Received: by 2002:ac0:aa62:0:0:0:0:0 with SMTP id w31-v6csp1966771ima; Thu, 25 Oct 2018 07:41:48 -0700 (PDT) X-Google-Smtp-Source: AJdET5cGYaoiHuYI1ebESSSl6xI+qAnc5lB+GCIvUDt7/32uMQ9WH/bxoHj6wejcvdvKnGHPuloe X-Received: by 2002:a62:670f:: with SMTP id b15-v6mr1800867pfc.243.1540478508298; Thu, 25 Oct 2018 07:41:48 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1540478508; cv=none; d=google.com; s=arc-20160816; b=ENgnrPPahumWxNrKULdZNHKZLA5V6kQPwl0lfEqrF2lKZjBXbHia+sINlzpwXchPhK W+gfz/N1CcV6FB6Vsh2THCKhGN5RvorYxhRJ1XaDJ32a0BGlsD9boMdkma8I9lkIvXHj r54NI8cr+QHqWZDW2SumJwHcEE91wGF1k16sOYtKo+D5vlNf1wgNiZKU/7k9itQBkApq m4FVteNqldkvvOoOZdbSNBHQm0wx72NlpK5Iyr55ftVzruvL/b9MOaB6Xwr05EKWVBe0 dkvmHLzOCPest0trAb0TaC2fZa2cBHReqiEXuM55Q239fX5rcFXk+2dxQZWzTj3+ml8h S5eg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature; bh=nNJTH0+Va/pDkZon88xJs37OxQO6hrJl0gaqDganKy4=; b=coPJxi7x/siVjyHWkyACuVTcH5Z2M8qxrW9izxpDFd897kWOucZqWbSS7GjwlwmqXx up1LIn0FZhmKuXhTTg8uGvW8Ipsh4gOO4gzDKjcizK41KMoIolVImCfhexW2oPZc+gNl 1AXoXQM0wIX9pTsq8JtguRhOpiAf4OybA/fgtxlokELxQpGz6a3IQS8629+NUc+NxjMN Cth0L5xF+kZqxYZIwO7vvCRAWNnL9xSuDfV29C3Sr0OtKNSnqKsbv2QivkFZ4RJgq0D1 infacmNdS3uwd/YNw4O8mZHW3p+EmwYSAPexE9JGoqlUZvxQv0c9YcsPpAFI86YYEGJX Bwdw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=sL09Y0wh; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id u8-v6si190803plh.188.2018.10.25.07.41.09; Thu, 25 Oct 2018 07:41:48 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=sL09Y0wh; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729153AbeJYWss (ORCPT + 99 others); Thu, 25 Oct 2018 18:48:48 -0400 Received: from mail.kernel.org ([198.145.29.99]:57614 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729129AbeJYWsr (ORCPT ); Thu, 25 Oct 2018 18:48:47 -0400 Received: from sasha-vm.mshome.net (unknown [167.98.65.38]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 5B5142085A; Thu, 25 Oct 2018 14:15:48 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1540476949; bh=iG19hBEK9GwAqm5FU8Rdr9J4K/4clnKK6EYbRrflYVA=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=sL09Y0whIyT+UPX4OrTHeEoU1ZwEYbN1sWBp527pGBezEOFz9PzALulaUPM4We8Se vnDq7WUIzxc5W+b9tMbTA4C/Kr7EXScFohuZcsu9jFhkMpH/PrJobtoSiqV0iQQdkd 4Z7IEtw44WCs4mwyHJLUc/1boq/OxIV6hPRdwc1E= From: Sasha Levin To: stable@vger.kernel.org, linux-kernel@vger.kernel.org Cc: Eric Ren , Mark Fasheh , Joel Becker , Junxiao Bi , Andrew Morton , Linus Torvalds , Sasha Levin Subject: [PATCH AUTOSEL 4.9 58/98] ocfs2: fix deadlock caused by recursive locking in xattr Date: Thu, 25 Oct 2018 10:13:43 -0400 Message-Id: <20181025141423.213774-58-sashal@kernel.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20181025141423.213774-1-sashal@kernel.org> References: <20181025141423.213774-1-sashal@kernel.org> Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Eric Ren [ Upstream commit 8818efaaacb78c60a9d90c5705b6c99b75d7d442 ] Another deadlock path caused by recursive locking is reported. This kind of issue was introduced since commit 743b5f1434f5 ("ocfs2: take inode lock in ocfs2_iop_set/get_acl()"). Two deadlock paths have been fixed by commit b891fa5024a9 ("ocfs2: fix deadlock issue when taking inode lock at vfs entry points"). Yes, we intend to fix this kind of case in incremental way, because it's hard to find out all possible paths at once. This one can be reproduced like this. On node1, cp a large file from home directory to ocfs2 mountpoint. While on node2, run setfacl/getfacl. Both nodes will hang up there. The backtraces: On node1: __ocfs2_cluster_lock.isra.39+0x357/0x740 [ocfs2] ocfs2_inode_lock_full_nested+0x17d/0x840 [ocfs2] ocfs2_write_begin+0x43/0x1a0 [ocfs2] generic_perform_write+0xa9/0x180 __generic_file_write_iter+0x1aa/0x1d0 ocfs2_file_write_iter+0x4f4/0xb40 [ocfs2] __vfs_write+0xc3/0x130 vfs_write+0xb1/0x1a0 SyS_write+0x46/0xa0 On node2: __ocfs2_cluster_lock.isra.39+0x357/0x740 [ocfs2] ocfs2_inode_lock_full_nested+0x17d/0x840 [ocfs2] ocfs2_xattr_set+0x12e/0xe80 [ocfs2] ocfs2_set_acl+0x22d/0x260 [ocfs2] ocfs2_iop_set_acl+0x65/0xb0 [ocfs2] set_posix_acl+0x75/0xb0 posix_acl_xattr_set+0x49/0xa0 __vfs_setxattr+0x69/0x80 __vfs_setxattr_noperm+0x72/0x1a0 vfs_setxattr+0xa7/0xb0 setxattr+0x12d/0x190 path_setxattr+0x9f/0xb0 SyS_setxattr+0x14/0x20 Fix this one by using ocfs2_inode_{lock|unlock}_tracker, which is exported by commit 439a36b8ef38 ("ocfs2/dlmglue: prepare tracking logic to avoid recursive cluster lock"). Link: http://lkml.kernel.org/r/20170622014746.5815-1-zren@suse.com Fixes: 743b5f1434f5 ("ocfs2: take inode lock in ocfs2_iop_set/get_acl()") Signed-off-by: Eric Ren Reported-by: Thomas Voegtle Tested-by: Thomas Voegtle Reviewed-by: Joseph Qi Cc: Mark Fasheh Cc: Joel Becker Cc: Junxiao Bi Signed-off-by: Andrew Morton Signed-off-by: Linus Torvalds Signed-off-by: Sasha Levin --- fs/ocfs2/dlmglue.c | 4 ++++ fs/ocfs2/xattr.c | 23 +++++++++++++---------- 2 files changed, 17 insertions(+), 10 deletions(-) diff --git a/fs/ocfs2/dlmglue.c b/fs/ocfs2/dlmglue.c index 785fcc29d85d..5729d55da67d 100644 --- a/fs/ocfs2/dlmglue.c +++ b/fs/ocfs2/dlmglue.c @@ -2599,6 +2599,10 @@ void ocfs2_inode_unlock_tracker(struct inode *inode, struct ocfs2_lock_res *lockres; lockres = &OCFS2_I(inode)->ip_inode_lockres; + /* had_lock means that the currect process already takes the cluster + * lock previously. If had_lock is 1, we have nothing to do here, and + * it will get unlocked where we got the lock. + */ if (!had_lock) { ocfs2_remove_holder(lockres, oh); ocfs2_inode_unlock(inode, ex); diff --git a/fs/ocfs2/xattr.c b/fs/ocfs2/xattr.c index 03f6ff249edb..01932763b4d1 100644 --- a/fs/ocfs2/xattr.c +++ b/fs/ocfs2/xattr.c @@ -1330,20 +1330,21 @@ static int ocfs2_xattr_get(struct inode *inode, void *buffer, size_t buffer_size) { - int ret; + int ret, had_lock; struct buffer_head *di_bh = NULL; + struct ocfs2_lock_holder oh; - ret = ocfs2_inode_lock(inode, &di_bh, 0); - if (ret < 0) { - mlog_errno(ret); - return ret; + had_lock = ocfs2_inode_lock_tracker(inode, &di_bh, 0, &oh); + if (had_lock < 0) { + mlog_errno(had_lock); + return had_lock; } down_read(&OCFS2_I(inode)->ip_xattr_sem); ret = ocfs2_xattr_get_nolock(inode, di_bh, name_index, name, buffer, buffer_size); up_read(&OCFS2_I(inode)->ip_xattr_sem); - ocfs2_inode_unlock(inode, 0); + ocfs2_inode_unlock_tracker(inode, 0, &oh, had_lock); brelse(di_bh); @@ -3539,11 +3540,12 @@ int ocfs2_xattr_set(struct inode *inode, { struct buffer_head *di_bh = NULL; struct ocfs2_dinode *di; - int ret, credits, ref_meta = 0, ref_credits = 0; + int ret, credits, had_lock, ref_meta = 0, ref_credits = 0; struct ocfs2_super *osb = OCFS2_SB(inode->i_sb); struct inode *tl_inode = osb->osb_tl_inode; struct ocfs2_xattr_set_ctxt ctxt = { NULL, NULL, NULL, }; struct ocfs2_refcount_tree *ref_tree = NULL; + struct ocfs2_lock_holder oh; struct ocfs2_xattr_info xi = { .xi_name_index = name_index, @@ -3574,8 +3576,9 @@ int ocfs2_xattr_set(struct inode *inode, return -ENOMEM; } - ret = ocfs2_inode_lock(inode, &di_bh, 1); - if (ret < 0) { + had_lock = ocfs2_inode_lock_tracker(inode, &di_bh, 1, &oh); + if (had_lock < 0) { + ret = had_lock; mlog_errno(ret); goto cleanup_nolock; } @@ -3672,7 +3675,7 @@ int ocfs2_xattr_set(struct inode *inode, if (ret) mlog_errno(ret); } - ocfs2_inode_unlock(inode, 1); + ocfs2_inode_unlock_tracker(inode, 1, &oh, had_lock); cleanup_nolock: brelse(di_bh); brelse(xbs.xattr_bh); -- 2.17.1