nfsd: ensure that clp->cl_revoked list is protected by clp->cl_lock
authorJeff Layton <jlayton@primarydata.com>
Fri, 25 Jul 2014 11:34:21 +0000 (07:34 -0400)
committerJ. Bruce Fields <bfields@redhat.com>
Tue, 29 Jul 2014 18:49:53 +0000 (14:49 -0400)
commit2d4a532d385f635ab8243b88db3136bb52a0bc29
treee2026e20cdb779594e5a866b5d0f5ba2bd0c9752
parent4269067696a1e0c6eef99f631aa3877d860df755
nfsd: ensure that clp->cl_revoked list is protected by clp->cl_lock

Currently, both destroy_revoked_delegation and revoke_delegation
manipulate the cl_revoked list without any locking aside from the
client_mutex. Ensure that the clp->cl_lock is held when manipulating it,
except for the list walking in destroy_client. At that point, the client
should no longer be in use, and so it should be safe to walk the list
without any locking. That also means that we don't need to do the
list_splice_init there either.

Also, the fact that revoke_delegation deletes dl_recall_lru list_head
without any locking makes it difficult to know whether it's doing so
safely in all cases. Move the list_del_init calls into the callers, and
add a WARN_ON in the event that t's passed a delegation that has a
non-empty list_head.

Signed-off-by: Jeff Layton <jlayton@primarydata.com>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Signed-off-by: J. Bruce Fields <bfields@redhat.com>
fs/nfsd/nfs4state.c