Pandora Sourcecodes - pandora-kernel.git/commit

author	Al Viro <viro@zeniv.linux.org.uk>
	Tue, 30 Dec 2008 06:52:35 +0000 (01:52 -0500)
committer	Al Viro <viro@zeniv.linux.org.uk>
	Wed, 31 Dec 2008 23:07:43 +0000 (18:07 -0500)
commit	41080b5a240113328c607f22b849f653373db0ce
tree	aa8fd483c241140ebe73b6c71b370f4ad6a12251	tree \| snapshot
parent	261bca86ed4f7f391d1938167624e78da61dcc6b	commit \| diff

nfsd race fixes: ext2

* make ext2_new_inode() put the inode into icache in locked state
* do not unlock until the inode is fully set up; otherwise nfsd
might pick it in half-baked state.
* make sure that ext2_new_inode() does *not* lead to two inodes with the
same inumber hashed at the same time; otherwise a bogus fhandle coming
from nfsd might race with inode creation:

nfsd: iget_locked() creates inode
nfsd: try to read from disk, block on that.
ext2_new_inode(): allocate inode with that inumber
ext2_new_inode(): insert it into icache, set it up and dirty
ext2_write_inode(): get the relevant part of inode table in cache,
set the entry for our inode (and start writing to disk)
nfsd: get CPU again, look into inode table, see nice and sane on-disk
inode, set the in-core inode from it

oops - we have two in-core inodes with the same inumber live in icache,
both used for IO. Welcome to fs corruption...

Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>

fs/ext2/ialloc.c		diff \| blob \| history
fs/ext2/namei.c		diff \| blob \| history