review.tizen.org Git - platform/kernel/linux-starfive.git/commit

author	Ying Xue <ying.xue@windriver.com>
	Thu, 26 Mar 2015 10:10:24 +0000 (18:10 +0800)
committer	David S. Miller <davem@davemloft.net>
	Sun, 29 Mar 2015 19:40:28 +0000 (12:40 -0700)
commit	8a0f6ebe8494c5c6ccfe12264385b64c280e3241
tree	2f106a95ffda73b8e8f1596cc95152398cd5379b	tree \| snapshot
parent	b952b2befb6f6b009e91f087285b9a0a6beb1cc8	commit \| diff

tipc: involve reference counter for node structure

TIPC node hash node table is protected with rcu lock on read side.
tipc_node_find() is used to look for a node object with node address
through iterating the hash node table. As the entire process of what
tipc_node_find() traverses the table is guarded with rcu read lock,
it's safe for us. However, when callers use the node object returned
by tipc_node_find(), there is no rcu read lock applied. Therefore,
this is absolutely unsafe for callers of tipc_node_find().

Now we introduce a reference counter for node structure. Before
tipc_node_find() returns node object to its caller, it first increases
the reference counter. Accordingly, after its caller used it up,
it decreases the counter again. This can prevent a node being used by
one thread from being freed by another thread.

Reviewed-by: Erik Hugne <erik.hugne@ericsson.com>
Reviewed-by: Jon Maloy <jon.maloy@ericson.com>
Signed-off-by: Ying Xue <ying.xue@windriver.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

net/tipc/bcast.c		diff \| blob \| history
net/tipc/discover.c		diff \| blob \| history
net/tipc/link.c		diff \| blob \| history
net/tipc/name_distr.c		diff \| blob \| history
net/tipc/node.c		diff \| blob \| history
net/tipc/node.h		diff \| blob \| history