From mboxrd@z Thu Jan  1 00:00:00 1970
From: Bob Peterson <rpeterso@redhat.com>
Date: Thu, 29 Oct 2015 15:47:52 -0400 (EDT)
Subject: [Cluster-devel] [GFS2 PATCH v2] GFS2: Protect freeing directory
 hash table with i_lock spin_lock
In-Reply-To: <1744548592.67923378.1446147842477.JavaMail.zimbra@redhat.com>
Message-ID: <93040260.67926194.1446148072277.JavaMail.zimbra@redhat.com>
List-Id: <cluster-devel.redhat.com>
To: cluster-devel.redhat.com
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit

Hi,

This is a re-spin of a patch I posted earlier today.
Andy Price pointed out that my comment was wrong: The race concerns
gfs2_evict_inode, not gfs2_clear_inode (as the previous version's
comment indicated). Function gfs2_clear_inode exists in RHEL6 and
earlier, but not in upstream.

Revised patch description:

This patch changes function gfs2_dir_hash_inval so it uses the
i_lock spin_lock to protect the in-core hash table, i_hash_cache.
This will prevent double-frees due to a race between gfs2_evict_inode
and inode invalidation.

Signed-off-by: Bob Peterson <rpeterso@redhat.com>
---
diff --git a/fs/gfs2/dir.c b/fs/gfs2/dir.c
index 487527b..ad8a5b7 100644
--- a/fs/gfs2/dir.c
+++ b/fs/gfs2/dir.c
@@ -388,8 +388,13 @@ static __be64 *gfs2_dir_get_hash_table(struct gfs2_inode *ip)
  */
 void gfs2_dir_hash_inval(struct gfs2_inode *ip)
 {
-	__be64 *hc = ip->i_hash_cache;
+	__be64 *hc;
+
+	spin_lock(&ip->i_inode.i_lock);
+	hc = ip->i_hash_cache;
 	ip->i_hash_cache = NULL;
+	spin_unlock(&ip->i_inode.i_lock);
+
 	kvfree(hc);
 }