ext4: Fix race between migration and mmap write
Fail migrate if we allocated new blocks via mmap write. If we write to holes in the file via mmap, we end up allocating new blocks. This block allocation happens without taking inode->i_mutex. Since migrate is protected by i_mutex and migrate expects that no new blocks get allocated during migrate, fail migrate if new blocks get allocated. We can't take inode->i_mutex in the mmap write path because that would result in a locking order violation between i_mutex and mmap_sem. Also adding a separate rw_sempahore for protection is really high overhead for a rare operation such as migrate. Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com> Acked-by: Jan Kara <jack@suse.cz> Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
This commit is contained in:
parent
3977c965ec
commit
267e4db9ac
|
@ -985,6 +985,16 @@ int ext4_get_blocks_wrap(handle_t *handle, struct inode *inode, sector_t block,
|
||||||
} else {
|
} else {
|
||||||
retval = ext4_get_blocks_handle(handle, inode, block,
|
retval = ext4_get_blocks_handle(handle, inode, block,
|
||||||
max_blocks, bh, create, extend_disksize);
|
max_blocks, bh, create, extend_disksize);
|
||||||
|
|
||||||
|
if (retval > 0 && buffer_new(bh)) {
|
||||||
|
/*
|
||||||
|
* We allocated new blocks which will result in
|
||||||
|
* i_data's format changing. Force the migrate
|
||||||
|
* to fail by clearing migrate flags
|
||||||
|
*/
|
||||||
|
EXT4_I(inode)->i_flags = EXT4_I(inode)->i_flags &
|
||||||
|
~EXT4_EXT_MIGRATE;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
up_write((&EXT4_I(inode)->i_data_sem));
|
up_write((&EXT4_I(inode)->i_data_sem));
|
||||||
return retval;
|
return retval;
|
||||||
|
@ -2976,7 +2986,8 @@ static int ext4_do_update_inode(handle_t *handle,
|
||||||
if (ext4_inode_blocks_set(handle, raw_inode, ei))
|
if (ext4_inode_blocks_set(handle, raw_inode, ei))
|
||||||
goto out_brelse;
|
goto out_brelse;
|
||||||
raw_inode->i_dtime = cpu_to_le32(ei->i_dtime);
|
raw_inode->i_dtime = cpu_to_le32(ei->i_dtime);
|
||||||
raw_inode->i_flags = cpu_to_le32(ei->i_flags);
|
/* clear the migrate flag in the raw_inode */
|
||||||
|
raw_inode->i_flags = cpu_to_le32(ei->i_flags & ~EXT4_EXT_MIGRATE);
|
||||||
if (EXT4_SB(inode->i_sb)->s_es->s_creator_os !=
|
if (EXT4_SB(inode->i_sb)->s_es->s_creator_os !=
|
||||||
cpu_to_le32(EXT4_OS_HURD))
|
cpu_to_le32(EXT4_OS_HURD))
|
||||||
raw_inode->i_file_acl_high =
|
raw_inode->i_file_acl_high =
|
||||||
|
|
|
@ -327,7 +327,7 @@ static int free_ind_block(handle_t *handle, struct inode *inode, __le32 *i_data)
|
||||||
}
|
}
|
||||||
|
|
||||||
static int ext4_ext_swap_inode_data(handle_t *handle, struct inode *inode,
|
static int ext4_ext_swap_inode_data(handle_t *handle, struct inode *inode,
|
||||||
struct inode *tmp_inode)
|
struct inode *tmp_inode)
|
||||||
{
|
{
|
||||||
int retval;
|
int retval;
|
||||||
__le32 i_data[3];
|
__le32 i_data[3];
|
||||||
|
@ -339,7 +339,7 @@ static int ext4_ext_swap_inode_data(handle_t *handle, struct inode *inode,
|
||||||
* i_data field of the original inode
|
* i_data field of the original inode
|
||||||
*/
|
*/
|
||||||
retval = ext4_journal_extend(handle, 1);
|
retval = ext4_journal_extend(handle, 1);
|
||||||
if (retval != 0) {
|
if (retval) {
|
||||||
retval = ext4_journal_restart(handle, 1);
|
retval = ext4_journal_restart(handle, 1);
|
||||||
if (retval)
|
if (retval)
|
||||||
goto err_out;
|
goto err_out;
|
||||||
|
@ -350,6 +350,18 @@ static int ext4_ext_swap_inode_data(handle_t *handle, struct inode *inode,
|
||||||
i_data[2] = ei->i_data[EXT4_TIND_BLOCK];
|
i_data[2] = ei->i_data[EXT4_TIND_BLOCK];
|
||||||
|
|
||||||
down_write(&EXT4_I(inode)->i_data_sem);
|
down_write(&EXT4_I(inode)->i_data_sem);
|
||||||
|
/*
|
||||||
|
* if EXT4_EXT_MIGRATE is cleared a block allocation
|
||||||
|
* happened after we started the migrate. We need to
|
||||||
|
* fail the migrate
|
||||||
|
*/
|
||||||
|
if (!(EXT4_I(inode)->i_flags & EXT4_EXT_MIGRATE)) {
|
||||||
|
retval = -EAGAIN;
|
||||||
|
up_write(&EXT4_I(inode)->i_data_sem);
|
||||||
|
goto err_out;
|
||||||
|
} else
|
||||||
|
EXT4_I(inode)->i_flags = EXT4_I(inode)->i_flags &
|
||||||
|
~EXT4_EXT_MIGRATE;
|
||||||
/*
|
/*
|
||||||
* We have the extent map build with the tmp inode.
|
* We have the extent map build with the tmp inode.
|
||||||
* Now copy the i_data across
|
* Now copy the i_data across
|
||||||
|
@ -508,6 +520,17 @@ int ext4_ext_migrate(struct inode *inode, struct file *filp,
|
||||||
* switch the inode format to prevent read.
|
* switch the inode format to prevent read.
|
||||||
*/
|
*/
|
||||||
mutex_lock(&(inode->i_mutex));
|
mutex_lock(&(inode->i_mutex));
|
||||||
|
/*
|
||||||
|
* Even though we take i_mutex we can still cause block allocation
|
||||||
|
* via mmap write to holes. If we have allocated new blocks we fail
|
||||||
|
* migrate. New block allocation will clear EXT4_EXT_MIGRATE flag.
|
||||||
|
* The flag is updated with i_data_sem held to prevent racing with
|
||||||
|
* block allocation.
|
||||||
|
*/
|
||||||
|
down_read((&EXT4_I(inode)->i_data_sem));
|
||||||
|
EXT4_I(inode)->i_flags = EXT4_I(inode)->i_flags | EXT4_EXT_MIGRATE;
|
||||||
|
up_read((&EXT4_I(inode)->i_data_sem));
|
||||||
|
|
||||||
handle = ext4_journal_start(inode, 1);
|
handle = ext4_journal_start(inode, 1);
|
||||||
|
|
||||||
ei = EXT4_I(inode);
|
ei = EXT4_I(inode);
|
||||||
|
@ -559,9 +582,15 @@ err_out:
|
||||||
* tmp_inode
|
* tmp_inode
|
||||||
*/
|
*/
|
||||||
free_ext_block(handle, tmp_inode);
|
free_ext_block(handle, tmp_inode);
|
||||||
else
|
else {
|
||||||
retval = ext4_ext_swap_inode_data(handle, inode,
|
retval = ext4_ext_swap_inode_data(handle, inode, tmp_inode);
|
||||||
tmp_inode);
|
if (retval)
|
||||||
|
/*
|
||||||
|
* if we fail to swap inode data free the extent
|
||||||
|
* details of the tmp inode
|
||||||
|
*/
|
||||||
|
free_ext_block(handle, tmp_inode);
|
||||||
|
}
|
||||||
|
|
||||||
/* We mark the tmp_inode dirty via ext4_ext_tree_init. */
|
/* We mark the tmp_inode dirty via ext4_ext_tree_init. */
|
||||||
if (ext4_journal_extend(handle, 1) != 0)
|
if (ext4_journal_extend(handle, 1) != 0)
|
||||||
|
|
|
@ -231,6 +231,7 @@ struct ext4_group_desc
|
||||||
#define EXT4_TOPDIR_FL 0x00020000 /* Top of directory hierarchies*/
|
#define EXT4_TOPDIR_FL 0x00020000 /* Top of directory hierarchies*/
|
||||||
#define EXT4_HUGE_FILE_FL 0x00040000 /* Set to each huge file */
|
#define EXT4_HUGE_FILE_FL 0x00040000 /* Set to each huge file */
|
||||||
#define EXT4_EXTENTS_FL 0x00080000 /* Inode uses extents */
|
#define EXT4_EXTENTS_FL 0x00080000 /* Inode uses extents */
|
||||||
|
#define EXT4_EXT_MIGRATE 0x00100000 /* Inode is migrating */
|
||||||
#define EXT4_RESERVED_FL 0x80000000 /* reserved for ext4 lib */
|
#define EXT4_RESERVED_FL 0x80000000 /* reserved for ext4 lib */
|
||||||
|
|
||||||
#define EXT4_FL_USER_VISIBLE 0x000BDFFF /* User visible flags */
|
#define EXT4_FL_USER_VISIBLE 0x000BDFFF /* User visible flags */
|
||||||
|
|
Loading…
Reference in New Issue