ * it arbitrarily using FUSE_FORGET requests.
+ *
+ * Protected by lo->mutex.
+ */
+ uint64_t nlookup;
+
fuse_ino_t fuse_ino;
pthread_mutex_t plock_mutex;
GHashTable *posix_locks; /* protected by lo_inode->plock_mutex */
@@ -568,7 +581,7 @@ retry:
if (last == path) {
p = &lo->root;
pthread_mutex_lock(&lo->mutex);
- p->refcount++;
+ p->nlookup++;
pthread_mutex_unlock(&lo->mutex);
} else {
*last = '\0';
@@ -786,8 +799,8 @@ static struct lo_inode *lo_find(struct lo_data *lo, struct stat *st)
pthread_mutex_lock(&lo->mutex);
p = g_hash_table_lookup(lo->inodes, &key);
if (p) {
- assert(p->refcount > 0);
- p->refcount++;
+ assert(p->nlookup > 0);
+ p->nlookup++;
}
pthread_mutex_unlock(&lo->mutex);
@@ -855,7 +868,7 @@ static int lo_do_lookup(fuse_req_t req, fuse_ino_t parent, const char *name,
}
inode->is_symlink = S_ISLNK(e->attr.st_mode);
- inode->refcount = 1;
+ inode->nlookup = 1;
inode->fd = newfd;
newfd = -1;
inode->key.ino = e->attr.st_ino;
@@ -1112,7 +1125,7 @@ static void lo_link(fuse_req_t req, fuse_ino_t ino, fuse_ino_t parent,
}
pthread_mutex_lock(&lo->mutex);
- inode->refcount++;
+ inode->nlookup++;
pthread_mutex_unlock(&lo->mutex);
e.ino = inode->fuse_ino;
@@ -1193,9 +1206,9 @@ static void unref_inode_lolocked(struct lo_data *lo, struct lo_inode *inode,
}
pthread_mutex_lock(&lo->mutex);
- assert(inode->refcount >= n);
- inode->refcount -= n;
- if (!inode->refcount) {
+ assert(inode->nlookup >= n);
+ inode->nlookup -= n;
+ if (!inode->nlookup) {
lo_map_remove(&lo->ino_map, inode->fuse_ino);
g_hash_table_remove(lo->inodes, &inode->key);
if (g_hash_table_size(inode->posix_locks)) {
@@ -1216,7 +1229,7 @@ static int unref_all_inodes_cb(gpointer key, gpointer value, gpointer user_data)
struct lo_inode *inode = value;
struct lo_data *lo = user_data;
- inode->refcount = 0;
+ inode->nlookup = 0;
lo_map_remove(&lo->ino_map, inode->fuse_ino);
close(inode->fd);
@@ -1241,7 +1254,7 @@ static void lo_forget_one(fuse_req_t req, fuse_ino_t ino, uint64_t nlookup)
}
fuse_log(FUSE_LOG_DEBUG, " forget %lli %lli -%lli\n",
- (unsigned long long)ino, (unsigned long long)inode->refcount,
+ (unsigned long long)ino, (unsigned long long)inode->nlookup,
(unsigned long long)nlookup);
unref_inode_lolocked(lo, inode, nlookup);
@@ -2609,7 +2622,7 @@ static void setup_root(struct lo_data *lo, struct lo_inode *root)
root->fd = fd;
root->key.ino = stat.st_ino;
root->key.dev = stat.st_dev;
- root->refcount = 2;
+ root->nlookup = 2;
}
static guint lo_key_hash(gconstpointer key)