svn commit: r351825 - head/sys/kern

[Mateusz Guzik]

Author: mjg
Date: Wed Sep  4 19:23:18 2019
New Revision: 351825
URL: https://svnweb.freebsd.org/changeset/base/351825

Log:
  vfs: fully hold vnodes in vnlru_free_locked
  
  Currently the code only bumps holdcnt and clears the VI_FREE flag, not
  performing actual vhold. Since the vnode is still visible elsewhere, a
  potential new user can find it and incorrectly assume it is properly held.
  
  Use vholdl instead to correctly hold the vnode. Another place recycling
  (vlrureclaim) does this already.
  
  Reviewed by:	kib
  Sponsored by:	The FreeBSD Foundation
  Differential Revision:	https://reviews.freebsd.org/D21522

Modified:
  head/sys/kern/vfs_subr.c

Modified: head/sys/kern/vfs_subr.c
==============================================================================
--- head/sys/kern/vfs_subr.c	Wed Sep  4 19:19:23 2019	(r351824)
+++ head/sys/kern/vfs_subr.c	Wed Sep  4 19:23:18 2019	(r351825)
@@ -1102,7 +1102,6 @@ vnlru_free_locked(int count, struct vfsops *mnt_op)
 		    ("Removing vnode not on freelist"));
 		KASSERT((vp->v_iflag & VI_ACTIVE) == 0,
 		    ("Mangling active vnode"));
-		TAILQ_REMOVE(&vnode_free_list, vp, v_actfreelist);
 
 		/*
 		 * Don't recycle if our vnode is from different type
@@ -1114,7 +1113,6 @@ vnlru_free_locked(int count, struct vfsops *mnt_op)
 		 */
 		if ((mnt_op != NULL && (mp = vp->v_mount) != NULL &&
 		    mp->mnt_op != mnt_op) || !VI_TRYLOCK(vp)) {
-			TAILQ_INSERT_TAIL(&vnode_free_list, vp, v_actfreelist);
 			continue;
 		}
 		VNASSERT((vp->v_iflag & VI_FREE) != 0 && vp->v_holdcnt == 0,
@@ -1129,11 +1127,8 @@ vnlru_free_locked(int count, struct vfsops *mnt_op)
 		 * activating.
 		 */
 		freevnodes--;
-		vp->v_iflag &= ~VI_FREE;
-		VNODE_REFCOUNT_FENCE_REL();
-		refcount_acquire(&vp->v_holdcnt);
-
 		mtx_unlock(&vnode_free_list_mtx);
+		vholdl(vp);
 		VI_UNLOCK(vp);
 		vtryrecycle(vp);
 		/*