Subject: Re: [PATCH] nfsd: don't put blocked locks on LRU until after
 vfs_lock_file returns
To:     Jeff Layton <jlayton@kernel.org>, linux-nfs@vger.kernel.org
Cc:     chuck.lever@oracle.com, bfields@fieldses.org
References: <20211123122223.69236-1-jlayton@kernel.org>
From:   Vasily Averin <vvs@virtuozzo.com>
Message-ID: <d3f68639-3f07-dbf7-9a4d-984fdd7bd62f@virtuozzo.com>
Date:   Tue, 23 Nov 2021 18:20:08 +0300
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101
 Thunderbird/78.14.0
In-Reply-To: <20211123122223.69236-1-jlayton@kernel.org>
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: 7bit
MIME-Version: 1.0
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?KzFrSDdlV2FoOEVHb01oQlUvd1dLSlI5QmJ4cVpqMVpaWEhMUVp3eVgwbWJW?=
 =?utf-8?B?MWFQV3FXL1VySWtYSDdJa2xXdGQ3OVZ5NlpCd1RvNUlhdDd6RExxWWM2ZHVv?=
 =?utf-8?B?bkR5QXBMK1RwZjFPUGFVeHN4TGNpeUZ0S3BoOVRCVU9VS2prUUtRdVRQUU9k?=
 =?utf-8?B?RFhqZkZieEpaMFRtL1l4cXJLejVLSW9WTCtuWW9HeHhDU05pRVNlWlpmU3VI?=
 =?utf-8?B?RG9oQ1k0T0lyVXdhOEtRSWk4bFovUU90Ny9NZXRVTnBmdDltNkRqSTlWR3hF?=
 =?utf-8?B?TkhVQXJHbmY0SlB0M3RUYnRPcWZ6azkwUHA5OFdmUW9PNlpxTnNIc0dsU2Na?=
 =?utf-8?B?bHptdmJjRy9KR0l0UjU1ME5US05vSmNsS2pZWVlJc2NaazNtc25WQ0htT0NU?=
 =?utf-8?B?MTUzUmc5amxhbUcveCtqTU51L1hIUEc0MFJydjREdElBMDlUNGd6QnlVeUVJ?=
 =?utf-8?B?cHpLanJYQ3RkM3VrSlB5UFBxeGpvZlI3QWlhWUx4OXQrR3IxWVFjK0d2VmZa?=
 =?utf-8?B?R1gzR1pJMEpaYkxSY0hzZG5aQml5R2pYV0UrMUxDaGJGMndzL0RsOHJSTUY1?=
 =?utf-8?B?MCtmWURNSDhDM3o2V3F1V2tKWHFlNExCcDBaSmYvL1BBSjhWdGdPb1JJMUZM?=
 =?utf-8?B?ZW13RG5RZzU0TVdkMDdZQUhlWEZLUHZ1NGJ6SFhmYUVnTEg5M2M2SEw1UHZU?=
 =?utf-8?B?SUN0Q2JEZXllRHNEeFM0T0V6RjhNdnc4QXRHZFgrRUtMY0g4ajd4TFFUU2ty?=
 =?utf-8?B?OXFGRmR3dm5SQmNWdWxvZUVVYTMwTjRkSXQwQ1pSVWQ2TUg0WG1sd2ZGZDFL?=
 =?utf-8?B?V1FFamxjN3FpdkJaVWdKb3Z1TXMwd2R1bk4yVU9vdXlnWjFmaU5DdjMzWDRj?=
 =?utf-8?B?VUwvSDV2bDQzU2crWVFXb2NZWEVrY3ZjcGRoa3F5ZTFmcHFieE81OExYZWJw?=
 =?utf-8?B?Z1A1eFArNXNWSmErZ2ZmTllGTVZCaERsNEllN2F2WjB0cGYrc3I3dlB0V1Rr?=
 =?utf-8?B?eXljSXF0VmdXWWoreTZMY1NpbzVmb2VmTzBFNTMzdTkwL1FSNllXVzc5SWRq?=
 =?utf-8?B?NnByT1Iwd3NXUWxEQ3JsclZNdDRJY0laNHVFZWxac0JLcjQ2NU1GS2NWSmxG?=
 =?utf-8?B?NEkwQ015c1YzU1FqZ1d6WnBXK3dRTVNWU00wSElyMkVjWWttNGJrYVFoYWJa?=
 =?utf-8?B?cFBJd1dSVm8xNzNaN081dTZuZWloaXZ1RFNKd1BodTFETXFKYWJ3eUNtMXdF?=
 =?utf-8?B?K3IwMjFlcGdwb3cxdWd4bUYxUVVCc0JKLzRMenVqem40K1B6YlpEb1lpR2VK?=
 =?utf-8?B?eVp3N0p5eVFuV2RONHZjK1NUS0I0MDkxT3ZRUmlyVGhRaThCaDZnRFFhSU8w?=
 =?utf-8?B?WFFPSkdTZ3RwZjJ0UXJzYnNMVWJuSEJHRzl1aUQ3a1NCc1hyVFBoa0J5TkM4?=
 =?utf-8?B?V2NhdmhPa2xxdFN0ZUN2dmNxWko0OUJ5S1pCNWxpSWF3eTVVMkpqdjFvMVNh?=
 =?utf-8?B?dksxS01OZ3pEbXFERlJjZG1pZWh6MUhOMVlXWHFBY0VheDB2N25USUlYYjc1?=
 =?utf-8?B?T1plWXpqM0xYc3dXNW9zUlBETS9YRXdUd0VFdW41VmNHeXJWcTdqV0daMElZ?=
 =?utf-8?B?L2Z2elpoWTM2eTlWR1NoYUhmQ0x2N2FEb3d3MHFxZ0kvSk1WRUgxRDd0NWhF?=
 =?utf-8?B?b1RaV1RmTmNYMk1MeEdHR1kwR1BsU0U4VHBvdXA0YVJUOXpZYVhGd0VNOVFr?=
 =?utf-8?B?ZkRncElxRlcvRnpIYmVpY2NrRzRRQStQUXg1NzZYS2F3M3RxaFlhZDMza2pm?=
 =?utf-8?B?YkZOMUZsbUN6cWR4RExSWnJUajUvYk9Qb1I0VCt1Wk1OY1Mxa2k5WWE4eVBU?=
 =?utf-8?B?d2FMcXJBRlAxNVkzYURlRm1RbEc5NnVzZE93TERZR3VYd3RXdHZ2SVlOcTJD?=
 =?utf-8?B?SXg3RjdCQklFSzdHQUVmRjBmSWd6NnplTVVsV2xmdTBlRGhxMkFaSHROcWJB?=
 =?utf-8?B?QkVFWkNWZnVwelFjYWM3QVNVUDhnTFBaWXpwcU1OZTlKTjBCaHRxVWwzMzJP?=
 =?utf-8?B?ZHQyNWFZSFkwa1RwNDlKbks1K1I5TkxGTmtBVFNLZnZJNFZDcWxxYWowdXdK?=
 =?utf-8?B?QmEzS2dPRm40TXdQeWtpZ3Z1Y3RvcHBISHlEcGlWejdyakpXa1daL2hOcXg2?=
 =?utf-8?Q?ACjmXW2PhwszV63yhY7MUJA=3D?=
X-OriginatorOrg: virtuozzo.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 54606636-2350-4195-3ec4-08d9ae94bd26
X-MS-Exchange-CrossTenant-AuthSource: AS8PR08MB6613.eurprd08.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 23 Nov 2021 15:20:10.5560
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 0bc7f26d-0264-416e-a6fc-8352af79c58f
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: lkHcTODOgJc3cqPV1IgStLwd2jnWyh2iFtUNX2xa6YNqPD4ZgoO1bd2KfdNkKAMFjiA53td+xQ4H4UZNNPYHiw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AS8PR08MB6964
Precedence: bulk
List-ID: <linux-nfs.vger.kernel.org>
X-Mailing-List: linux-nfs@vger.kernel.org

On 23.11.2021 15:22, Jeff Layton wrote:
> Vasily reported a case where vfs_lock_file took a very long time to
> return (longer than a lease period). The laundromat eventually ran and
> reaped the thing and when the vfs_lock_file returned, it ended up
> accessing freed memory.
> 
> Don't put entries onto the LRU until vfs_lock_file returns.

Cc: stable@vger.kernel.org
Fixes: 7919d0a27f1e "nfsd: add a LRU list for blocked locks"

> Reported-by: Vasily Averin <vvs@virtuozzo.com>
> Signed-off-by: Jeff Layton <jlayton@kernel.org>
Tested-by: Vasily Averin <vvs@virtuozzo.com>

> ---
>  fs/nfsd/nfs4state.c | 6 ++++--
>  1 file changed, 4 insertions(+), 2 deletions(-)
> 
> diff --git a/fs/nfsd/nfs4state.c b/fs/nfsd/nfs4state.c
> index bfad94c70b84..8cfef84b9355 100644
> --- a/fs/nfsd/nfs4state.c
> +++ b/fs/nfsd/nfs4state.c
> @@ -6966,10 +6966,8 @@ nfsd4_lock(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
>  	}
>  
>  	if (fl_flags & FL_SLEEP) {
> -		nbl->nbl_time = ktime_get_boottime_seconds();
>  		spin_lock(&nn->blocked_locks_lock);
>  		list_add_tail(&nbl->nbl_list, &lock_sop->lo_blocked);
> -		list_add_tail(&nbl->nbl_lru, &nn->blocked_locks_lru);
>  		spin_unlock(&nn->blocked_locks_lock);
>  	}
>  
> @@ -6982,6 +6980,10 @@ nfsd4_lock(struct svc_rqst *rqstp, struct nfsd4_compound_state *cstate,
>  			nn->somebody_reclaimed = true;
>  		break;
>  	case FILE_LOCK_DEFERRED:
> +		nbl->nbl_time = ktime_get_boottime_seconds();
> +		spin_lock(&nn->blocked_locks_lock);
> +		list_add_tail(&nbl->nbl_lru, &nn->blocked_locks_lru);
> +		spin_unlock(&nn->blocked_locks_lock);
>  		nbl = NULL;
>  		fallthrough;
>  	case -EAGAIN:		/* conflock holds conflicting lock */
>