io_uring: don't take task ring-file notes
With ->flush() gone we're now leaving all uring file notes until the
task dies/execs, so the ctx will not be freed until all tasks that have
ever submit a request die. It was nicer with flush but not much, we
could have locked as described ctx in many cases.
Now we guarantee that ctx outlives all tctx in a sense that
io_ring_exit_work() waits for all tctxs to drop their corresponding
enties in ->xa, and ctx won't go away until then. Hence, additional
io_uring file reference (a.k.a. task file notes) are not needed anymore.
Signed-off-by: Pavel Begunkov <asml.silence@gmail.com>
Signed-off-by: Jens Axboe <axboe@kernel.dk>
diff --git a/fs/io_uring.c b/fs/io_uring.c
index 8a4ab86..f44821326 100644
--- a/fs/io_uring.c
+++ b/fs/io_uring.c
@@ -8821,11 +8821,9 @@ static int io_uring_add_task_file(struct io_ring_ctx *ctx, struct file *file)
node->file = file;
node->task = current;
- get_file(file);
ret = xa_err(xa_store(&tctx->xa, (unsigned long)file,
node, GFP_KERNEL));
if (ret) {
- fput(file);
kfree(node);
return ret;
}
@@ -8856,6 +8854,8 @@ static void io_uring_del_task_file(unsigned long index)
struct io_uring_task *tctx = current->io_uring;
struct io_tctx_node *node;
+ if (!tctx)
+ return;
node = xa_erase(&tctx->xa, index);
if (!node)
return;
@@ -8869,7 +8869,6 @@ static void io_uring_del_task_file(unsigned long index)
if (tctx->last == node->file)
tctx->last = NULL;
- fput(node->file);
kfree(node);
}
