From: Bob Peterson <rpeterso@redhat.com>
To: cluster-devel.redhat.com
Subject: [Cluster-devel] [PATCH 2/4] GFS2: Set gl_object in inode lookup only after block type check
Date: Tue, 18 Jul 2017 14:53:22 -0400 (EDT) [thread overview]
Message-ID: <1233464494.31977225.1500404002612.JavaMail.zimbra@redhat.com> (raw)
In-Reply-To: <20170718182305.27798-3-rpeterso@redhat.com>
Hi,
The second half of this patch isn't quite right. I'll rework it
and send a replacement.
Bob Peterson
----- Original Message -----
| Before this patch, the inode glock's gl_object was set after a
| reference was acquired, but before the block type was verified.
| In cases where the block was unlinked, then freed and reused on
| another node, a residule delete callback (delete_work) would try
| to look up the inode, eventually failing the block check, but
| only after it overwrites gl_object with a pointer to the wrong
| inode. This patch moves the assignment of gl_object after the
| block check so it won't be improperly overwritten.
|
| Likewise, at the end of the function, gfs2_inode_lookup was
| clearing gl_object, even in cases where it wasn't set, such as
| when the block type check fails. The patch only clears it if
| actually set it.
|
| Signed-off-by: Bob Peterson <rpeterso@redhat.com>
| ---
| fs/gfs2/inode.c | 7 ++++---
| 1 file changed, 4 insertions(+), 3 deletions(-)
|
| diff --git a/fs/gfs2/inode.c b/fs/gfs2/inode.c
| index 608e4bf60754..69f66e83920a 100644
| --- a/fs/gfs2/inode.c
| +++ b/fs/gfs2/inode.c
| @@ -145,7 +145,6 @@ struct inode *gfs2_inode_lookup(struct super_block *sb,
| unsigned int type,
| if (unlikely(error))
| goto fail;
| flush_delayed_work(&ip->i_gl->gl_work);
| - glock_set_object(ip->i_gl, ip);
|
| error = gfs2_glock_get(sdp, no_addr, &gfs2_iopen_glops, CREATE, &io_gl);
| if (unlikely(error))
| @@ -170,6 +169,7 @@ struct inode *gfs2_inode_lookup(struct super_block *sb,
| unsigned int type,
| }
| }
|
| + glock_set_object(ip->i_gl, ip);
| set_bit(GIF_INVALID, &ip->i_flags);
| error = gfs2_glock_nq_init(io_gl, LM_ST_SHARED, GL_EXACT,
| &ip->i_iopen_gh);
| if (unlikely(error))
| @@ -207,9 +207,10 @@ struct inode *gfs2_inode_lookup(struct super_block *sb,
| unsigned int type,
| fail_put:
| if (io_gl)
| gfs2_glock_put(io_gl);
| - if (gfs2_holder_initialized(&i_gh))
| + if (gfs2_holder_initialized(&i_gh)) {
| + glock_clear_object(ip->i_gl, ip);
| gfs2_glock_dq_uninit(&i_gh);
| - glock_clear_object(ip->i_gl, ip);
| + }
| fail:
| iget_failed(inode);
| return ERR_PTR(error);
| --
| 2.13.3
|
|
next prev parent reply other threads:[~2017-07-18 18:53 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-07-18 18:23 [Cluster-devel] [PATCH 0/4] GFS2: Enforce gl_object integrity Bob Peterson
2017-07-18 18:23 ` [Cluster-devel] [PATCH 1/4] GFS2: Introduce helper for clearing gl_object Bob Peterson
2017-08-30 11:15 ` Andreas Gruenbacher
2017-08-30 13:18 ` Bob Peterson
2017-07-18 18:23 ` [Cluster-devel] [PATCH 2/4] GFS2: Set gl_object in inode lookup only after block type check Bob Peterson
2017-07-18 18:53 ` Bob Peterson [this message]
2017-07-18 18:23 ` [Cluster-devel] [PATCH 3/4] GFS2: Clear gl_object if gfs2_create_inode fails Bob Peterson
2017-07-18 18:23 ` [Cluster-devel] [PATCH 4/4] GFS2: Clear gl_object when deleting an inode in gfs2_delete_inode Bob Peterson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1233464494.31977225.1500404002612.JavaMail.zimbra@redhat.com \
--to=rpeterso@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.