[PATCH] xfs: Convert from atomic_t to refcount_t on xlog_ticket->t_ref

From: Xiyu Yang
Date: Sat Jul 17 2021 - 06:22:09 EST

Next message: Kelvin Cheung: "Re: [PATCH V5] dmaengine: Loongson1: Add Loongson1 dmaengine driver"
Previous message: Xiyu Yang: "[PATCH] vhost_net: Convert from atomic_t to refcount_t on vhost_net_ubuf_ref->refcount"
Next in thread: Darrick J. Wong: "Re: [PATCH] xfs: Convert from atomic_t to refcount_t on xlog_ticket->t_ref"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

refcount_t type and corresponding API can protect refcounters from
accidental underflow and overflow and further use-after-free situations.

Signed-off-by: Xiyu Yang <xiyuyang19@xxxxxxxxxxxx>
Signed-off-by: Xin Tan <tanxin.ctf@xxxxxxxxx>
---
fs/xfs/xfs_log.c | 10 +++++-----
fs/xfs/xfs_log_priv.h | 4 +++-
2 files changed, 8 insertions(+), 6 deletions(-)

diff --git a/fs/xfs/xfs_log.c b/fs/xfs/xfs_log.c
index 36fa2650b081..1da711f1a229 100644
--- a/fs/xfs/xfs_log.c
+++ b/fs/xfs/xfs_log.c
@@ -3347,8 +3347,8 @@ void
xfs_log_ticket_put(
xlog_ticket_t *ticket)
{
- ASSERT(atomic_read(&ticket->t_ref) > 0);
- if (atomic_dec_and_test(&ticket->t_ref))
+ ASSERT(refcount_read(&ticket->t_ref) > 0);
+ if (refcount_dec_and_test(&ticket->t_ref))
kmem_cache_free(xfs_log_ticket_zone, ticket);
}

@@ -3356,8 +3356,8 @@ xlog_ticket_t *
xfs_log_ticket_get(
xlog_ticket_t *ticket)
{
- ASSERT(atomic_read(&ticket->t_ref) > 0);
- atomic_inc(&ticket->t_ref);
+ ASSERT(refcount_read(&ticket->t_ref) > 0);
+ refcount_inc(&ticket->t_ref);
return ticket;
}

@@ -3477,7 +3477,7 @@ xlog_ticket_alloc(

unit_res = xlog_calc_unit_res(log, unit_bytes);

- atomic_set(&tic->t_ref, 1);
+ refcount_set(&tic->t_ref, 1);
tic->t_task = current;
INIT_LIST_HEAD(&tic->t_queue);
tic->t_unit_res = unit_res;
diff --git a/fs/xfs/xfs_log_priv.h b/fs/xfs/xfs_log_priv.h
index 4c41bbfa33b0..c4157d87cea4 100644
--- a/fs/xfs/xfs_log_priv.h
+++ b/fs/xfs/xfs_log_priv.h
@@ -6,6 +6,8 @@
#ifndef __XFS_LOG_PRIV_H__
#define __XFS_LOG_PRIV_H__

+#include <linux/refcount.h>
+
struct xfs_buf;
struct xlog;
struct xlog_ticket;
@@ -163,7 +165,7 @@ typedef struct xlog_ticket {
struct list_head t_queue; /* reserve/write queue */
struct task_struct *t_task; /* task that owns this ticket */
xlog_tid_t t_tid; /* transaction identifier : 4 */
- atomic_t t_ref; /* ticket reference count : 4 */
+ refcount_t t_ref; /* ticket reference count : 4 */
int t_curr_res; /* current reservation in bytes : 4 */
int t_unit_res; /* unit reservation in bytes : 4 */
char t_ocnt; /* original count : 1 */
--
2.7.4

Next message: Kelvin Cheung: "Re: [PATCH V5] dmaengine: Loongson1: Add Loongson1 dmaengine driver"
Previous message: Xiyu Yang: "[PATCH] vhost_net: Convert from atomic_t to refcount_t on vhost_net_ubuf_ref->refcount"
Next in thread: Darrick J. Wong: "Re: [PATCH] xfs: Convert from atomic_t to refcount_t on xlog_ticket->t_ref"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]