From mboxrd@z Thu Jan  1 00:00:00 1970
From: Bob Peterson <rpeterso@redhat.com>
Date: Fri, 28 Feb 2020 13:47:26 -0600
Subject: [Cluster-devel] [GFS2 PATCH 0/2 v2] Clean up and fix quota data
	allocate and free
Message-ID: <20200228194728.1375940-1-rpeterso@redhat.com>
List-Id: <cluster-devel.redhat.com>
To: cluster-devel.redhat.com
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit

This patch set cleans up a recently discovered race between file close
and chown. The problem was that file close would free the quota data
structures attached to the in-core inode, but chown relied on them to
exist. So if the timing of the close is wrong, the chown can result in
kernel panic. The problem is easily recreated with this:

On terminal session 1:
while true; do chown test /mnt/gfs2/test; chown root /mnt/gfs2/test; done

On terminal session 2:
while true; do echo "a" > /mnt/gfs2/test; echo "b" > /mnt/gfs2/test;done

This is version 2 of this patch set. The first patch hasn't changed from
the previous patch #3. The second patch is new. Andreas pointed out that v1
kept the memory for quota data allocated too long because it was not freed
until evict. This version takes a completely different approach. It changes
the quota data structure to be policed by an atomic count of users.
Instead of gfs2_qa_alloc, each user must instead gfs2_qa_get() which
allocates the structure if necessary, and initializes its usage count to 2.
After gfs2_qa_get, callers must call a corresponding gfs2_qa_put().
As before, a file close or evict will decrement the counter one last time
from 1 to 0, and free the memory.

This patch set has not had adequate testing and may require some more changes,
although it does fix the scenario listed above. I just wanted to throw this
one out as an alternative to the last and see if people like it any better.

Bob Peterson (2):
  gfs2: eliminate gfs2_rsqa_alloc in favor of gfs2_qa_alloc
  gfs2: Change inode qa_data to allow multiple users

 fs/gfs2/acl.c    |  7 +++++--
 fs/gfs2/bmap.c   |  2 +-
 fs/gfs2/file.c   | 19 ++++++++++++------
 fs/gfs2/incore.h |  1 +
 fs/gfs2/inode.c  | 31 +++++++++++++++++------------
 fs/gfs2/quota.c  | 51 +++++++++++++++++++++++++++++-------------------
 fs/gfs2/quota.h  |  4 ++--
 fs/gfs2/rgrp.c   | 12 +-----------
 fs/gfs2/rgrp.h   |  1 -
 fs/gfs2/super.c  |  2 ++
 fs/gfs2/xattr.c  | 12 ++++++++----
 11 files changed, 83 insertions(+), 59 deletions(-)

-- 
2.24.1