Received: by 2002:ac0:946b:0:0:0:0:0 with SMTP id j40csp3842954imj; Tue, 12 Feb 2019 05:41:59 -0800 (PST) X-Google-Smtp-Source: AHgI3IbWpokChu9hoFbyw0I/dOss9veM+lGP11LjrQbjL5ONtn+BwIntxJrI7cMLJ4AZd21y31fF X-Received: by 2002:a63:535c:: with SMTP id t28mr3793089pgl.128.1549978919003; Tue, 12 Feb 2019 05:41:59 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1549978918; cv=none; d=google.com; s=arc-20160816; b=lBxFUMC4fCOfZ0O3wEEp5pbwVNjZfCdow4YeT+iXSfRl08MkEsW2zYJw97tJPTMwom Nep9bQ1BfXqeXm26ummCbDcLUpiElZ882GCycUsDlo9xh/s0ysLNDlafj6GrkxJNwBCM 5KNMYw59wL1F8ZxDcKNgWCcZhk+/No3KoMgSx783sOEKBNcmSyL/vVbt1jmXMDhZ/z1L hQCVgDc7zUpFQx2i8A/iG2J6b/OEy0rmtVrGqxUx/X/utQNjjc+XpVJvVBmzrS07kVBI peeVNuKxXp7csqXae0gQ/7YueW0KfzEyb+2HX90G46rXrLHGoRgu6r9zOar1rYMCk8ZY g4tg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:dkim-signature; bh=c5TOuGrQ+VF3jI2wWFU64HANCazjU6JKCsapIQL56xg=; b=uYJ0pkL2xp6TJLn7NvhH4EfqujHUzqvSagYKZ7/Vq5xypAtdGyRE1wP81ijj6OM+fm d0RA5sPb5MH42QJEq7Ip+CbJPzPqnPn/qUt2FkiUnY7lfGqT4wMlpOMHyQIkei9W36Om UnVwlU4ChPYAPPm5CxT1/Ro5edoAmuvBm++KQ4Ezs9tEsKyGHa58MmFbdZBAdOhurKfY wnR65yyLDT5hiNZTzW6SID5QQNphV1AnrMktGBwxVtIoI6ZD7z/KdT1tnNVXOYg9hVEN 9lhHEliaYavGeN8dyhjE8/ePps/r0ArgvURiiKPLWcdc9wxpEaY8k3A/l7YOZpl9wvcS 5gzA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=oAfGh3aL; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id x2si9602199pgr.341.2019.02.12.05.41.36; Tue, 12 Feb 2019 05:41:58 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=oAfGh3aL; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729903AbfBLNjx (ORCPT + 99 others); Tue, 12 Feb 2019 08:39:53 -0500 Received: from mail-yb1-f178.google.com ([209.85.219.178]:43773 "EHLO mail-yb1-f178.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728126AbfBLNjw (ORCPT ); Tue, 12 Feb 2019 08:39:52 -0500 Received: by mail-yb1-f178.google.com with SMTP id s76so1010867ybs.10; Tue, 12 Feb 2019 05:39:52 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=c5TOuGrQ+VF3jI2wWFU64HANCazjU6JKCsapIQL56xg=; b=oAfGh3aLezK+RVJXZn6zTbeshDTDat0dXxk/X9zW1pd2GvsWmzH78H+fPY9lQjeXPt wDrm0RoP3xr87E1fyaYRHNh38eLeKKZi/Yqte4ykcBj8yzyBMBUozceXJiy8z4L6b1oA 2SGiP5tZ1MBKmZQ+m19TpMCHHEd/2Z042fQe1X6zjsKqxJfHKG3q3w5ODHApLvrn80c2 YUf1FLVNBwwrq/femw8V5bd8PC9vLTI43whNX2lHOCiSh0auHdW7D/zhx5uEwfUasymy bkNf6TELtqrGgqQuETdQWLz63KWUx2vpXD6+7Zfl6g+hqf9vmvVxlgA3P0C3E+FNqwVZ H3/Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=c5TOuGrQ+VF3jI2wWFU64HANCazjU6JKCsapIQL56xg=; b=aBf7fvOKproEjMG3dgV+clxxND2AXFPHHQWxQrRIFHEtmGh0l6U8RDZ+sj7i6sE3Xg Oe5x9tIj2miGfoTmIUngjpx0v/mSEe/Gqmfu3utiNpNVxJrownkso2tSBkdSvJ2kNqTs 2F4Suu8cnd7yrx8F8gIbbwvZbiyZoZfcLlkfll3iIJ53dhJMSy17FfHR1EauqqyaSkXZ KC95Q1FoadM89amwAonvlVX3XVxfSqDMdJsyAuQtILO/jYka3gnfqmJprIoShUulA6UX gsrLiPnWEF1ABwrifSr7iQFnBOVzVzaONi5zxmk4f2hX6Lvae5omHYGJhPI+4D1ZbbbX MSLQ== X-Gm-Message-State: AHQUAubgsr+v6ifOmnpLIMPhhbeTpP6SwE+a20ZTLbXy9iyUX5Dveq/Y RfjcAPgg3bZtGpjxrKvppVd+ZBezbvc09UKC1Fw= X-Received: by 2002:a25:1488:: with SMTP id 130mr2931126ybu.507.1549978790150; Tue, 12 Feb 2019 05:39:50 -0800 (PST) MIME-Version: 1.0 References: <000000000000701c3305818e4814@google.com> <20190212111402.GU19029@quack2.suse.cz> In-Reply-To: <20190212111402.GU19029@quack2.suse.cz> From: Amir Goldstein Date: Tue, 12 Feb 2019 15:39:38 +0200 Message-ID: Subject: Re: possible deadlock in pipe_lock (2) To: Jan Kara Cc: Miklos Szeredi , linux-fsdevel , linux-kernel , syzkaller-bugs@googlegroups.com, Al Viro , syzbot , overlayfs Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org > > My other thought is that perhaps sb_start_write() should invoke > > s_ops->start_write() so that overlay can do the freeze protection on > > the upper early. > > So my understanding of overlayfs is pretty basic so I'm sorry if I miss > something. If I'm right, we have three superblocks here: ovl, upper, lower. > Now 'lower' is read-only so for freezing purposes we can just forget about > it. 'upper' is where the real changes are going into and 'ovl' is a wrapper > virtual superblock that handles merging of 'lower' and 'upper'. Correct so > far? Yes. > > And the problem seems to be that when you acquire freeze protection for the > 'ovl' superblock, you in fact want to acquire freeze protection for the > 'upper' (as 'ovl' is just virtual and has no disk state to protect). So I There are use case for freezing ovl (i.e. ovl snapshots) but it is not implemented at the moment. Overlayfs already gets upper freeze protection internally before any modification to upper. The problem that locking order of upper freeze is currently under overlay inode mutex. And that brings a problem with the above pipe case. > agree that a callback to allow overlayfs to acquire freeze protection on > 'upper' right away would be one solution. Or we could make s_writers a > pointer and redirect ovl->s_writers to upper->s_writers. Then VFS should do > the right thing from the start unless overlayfs calls back into operations > on 'upper' that will try to acquire the freeze protection again. Thoughts? Overlayfs definitely calls into operations on upper and upper certainly acquires several levels of s_writers itself. The problem with the proposal to change locking order to ovl freeze -> upper freeze -> ovl inode -> upper inode is that for some non-write operations (e.g. lookup, readdir) overlay may end up updating xattrs on upper, so will need to take upper freeze after ovl inode lock without ovl freeze being called by vfs. I suggested that we may use upper freeze trylock in those cases and skip xattr update if trylock fails. Not sure if my assumption is correct that this would be ok w.r.t locking rules? Not sure if we can get away with trylock in all the cases that we need to modify upper. Thanks, Amir.