afs: Fix refcounting in callback registration
authorDavid Howells <dhowells@redhat.com>
Thu, 10 May 2018 07:43:04 +0000 (08:43 +0100)
committerDavid Howells <dhowells@redhat.com>
Mon, 14 May 2018 12:17:35 +0000 (13:17 +0100)
commitd4a96bec7a7362834ef5c31d7b2cc9bf36eb0570
tree003ec92ab854c87f1ebbdbb4ee38e7b8a99e870a
parentf2686b09269ec1a6f23028b5675d87c3b4579a4c
afs: Fix refcounting in callback registration

The refcounting on afs_cb_interest struct objects in
afs_register_server_cb_interest() is wrong as it uses the server list
entry's call back interest pointer without regard for the fact that it
might be replaced at any time and the object thrown away.

Fix this by:

 (1) Put a lock on the afs_server_list struct that can be used to
     mediate access to the callback interest pointers in the servers array.

 (2) Keep a ref on the callback interest that we get from the entry.

 (3) Dropping the old reference held by vnode->cb_interest if we replace
     the pointer.

Fixes: c435ee34551e ("afs: Overhaul the callback handling")
Signed-off-by: David Howells <dhowells@redhat.com>
fs/afs/callback.c
fs/afs/internal.h
fs/afs/rotate.c
fs/afs/server_list.c