vfs: avoid exposing partially constructed vnodes

If multiple threads race calling vfs_hash_insert() while creating vnodes with the same identity, all of the vnodes which lose the race must be destroyed before any other thread can see them. Previously this was accomplished by the vput() in vfs_hash_insert() resulting in the vnode's VOP_INACTIVE() method calling vgone() before the vnode lock was unlocked, but at some point changes to the the vnode refcount/inactive logic have caused that to no longer work, leading to crashes, so instead vfs_hash_insert() must call vgone() itself before calling vput() on vnodes which lose the race. Reviewed by: mjg, kib Sponsored by: Netflix Differential Revision: https://reviews.freebsd.org/D26291
freebsd · Sep 5, 2020 · a0a36d4 · a0a36d4
1 parent 67d224e
commit a0a36d4
Showing 1 changed file with 1 addition and 0 deletions.
diff --git a/sys/kern/vfs_hash.c b/sys/kern/vfs_hash.c
@@ -172,6 +172,7 @@ vfs_hash_insert(struct vnode *vp, u_int hash, int flags, struct thread *td,
 			rw_wlock(&vfs_hash_lock);
 			LIST_INSERT_HEAD(&vfs_hash_side, vp, v_hashlist);
 			rw_wunlock(&vfs_hash_lock);
+			vgone(vp);
 			vput(vp);
 			if (!error)
 				*vpp = vp2;