On 04/08/2011 10:08 AM, Rob Landley wrote: > On 04/04/2011 10:46 PM, Serge E. Hallyn wrote: >> Does this need to take a reference? Or is there no way for an >> entry to outlive its netns? It sort of looks like >> svcauth_unix_info_release will ensure that doesn't happen, but >> I'm not convinced because other parts of the kernel can get >> to ip_map_init through the struct cache_detail. > > When I wrote this I thought the transport's get_net() and put_net() > would pin it, but after re-reading, the sunrpc code is disgustingly > convoluted enough that I can't easily reconstruct my earlier reasoning. > I'll add a get_net() and put_net() just to not have to worry about it. Ah-ha! Stanislav Kinsbursky helped me reconstruct some of the reasoning: we don't need to take a reference because we never actually dereference the struct net *, all we do is feed them to net_eq() which just compares the pointers for equality. (The inline function exists so it can compile to a constant "return 1" when configured out.) So if the network context did go away (which still shouldn't happen between the rpc_xprt and the struct nfs_client having references to it) we still wouldn't have a use-after-free problem because we're not looking at the memory, just the pointer. So I shouldn't need to add get_net() and put_net() to the cache. Sound about right? Rob -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
