Received: by 2002:a05:7412:b130:b0:e2:908c:2ebd with SMTP id az48csp1869780rdb; Sun, 19 Nov 2023 14:07:56 -0800 (PST) X-Google-Smtp-Source: AGHT+IHuBcwI4hrJwFUHD6ahJHCUDKUL19FXP4un6beLMBJMAQvJE1as65aE6Hti6LbaP1vXjW24 X-Received: by 2002:a05:6a20:6a10:b0:187:b2cb:2b0f with SMTP id p16-20020a056a206a1000b00187b2cb2b0fmr7821461pzk.8.1700431676111; Sun, 19 Nov 2023 14:07:56 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1700431676; cv=none; d=google.com; s=arc-20160816; b=MJv2UUQfaaHLp0uJuVdchFmD4m2zcb+UKZy410errJA2N7I0y+Y6ITtibHSAm/LHDr xUhVBL+NYayjY+AdxREpjulS/hTv1YlkPmgbG848mm+4Hl9UuKG20Q/s9CsnpFiJZN6o BtNiCofzeapaYMAFlVEDJVaGwID9+2YukCXf9yGf7g+Yu9p1TxfDB1kp7Vy7dGU/hxZe +IW8fwVPViZ+78PLJvCKPnAomraKm0LOEZTX+XnhDHuczUglBRaZhc+OPkHMb69GbyMZ 2/fsLItD5GMzGNUIBkt7G6ykVLba5ep5RqU9T8oncoHuRo2dSouk6xGDTYFAjoXExOYH aXwA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:message-id:date:references:in-reply-to:subject :cc:to:from:mime-version:content-transfer-encoding:dkim-signature :dkim-signature; bh=seU1cGDLq3xypSaM+C5k6FGNvKJei/YH+vW1GQsp4/M=; fh=3cVUqrBlCYKHDH/sVHASgoDP1h1US1q68V5dOsonqkA=; b=Eftcy8g3Kv6Za1tEG7cgwiZlUTkPgcSHZxGQZ4ztjyXzCsKMdvoXWgR9JOd0uroqYL +4+6a+etegJgd/1oeRDr85+EW1ohZMh3U6R7oJW0+w8DgehSyfCjp397ghfxnBf9cPgm cTvkdMi90Hx7FRA7ZjLIbDHGGJM56TufCS0xt3/SSJJlJ0DvyejluMJcQ4bXxEb4LwPp lkmeLqsN3gE3LFSkadmmieaUTdjvZdBKp3iKisGgUOfj0bYTXu6e/ucV/vUZgFNy5giu 69ziiYkLl4rGjnTY8W4EMMKJqck1OeQ0uj/f/GEUDaGwYJdi1WqoWXnGUbbVzqBD8MhP ljpQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@suse.de header.s=susede2_rsa header.b=T6EsVNlW; dkim=neutral (no key) header.i=@suse.de header.s=susede2_ed25519; spf=pass (google.com: domain of linux-nfs-owner@vger.kernel.org designates 2620:137:e000::3:2 as permitted sender) smtp.mailfrom=linux-nfs-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=suse.de Return-Path: Received: from agentk.vger.email (agentk.vger.email. [2620:137:e000::3:2]) by mx.google.com with ESMTPS id u4-20020a056a00158400b006cb6cc0f42dsi2566434pfk.405.2023.11.19.14.07.55 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 19 Nov 2023 14:07:56 -0800 (PST) Received-SPF: pass (google.com: domain of linux-nfs-owner@vger.kernel.org designates 2620:137:e000::3:2 as permitted sender) client-ip=2620:137:e000::3:2; Authentication-Results: mx.google.com; dkim=pass header.i=@suse.de header.s=susede2_rsa header.b=T6EsVNlW; dkim=neutral (no key) header.i=@suse.de header.s=susede2_ed25519; spf=pass (google.com: domain of linux-nfs-owner@vger.kernel.org designates 2620:137:e000::3:2 as permitted sender) smtp.mailfrom=linux-nfs-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=suse.de Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by agentk.vger.email (Postfix) with ESMTP id 77663805EAD0; Sun, 19 Nov 2023 14:07:51 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at agentk.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231390AbjKSWHw (ORCPT + 99 others); Sun, 19 Nov 2023 17:07:52 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33648 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230456AbjKSWHw (ORCPT ); Sun, 19 Nov 2023 17:07:52 -0500 Received: from smtp-out2.suse.de (smtp-out2.suse.de [IPv6:2001:67c:2178:6::1d]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 55A3B136 for ; Sun, 19 Nov 2023 14:07:48 -0800 (PST) Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by smtp-out2.suse.de (Postfix) with ESMTPS id 019521F381; Sun, 19 Nov 2023 22:07:47 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_rsa; t=1700431667; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=seU1cGDLq3xypSaM+C5k6FGNvKJei/YH+vW1GQsp4/M=; b=T6EsVNlWYzLwT2jncEZbDA1151MLhICvJcgugEcnshJctioRcd6tGckUIC3GzHfO0Kc4K0 8JQczoUxBj4P1tu41eYFRPiBaRPTlL7RUnRtriMYM97jzpYZbgKvEnqM27QOJxRaKhNt5L MU7t8/SbliJz3NE9rRZGzDZnxlYQStw= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_ed25519; t=1700431667; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=seU1cGDLq3xypSaM+C5k6FGNvKJei/YH+vW1GQsp4/M=; b=Z5dw9LRNIjMAiSxc0aPaulHsB1OmPJfqaA3up0h2nurlHxUAoaY44vyBAwD20s3ax5jzUH lub7bjEKEPwTJuAA== Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by imap2.suse-dmz.suse.de (Postfix) with ESMTPS id C6BFA139B7; Sun, 19 Nov 2023 22:07:44 +0000 (UTC) Received: from dovecot-director2.suse.de ([192.168.254.65]) by imap2.suse-dmz.suse.de with ESMTPSA id LbjoHTCHWmWOVAAAMHmgww (envelope-from ); Sun, 19 Nov 2023 22:07:44 +0000 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 From: "NeilBrown" To: "Chuck Lever" Cc: "Jeff Layton" , linux-nfs@vger.kernel.org, "Olga Kornievskaia" , "Dai Ngo" , "Tom Talpey" Subject: Re: [PATCH 1/9] nfsd: hold ->cl_lock for hash_delegation_locked() In-reply-to: References: <20231117022121.23310-1-neilb@suse.de>, <20231117022121.23310-2-neilb@suse.de>, Date: Mon, 20 Nov 2023 09:07:41 +1100 Message-id: <170043166163.19300.15300340757194691794@noble.neil.brown.name> Authentication-Results: smtp-out2.suse.de; none X-Spam-Score: 3.40 X-Spamd-Result: default: False [3.40 / 50.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_SPAM_SHORT(3.00)[0.999]; MIME_GOOD(-0.10)[text/plain]; RCPT_COUNT_FIVE(0.00)[6]; DKIM_SIGNED(0.00)[suse.de:s=susede2_rsa,suse.de:s=susede2_ed25519]; NEURAL_SPAM_LONG(3.50)[1.000]; FUZZY_BLOCKED(0.00)[rspamd.com]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[]; BAYES_HAM(-3.00)[100.00%] X-Spam-Status: No, score=-0.9 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on agentk.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-nfs@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (agentk.vger.email [0.0.0.0]); Sun, 19 Nov 2023 14:07:51 -0800 (PST) On Sat, 18 Nov 2023, Chuck Lever wrote: > On Fri, Nov 17, 2023 at 01:18:47PM +1100, NeilBrown wrote: > > The protocol for creating a new state in nfsd is to allocated the state > > leaving it largely uninitialised, add that state to the ->cl_stateids > > idr so as to reserve a state id, then complete initialisation of the > > state and only set ->sc_type to non-zero once the state is fully > > initialised. > >=20 > > If a state is found in the idr with ->sc_type =3D=3D 0, it is ignored. > > The ->cl_lock list is used to avoid races - it is held while checking >=20 > s/->cl_lock list/->cl_lock lock >=20 >=20 > > sc_type during lookup, >=20 > In particular, find_stateid_locked(), but yet, not in nfs4_find_file() >=20 > Can you help me understand why it's not needed in the latter case? nfs4_find_file() is called from nfs4_check_file() which is called from nfs4_preprocess_stateid_op(), which gets the nfs4_stid from nfsd4_lookup_stateid(). That in turn gets the stateid from find_stateid_by_type() which gets it from find_stateid_locked(). If find_stateid_locked() returns a stateid, then ->sc_type is not 0, and it can never be set to zero (At least after subsequent patches land). Or, more succinctly, nfs4_find_file() does not do lookup, so it doesn't check sc_type against zero, so it doesn't need a lock. >=20 >=20 > > and held when a non-zero value is stored in ->sc_type. >=20 > I see a few additional spots where an sc_type value is set and > cl_lock is not held: >=20 > init_open_stateid ->cl_lock is taken 9 lines before NFS4_OPEN_STID is assigned to >sc_type, and it is dropped 13 lines later. > nfsd4_process_open2 This assignment does not change from zero to non-zero. So it cannot race with lookup, which tests for zero. A later patch changes this assignment to be a change to the new sc_status. >=20 >=20 > > ... except... hash_delegation_locked() finalises the initialisation of a > > delegation state, but does NOT hold ->cl_lock. > >=20 > > So this patch takes ->cl_lock at the appropriate time w.r.t other locks, > > and so ensures there are no races (which are extremely unlikely in any > > case). >=20 > I would have expected that cl_lock should be taken first. Can the > patch description provide some rationale for the lock ordering > you chose? I've added As ->fi_lock is often taken when ->cl_lock is held, we need to take ->cl_lock first of those two. Currently ->cl_lock and state_lock are never both taken at the same time. We need both for this patch so an arbitrary choice is needed concerning which to take first. As state_lock is more global, it might be more contended, so take it first. I'm happy to choose a different ordering for ->cl_lock and state_lock if you have a different justification - I accept that mine isn't particularly strong. >=20 > Jeff asks in another email whether this fix should get copied to > stable. Since the race is unlikely, I'm inclined to wait for an > explicit problem report. I agree. Thanks, NeilBrown >=20 >=20 > > Signed-off-by: NeilBrown > > --- > > fs/nfsd/nfs4state.c | 3 +++ > > 1 file changed, 3 insertions(+) > >=20 > > diff --git a/fs/nfsd/nfs4state.c b/fs/nfsd/nfs4state.c > > index 65fd5510323a..6368788a7d4e 100644 > > --- a/fs/nfsd/nfs4state.c > > +++ b/fs/nfsd/nfs4state.c > > @@ -1317,6 +1317,7 @@ hash_delegation_locked(struct nfs4_delegation *dp, = struct nfs4_file *fp) > > =20 > > lockdep_assert_held(&state_lock); > > lockdep_assert_held(&fp->fi_lock); > > + lockdep_assert_held(&clp->cl_lock); > > =20 > > if (nfs4_delegation_exists(clp, fp)) > > return -EAGAIN; > > @@ -5609,12 +5610,14 @@ nfs4_set_delegation(struct nfsd4_open *open, stru= ct nfs4_ol_stateid *stp, > > goto out_unlock; > > =20 > > spin_lock(&state_lock); > > + spin_lock(&clp->cl_lock); > > spin_lock(&fp->fi_lock); > > if (fp->fi_had_conflict) > > status =3D -EAGAIN; > > else > > status =3D hash_delegation_locked(dp, fp); > > spin_unlock(&fp->fi_lock); > > + spin_unlock(&clp->cl_lock); > > spin_unlock(&state_lock); > > =20 > > if (status) > > --=20 > > 2.42.0 > >=20 >=20 > --=20 > Chuck Lever >=20