Return-Path: Received: from mail-vk0-f67.google.com ([209.85.213.67]:36660 "EHLO mail-vk0-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751935AbdBMLm6 (ORCPT ); Mon, 13 Feb 2017 06:42:58 -0500 MIME-Version: 1.0 In-Reply-To: <20170213103815.GA5131@infradead.org> References: <1486625901-10094-1-git-send-email-dwindsor@gmail.com> <1486816302.4233.29.camel@poochiereds.net> <20170213103815.GA5131@infradead.org> From: David Windsor Date: Mon, 13 Feb 2017 06:42:56 -0500 Message-ID: Subject: Re: [RFC][PATCH] nfsd: add +1 to reference counting scheme for struct nfsd4_session To: Christoph Hellwig Cc: Jeff Layton , linux-nfs@vger.kernel.org, netdev@vger.kernel.org, kernel-hardening@lists.openwall.com, Bruce Fields , Kees Cook , "Reshetova, Elena" Content-Type: text/plain; charset=UTF-8 Sender: linux-nfs-owner@vger.kernel.org List-ID: On Mon, Feb 13, 2017 at 5:38 AM, Christoph Hellwig wrote: > On Sat, Feb 11, 2017 at 09:01:15AM -0500, David Windsor wrote: >> I'm not sure there's another way to accomplish what we need >> (initializing struct nfsd4_session objects with refcount=1) without >> also modifying the freeable reference state. After migrating to the >> refcount_t API, if we leave init_session() as is, the first call to >> nfsd4_get_session_locked() will fail: > > Which is a pretty clear indicator that this code should simply not > migrate to the recount_t API. Why was it even considered if the > conversion is obviously broken? I'm not sure this is a sound argument for not converting to refcount_t. In other locations in which refcounting schemes are "unnatural," i.e. freeing refcounted objects when their refcount is -1 (rather than 0), conversion to refcount_t is accomplished by performing a logical +1 to the overall refcounting scheme. We're auditing all refcounting corner cases, such as these, to see if similar solutions can be found. Thanks, David