Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp1019612pxj; Fri, 11 Jun 2021 18:48:50 -0700 (PDT) X-Google-Smtp-Source: ABdhPJy0BmqByfv0uD33HmUU4rLAZYtD2n9Szl+DyXZ3iCyLG0N8JAlyqx700H4E5K+0mWZMmLIM X-Received: by 2002:a17:906:63d2:: with SMTP id u18mr6097661ejk.186.1623462530035; Fri, 11 Jun 2021 18:48:50 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1623462530; cv=none; d=google.com; s=arc-20160816; b=HwAjicn5whsTbZZ4smRXL7wW55wIGEWFjO1jy6/U9c/05A6rcuYE0Mms+4MCQ13ClM lTCr95DoVP2iFRHJucZElvQpGtFwDw2wl4FUlM+SjepzCkUSD8Vdj4+ijjPnd3+LLnYg b6gTLuMqZcbCyK6lQGY2VpNnXsMpS+3iXtW7sHDWPrdoxh/ndYcB1R4RcJanisS9eJai BcSrANszOQCRI2m5w/sct4Q8PqKiiNUEvHg2ZkIkVU11tq6QhF9WACjwiGmab/e0iosU hogO8OGpz1Uvnhm5HtbUTAzYAr/bXrckv3eVbLcyedIDLVrEW8Fh1GKLzh4R+6XdFMEQ X79g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date; bh=xOoX+m022orbEI3I4S294CmJT/hOOUwNkPj9frOGI38=; b=E1FgwQyRfPdS/jDnGNMz7QYE++7slm0BWFnTHJanUPBWt2lYGTjG52bSjx0svOXfwN NUIk8T5zhdt9aodklpx3ppomLerxkuDoUiDCZfOu08Cuja1nY2JRwm2m7dUNLYZ2tE6x vJo48qd5V2IqG+jCqgmOw8539wA+/jq1tpLkQJngFsvX5dfJV/yBlxh5QvH8Y3dLmmEq UOQIENOYrY4xeHbVN3mD5NlHzXaLKzeIdTyG353aFeObZZrsVFQsp1sbftwOAmyTs7sU CYnwMHnlzAjWErGZebJlQfW7XjCjwGgPMH03XY4KwgcCVFyPOpLQ7ml7xE62feAVXneR b6vA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id zo19si5951842ejb.452.2021.06.11.18.48.15; Fri, 11 Jun 2021 18:48:50 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230188AbhFLBsE (ORCPT + 99 others); Fri, 11 Jun 2021 21:48:04 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33796 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229622AbhFLBsD (ORCPT ); Fri, 11 Jun 2021 21:48:03 -0400 Received: from zeniv-ca.linux.org.uk (zeniv-ca.linux.org.uk [IPv6:2607:5300:60:148a::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9DFBAC061574; Fri, 11 Jun 2021 18:46:04 -0700 (PDT) Received: from viro by zeniv-ca.linux.org.uk with local (Exim 4.94.2 #2 (Red Hat Linux)) id 1lrsic-007A4F-9m; Sat, 12 Jun 2021 01:45:50 +0000 Date: Sat, 12 Jun 2021 01:45:50 +0000 From: Al Viro To: Ian Kent Cc: Greg Kroah-Hartman , Tejun Heo , Eric Sandeen , Fox Chen , Brice Goglin , Rick Lindsley , David Howells , Miklos Szeredi , Marcelo Tosatti , "Eric W. Biederman" , Carlos Maiolino , linux-fsdevel , Kernel Mailing List Subject: Re: [PATCH v6 5/7] kernfs: use i_lock to protect concurrent inode updates Message-ID: References: <162322846765.361452.17051755721944717990.stgit@web.messagingengine.com> <162322868275.361452.17585267026652222121.stgit@web.messagingengine.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <162322868275.361452.17585267026652222121.stgit@web.messagingengine.com> Sender: Al Viro Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Jun 09, 2021 at 04:51:22PM +0800, Ian Kent wrote: > The inode operations .permission() and .getattr() use the kernfs node > write lock but all that's needed is to keep the rb tree stable while > updating the inode attributes as well as protecting the update itself > against concurrent changes. Huh? Where does it access the rbtree at all? Confused... > diff --git a/fs/kernfs/inode.c b/fs/kernfs/inode.c > index 3b01e9e61f14e..6728ecd81eb37 100644 > --- a/fs/kernfs/inode.c > +++ b/fs/kernfs/inode.c > @@ -172,6 +172,7 @@ static void kernfs_refresh_inode(struct kernfs_node *kn, struct inode *inode) > { > struct kernfs_iattrs *attrs = kn->iattr; > > + spin_lock(&inode->i_lock); > inode->i_mode = kn->mode; > if (attrs) > /* > @@ -182,6 +183,7 @@ static void kernfs_refresh_inode(struct kernfs_node *kn, struct inode *inode) > > if (kernfs_type(kn) == KERNFS_DIR) > set_nlink(inode, kn->dir.subdirs + 2); > + spin_unlock(&inode->i_lock); > } Even more so - just what are you serializing here? That code synchronizes inode metadata with those in kernfs_node. Suppose you've got two threads doing ->permission(); the first one gets through kernfs_refresh_inode() and goes into generic_permission(). No locks are held, so kernfs_refresh_inode() from another thread can run in parallel with generic_permission(). If that's not a problem, why two kernfs_refresh_inode() done in parallel would be a problem? Thread 1: permission done refresh, all locks released now Thread 2: change metadata in kernfs_node Thread 2: permission goes into refresh, copying metadata into inode Thread 1: generic_permission() No locks in common between the last two operations, so we generic_permission() might see partially updated metadata. Either we don't give a fuck (in which case I don't understand what purpose does that ->i_lock serve) *or* we need the exclusion to cover a wider area.