From mboxrd@z Thu Jan  1 00:00:00 1970
From: Roland Dreier <rdreier@cisco.com>
Subject: Re: [PATCH/RFC 1/2] anon-inodes: Remove fd_install() from anon_inode_getfd()
Date: Thu, 28 Feb 2008 12:24:50 -0800
Message-ID: <adabq60x20d.fsf@cisco.com>
References: <20080225191043.GA32342@lst.de> <adak5kqyzv1.fsf@cisco.com>
	<Pine.LNX.4.64.0802271138170.377@alien.or.mcafeemobile.com>
	<adabq62yx5r.fsf@cisco.com>
	<Pine.LNX.4.64.0802271218210.377@alien.or.mcafeemobile.com>
	<ada7igqyurw.fsf@cisco.com> <adar6eyx8y5.fsf@cisco.com>
	<Pine.LNX.4.64.0802281150060.7660@alien.or.mcafeemobile.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Cc: Christoph Hellwig <hch@lst.de>, linux-fsdevel@vger.kernel.org,
	Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
	Avi Kivity <avi@qumranet.com>, kvm-devel@lists.sourceforge.net,
	Andrew Morton <akpm@linux-foundation.org>,
	Al Viro <viro@ftp.linux.org.uk>
To: Davide Libenzi <davidel@xmailserver.org>
Return-path: <linux-fsdevel-owner@vger.kernel.org>
Received: from sj-iport-3.cisco.com ([171.71.176.72]:40520 "EHLO
	sj-iport-3.cisco.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1760497AbYB1UYy (ORCPT
	<rfc822;linux-fsdevel@vger.kernel.org>);
	Thu, 28 Feb 2008 15:24:54 -0500
In-Reply-To: <Pine.LNX.4.64.0802281150060.7660@alien.or.mcafeemobile.com> (Davide Libenzi's message of "Thu, 28 Feb 2008 12:04:10 -0800 (PST)")
Sender: linux-fsdevel-owner@vger.kernel.org
List-ID: <linux-fsdevel.vger.kernel.org>

 > If we let the caller call fd_install(), then it may be messed up WRT 
 > cleanup (fd, file, inode).

Yes, that is a tiny bit tricky (need to call put_unused_fd() if you
don't install the fd).

 > How about removing the inode pointer handout altogether, and *doing* 
 > fd_install() inside anon_inode_getfd() like:
 > 
 > 	if (pfile != NULL) {
 > 		get_file(file);
 > 		*pfile = file;
 > 	}
 > 	fd_install(fd, file);
 > 
 > In this way, if the caller want the file* back, he gets the reference 
 > bumped before fd_install().

I think that may be a bit cleaner than Al's approach, but it still
leaves the same trap that create_vcpu_fd() falls into.  The current
code is:

static int create_vcpu_fd(struct kvm_vcpu *vcpu)
{
	int fd, r;
	struct inode *inode;
	struct file *file;

	r = anon_inode_getfd(&fd, &inode, &file,
			     "kvm-vcpu", &kvm_vcpu_fops, vcpu);
	if (r)
		return r;
	atomic_inc(&vcpu->kvm->filp->f_count);
	return fd;
}

and with your proposal, the natural way to write that becomes:

static int create_vcpu_fd(struct kvm_vcpu *vcpu)
{
	int fd, r;

	r = anon_inode_getfd(&fd, NULL,
			     "kvm-vcpu", &kvm_vcpu_fops, vcpu);
	if (r)
		return r;
	atomic_inc(&vcpu->kvm->filp->f_count);
	return fd;
}

which still has the same bug.

Maybe a good way to handle this is just to make the get_file() not
optional.  I dunno... I feel like we've spent more discussion on this
point than it deserves, so someone should just make a decision and
I'll adapt the ib_uverbs code to work with whatever it is.

 - R.