Quoting Rob Landley (rlandley@xxxxxxxxxxxxx): > On 04/08/2011 10:08 AM, Rob Landley wrote: > > On 04/04/2011 10:46 PM, Serge E. Hallyn wrote: > >> Does this need to take a reference? Or is there no way for an > >> entry to outlive its netns? It sort of looks like > >> svcauth_unix_info_release will ensure that doesn't happen, but > >> I'm not convinced because other parts of the kernel can get > >> to ip_map_init through the struct cache_detail. > > > > When I wrote this I thought the transport's get_net() and put_net() > > would pin it, but after re-reading, the sunrpc code is disgustingly > > convoluted enough that I can't easily reconstruct my earlier reasoning. > > I'll add a get_net() and put_net() just to not have to worry about it. > > Ah-ha! > > Stanislav Kinsbursky helped me reconstruct some of the reasoning: we > don't need to take a reference because we never actually dereference the > struct net *, all we do is feed them to net_eq() which just compares the > pointers for equality. (The inline function exists so it can compile to > a constant "return 1" when configured out.) > > So if the network context did go away (which still shouldn't happen > between the rpc_xprt and the struct nfs_client having references to it) > we still wouldn't have a use-after-free problem because we're not > looking at the memory, just the pointer. Besides use-after-free, the other concern is an invalid net_eq() result due to the * being re-used for a new netns. I assume that's deemed "super-duper impossible" again bc of the rpc_xprt/nfs_client references to it? > So I shouldn't need to add get_net() and put_net() to the cache. Sound > about right? thanks, -serge -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
