eventfs: Remove "is_freed" union with rcu head

commit f2f496370afcbc5227d7002da28c74b91fed12ff upstream

The eventfs_inode->is_freed was a union with the rcu_head with the
assumption that when it was on the srcu list the head would contain a
pointer which would make "is_freed" true. But that was a wrong assumption
as the rcu head is a single link list where the last element is NULL.

Instead, split the nr_entries integer so that "is_freed" is one bit and
the nr_entries is the next 31 bits. As there shouldn't be more than 10
(currently there's at most 5 to 7 depending on the config), this should
not be a problem.

Link: https://lkml.kernel.org/r/20231101172649.049758712@goodmis.org
Cc: stable@vger.kernel.org
Cc: Mark Rutland <mark.rutland@arm.com>
Cc: Andrew Morton <akpm@linux-foundation.org>
Cc: Ajay Kaher <akaher@vmware.com>
Fixes: 63940449555e7 ("eventfs: Implement eventfs lookup, read, open functions")
Reviewed-by: Masami Hiramatsu (Google) <mhiramat@kernel.org>
Signed-off-by: Steven Rostedt (Google) <rostedt@goodmis.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

diff --git a/fs/tracefs/event_inode.c b/fs/tracefs/event_inode.c
index 8c8d64e76103e130aeab0a8f913822abf1b0b5af..a64d8fa39e5400fa40c9efdf9efb086343ee90da 100644 (file)
--- a/fs/tracefs/event_inode.c
+++ b/fs/tracefs/event_inode.c
@@ -38,6 +38,7 @@ struct eventfs_inode {
  * @fop:       file_operations for file or directory
  * @iop:       inode_operations for file or directory
  * @data:      something that the caller will want to get to later on
+ * @is_freed:  Flag set if the eventfs is on its way to be freed
  * @mode:      the permission that the file or directory should have
  */
 struct eventfs_file {
@@ -52,15 +53,14 @@ struct eventfs_file {
         * Union - used for deletion
         * @del_list:   list of eventfs_file to delete
         * @rcu:        eventfs_file to delete in RCU
-        * @is_freed:   node is freed if one of the above is set
         */
        union {
                struct list_head        del_list;
                struct rcu_head         rcu;
-               unsigned long           is_freed;
        };
        void                            *data;
-       umode_t                         mode;
+       unsigned int                    is_freed:1;
+       unsigned int                    mode:31;
 };
 
 static DEFINE_MUTEX(eventfs_mutex);
@@ -814,6 +814,8 @@ static void eventfs_remove_rec(struct eventfs_file *ef, struct list_head *head,
                }
        }
 
+       ef->is_freed = 1;
+
        list_del_rcu(&ef->list);
        list_add_tail(&ef->del_list, head);
 }