Received: by 2002:a25:4158:0:0:0:0:0 with SMTP id o85csp4838275yba; Mon, 13 May 2019 00:04:01 -0700 (PDT) X-Google-Smtp-Source: APXvYqzuLnBE8FQ+qLBUVwt6y2MdwjTTMs2b/J5p2UtwbJEoki9XytfR8Em4XmzCW8PH44fE82fN X-Received: by 2002:a63:184:: with SMTP id 126mr2959490pgb.420.1557731040983; Mon, 13 May 2019 00:04:00 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1557731040; cv=none; d=google.com; s=arc-20160816; b=ZgsX8VLkeT09HZGd9HdS8TogySd2nzMfEX2beNR9O8+whis0A8ypdQTuehPlkWmSBe 4KG30zsncBCrVdk8w8440tTK8o7OGCt57y9dh/TvKks0Zz6K9skpr44W22akZ1sNuwCP hVfLPWdEk1zHUdg8oQ0YX8NnQvcRsEOqozwkPGiPSvMKvvsVYGsH3vUiJe9qs/SnPYtV ZpAE6avELcwQ9k7Uu4ctE+N5prBHJ+1tQDaffthG1SAYCSyiJsgsttDFmdmGUaQd3hrt yEzz82m/jYGge0NF7AkUoNIvqclZxBKAdJ6CgW705AnCwWIq5SwFZADcMF2J2Nkx8YyA alXw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:references:cc:to:from:subject; bh=RxaGoPqwTY0VT1d8sTIqDbaZhqB6gHMGmxHjfgoeIhs=; b=KQRhigeCRH26VrVVL/zyE2Xw3gUBrETwP1DgfxnMcwACRH1M5kKljguBwXLrlaKm6l jeht0BIDiHT4pog5RQNW9N323KjNMmaTTaBlCjNVRvoHj/9v6KaUtcQEaEkF9l5ESUww /HD5K9l+fgzINFzeepDVh+2u5/7vLEUUQWThOqOKJcbg3SxOC8TajKvSqGhv/18kgOiz bLiFf9SUSOS3CSYXzQhjAUP5jVCXKBsSx53yBMT0cNQaBKzVcfKey5OCFojSn11L2OVw +7/t8k2HDg4WhIqDmKS/zaWIM6DmQnziN/l7+FF0ClC0zqrzgwxqvhyTA/WvsZkYTL3x tQ6w== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-nfs-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-nfs-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=alibaba.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 1si675709plz.168.2019.05.13.00.03.33; Mon, 13 May 2019 00:04:00 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-nfs-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-nfs-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-nfs-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=alibaba.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726748AbfEMG5X (ORCPT + 99 others); Mon, 13 May 2019 02:57:23 -0400 Received: from out30-44.freemail.mail.aliyun.com ([115.124.30.44]:56045 "EHLO out30-44.freemail.mail.aliyun.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726330AbfEMG5X (ORCPT ); Mon, 13 May 2019 02:57:23 -0400 X-Alimail-AntiSpam: AC=PASS;BC=-1|-1;BR=01201311R111e4;CH=green;DM=||false|;FP=0|-1|-1|-1|0|-1|-1|-1;HT=e01f04446;MF=wuyihao@linux.alibaba.com;NM=1;PH=DS;RN=6;SR=0;TI=SMTPD_---0TRaI3yc_1557730639; Received: from ali-186590dcce93-2.local(mailfrom:wuyihao@linux.alibaba.com fp:SMTPD_---0TRaI3yc_1557730639) by smtp.aliyun-inc.com(127.0.0.1); Mon, 13 May 2019 14:57:19 +0800 Subject: [PATCH v2 1/2] NFSv4.1: Again fix a race where CB_NOTIFY_LOCK fails to wake a waiter From: Yihao Wu To: linux-nfs@vger.kernel.org, Jeff Layton , "J. Bruce Fields" Cc: Joseph Qi , caspar@linux.alibaba.com References: <346806ac-2018-b780-4939-87f29648017c@linux.alibaba.com> Message-ID: <48a9d50b-f7b9-407d-06db-5c9079dfbf24@linux.alibaba.com> Date: Mon, 13 May 2019 14:57:19 +0800 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:60.0) Gecko/20100101 Thunderbird/60.6.1 MIME-Version: 1.0 In-Reply-To: <346806ac-2018-b780-4939-87f29648017c@linux.alibaba.com> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit Sender: linux-nfs-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-nfs@vger.kernel.org Commit b7dbcc0e433f "NFSv4.1: Fix a race where CB_NOTIFY_LOCK fails to wake a waiter" found this bug. However it didn't fix it. This commit replaces schedule_timeout() with wait_woken() and default_wake_function() with woken_wake_function() in function nfs4_retry_setlk() and nfs4_wake_lock_waiter(). wait_woken() uses memory barriers in its implementation to avoid potential race condition when putting a process into sleeping state and then waking it up. Fixes: a1d617d8f134 ("nfs: allow blocking locks to be awoken by lock callbacks") Cc: stable@vger.kernel.org #4.9+ Signed-off-by: Yihao Wu --- fs/nfs/nfs4proc.c | 23 +++++++---------------- 1 file changed, 7 insertions(+), 16 deletions(-) diff --git a/fs/nfs/nfs4proc.c b/fs/nfs/nfs4proc.c index c29cbef..f9ed6b5 100644 --- a/fs/nfs/nfs4proc.c +++ b/fs/nfs/nfs4proc.c @@ -6932,7 +6932,6 @@ struct nfs4_lock_waiter { struct task_struct *task; struct inode *inode; struct nfs_lowner *owner; - bool notified; }; static int @@ -6954,13 +6953,13 @@ struct nfs4_lock_waiter { /* Make sure it's for the right inode */ if (nfs_compare_fh(NFS_FH(waiter->inode), &cbnl->cbnl_fh)) return 0; - - waiter->notified = true; } /* override "private" so we can use default_wake_function */ wait->private = waiter->task; - ret = autoremove_wake_function(wait, mode, flags, key); + ret = woken_wake_function(wait, mode, flags, key); + if (ret) + list_del_init(&wait->entry); wait->private = waiter; return ret; } @@ -6979,8 +6978,7 @@ struct nfs4_lock_waiter { .s_dev = server->s_dev }; struct nfs4_lock_waiter waiter = { .task = current, .inode = state->inode, - .owner = &owner, - .notified = false }; + .owner = &owner}; wait_queue_entry_t wait; /* Don't bother with waitqueue if we don't expect a callback */ @@ -6993,21 +6991,14 @@ struct nfs4_lock_waiter { add_wait_queue(q, &wait); while(!signalled()) { - waiter.notified = false; status = nfs4_proc_setlk(state, cmd, request); if ((status != -EAGAIN) || IS_SETLK(cmd)) break; status = -ERESTARTSYS; - spin_lock_irqsave(&q->lock, flags); - if (waiter.notified) { - spin_unlock_irqrestore(&q->lock, flags); - continue; - } - set_current_state(TASK_INTERRUPTIBLE); - spin_unlock_irqrestore(&q->lock, flags); - - freezable_schedule_timeout(NFS4_LOCK_MAXTIMEOUT); + freezer_do_not_count(); + wait_woken(&wait, TASK_INTERRUPTIBLE, NFS4_LOCK_MAXTIMEOUT); + freezer_count(); } finish_wait(q, &wait); -- 1.8.3.1