* [PATCH 4/6] cifs: serialize initialization and cleanup of cfid
2025-06-13 14:56 [PATCH 2/6] cifs: protect cfid accesses with fid_lock nspmangalore
@ 2025-06-13 14:56 ` nspmangalore
0 siblings, 0 replies; 3+ messages in thread
From: nspmangalore @ 2025-06-13 14:56 UTC (permalink / raw)
To: linux-cifs, smfrench, bharathsm.hsk, meetakshisetiyaoss, pc,
henrique.carvalho, ematsumiya
Cc: Shyam Prasad N
From: Shyam Prasad N <sprasad@microsoft.com>
Today we can have multiple processes calling open_cached_dir
and other workers freeing the cached dir all in parallel.
Although small sections of this code is locked to protect
individual fields, there can be races between these threads
which can be hard to debug.
This patch serializes all initialization and cleanup of
the cfid struct and the associated resources: dentry and
the server handle.
Signed-off-by: Shyam Prasad N <sprasad@microsoft.com>
---
fs/smb/client/cached_dir.c | 15 +++++++++++++++
fs/smb/client/cached_dir.h | 1 +
2 files changed, 16 insertions(+)
diff --git a/fs/smb/client/cached_dir.c b/fs/smb/client/cached_dir.c
index 9b5bbb7b6e4b..d26a06cdde64 100644
--- a/fs/smb/client/cached_dir.c
+++ b/fs/smb/client/cached_dir.c
@@ -199,6 +199,12 @@ int open_cached_dir(unsigned int xid, struct cifs_tcon *tcon,
return -ENOENT;
}
+ /*
+ * the following is a critical section. We need to make sure that the
+ * callers are serialized per-cfid
+ */
+ mutex_lock(&cfid->cfid_mutex);
+
/*
* check again that the cfid is valid (with mutex held this time).
* Return cached fid if it is valid (has a lease and has a time).
@@ -209,11 +215,13 @@ int open_cached_dir(unsigned int xid, struct cifs_tcon *tcon,
spin_lock(&cfid->fid_lock);
if (cfid->has_lease && cfid->time) {
spin_unlock(&cfid->fid_lock);
+ mutex_unlock(&cfid->cfid_mutex);
*ret_cfid = cfid;
kfree(utf16_path);
return 0;
} else if (!cfid->has_lease) {
spin_unlock(&cfid->fid_lock);
+ mutex_unlock(&cfid->cfid_mutex);
/* drop the ref that we have */
kref_put(&cfid->refcount, smb2_close_cached_fid);
kfree(utf16_path);
@@ -419,6 +427,8 @@ int open_cached_dir(unsigned int xid, struct cifs_tcon *tcon,
*ret_cfid = cfid;
atomic_inc(&tcon->num_remote_opens);
}
+ mutex_unlock(&cfid->cfid_mutex);
+
kfree(utf16_path);
if (is_replayable_error(rc) &&
@@ -462,6 +472,9 @@ smb2_close_cached_fid(struct kref *ref)
refcount);
int rc;
+ /* make sure not to race with server open */
+ mutex_lock(&cfid->cfid_mutex);
+
spin_lock(&cfid->cfids->cfid_list_lock);
if (cfid->on_list) {
list_del(&cfid->entry);
@@ -482,6 +495,7 @@ smb2_close_cached_fid(struct kref *ref)
if (rc) /* should we retry on -EBUSY or -EAGAIN? */
cifs_dbg(VFS, "close cached dir rc %d\n", rc);
}
+ mutex_unlock(&cfid->cfid_mutex);
free_cached_dir(cfid);
}
@@ -696,6 +710,7 @@ static struct cached_fid *init_cached_dir(const char *path)
INIT_LIST_HEAD(&cfid->entry);
INIT_LIST_HEAD(&cfid->dirents.entries);
mutex_init(&cfid->dirents.de_mutex);
+ mutex_init(&cfid->cfid_mutex);
spin_lock_init(&cfid->fid_lock);
kref_init(&cfid->refcount);
return cfid;
diff --git a/fs/smb/client/cached_dir.h b/fs/smb/client/cached_dir.h
index 1dfe79d947a6..93c936af2253 100644
--- a/fs/smb/client/cached_dir.h
+++ b/fs/smb/client/cached_dir.h
@@ -42,6 +42,7 @@ struct cached_fid {
struct kref refcount;
struct cifs_fid fid;
spinlock_t fid_lock;
+ struct mutex cfid_mutex;
struct cifs_tcon *tcon;
struct dentry *dentry;
struct work_struct put_work;
--
2.43.0
^ permalink raw reply related [flat|nested] 3+ messages in thread
* [PATCH 4/6] cifs: serialize initialization and cleanup of cfid
@ 2025-06-19 10:12 nspmangalore
2025-06-19 10:15 ` Shyam Prasad N
0 siblings, 1 reply; 3+ messages in thread
From: nspmangalore @ 2025-06-19 10:12 UTC (permalink / raw)
To: linux-cifs, smfrench, bharathsm.hsk, meetakshisetiyaoss, pc,
henrique.carvalho, ematsumiya
Cc: Shyam Prasad N
From: Shyam Prasad N <sprasad@microsoft.com>
Today we can have multiple processes calling open_cached_dir
and other workers freeing the cached dir all in parallel.
Although small sections of this code is locked to protect
individual fields, there can be races between these threads
which can be hard to debug.
This patch serializes all initialization and cleanup of
the cfid struct and the associated resources: dentry and
the server handle.
Signed-off-by: Shyam Prasad N <sprasad@microsoft.com>
---
fs/smb/client/cached_dir.c | 16 ++++++++++++++++
fs/smb/client/cached_dir.h | 1 +
2 files changed, 17 insertions(+)
diff --git a/fs/smb/client/cached_dir.c b/fs/smb/client/cached_dir.c
index 9b5bbb7b6e4b..9c9a348062d3 100644
--- a/fs/smb/client/cached_dir.c
+++ b/fs/smb/client/cached_dir.c
@@ -199,6 +199,12 @@ int open_cached_dir(unsigned int xid, struct cifs_tcon *tcon,
return -ENOENT;
}
+ /*
+ * the following is a critical section. We need to make sure that the
+ * callers are serialized per-cfid
+ */
+ mutex_lock(&cfid->cfid_mutex);
+
/*
* check again that the cfid is valid (with mutex held this time).
* Return cached fid if it is valid (has a lease and has a time).
@@ -209,11 +215,13 @@ int open_cached_dir(unsigned int xid, struct cifs_tcon *tcon,
spin_lock(&cfid->fid_lock);
if (cfid->has_lease && cfid->time) {
spin_unlock(&cfid->fid_lock);
+ mutex_unlock(&cfid->cfid_mutex);
*ret_cfid = cfid;
kfree(utf16_path);
return 0;
} else if (!cfid->has_lease) {
spin_unlock(&cfid->fid_lock);
+ mutex_unlock(&cfid->cfid_mutex);
/* drop the ref that we have */
kref_put(&cfid->refcount, smb2_close_cached_fid);
kfree(utf16_path);
@@ -413,12 +421,15 @@ int open_cached_dir(unsigned int xid, struct cifs_tcon *tcon,
}
spin_unlock(&cfid->fid_lock);
spin_unlock(&cfids->cfid_list_lock);
+ mutex_unlock(&cfid->cfid_mutex);
kref_put(&cfid->refcount, smb2_close_cached_fid);
} else {
+ mutex_unlock(&cfid->cfid_mutex);
*ret_cfid = cfid;
atomic_inc(&tcon->num_remote_opens);
}
+
kfree(utf16_path);
if (is_replayable_error(rc) &&
@@ -462,6 +473,9 @@ smb2_close_cached_fid(struct kref *ref)
refcount);
int rc;
+ /* make sure not to race with server open */
+ mutex_lock(&cfid->cfid_mutex);
+
spin_lock(&cfid->cfids->cfid_list_lock);
if (cfid->on_list) {
list_del(&cfid->entry);
@@ -482,6 +496,7 @@ smb2_close_cached_fid(struct kref *ref)
if (rc) /* should we retry on -EBUSY or -EAGAIN? */
cifs_dbg(VFS, "close cached dir rc %d\n", rc);
}
+ mutex_unlock(&cfid->cfid_mutex);
free_cached_dir(cfid);
}
@@ -696,6 +711,7 @@ static struct cached_fid *init_cached_dir(const char *path)
INIT_LIST_HEAD(&cfid->entry);
INIT_LIST_HEAD(&cfid->dirents.entries);
mutex_init(&cfid->dirents.de_mutex);
+ mutex_init(&cfid->cfid_mutex);
spin_lock_init(&cfid->fid_lock);
kref_init(&cfid->refcount);
return cfid;
diff --git a/fs/smb/client/cached_dir.h b/fs/smb/client/cached_dir.h
index bc8a812ff95f..b6642b65c752 100644
--- a/fs/smb/client/cached_dir.h
+++ b/fs/smb/client/cached_dir.h
@@ -42,6 +42,7 @@ struct cached_fid {
struct kref refcount;
struct cifs_fid fid;
spinlock_t fid_lock;
+ struct mutex cfid_mutex;
struct cifs_tcon *tcon;
struct dentry *dentry;
struct work_struct put_work;
--
2.43.0
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH 4/6] cifs: serialize initialization and cleanup of cfid
2025-06-19 10:12 [PATCH 4/6] cifs: serialize initialization and cleanup of cfid nspmangalore
@ 2025-06-19 10:15 ` Shyam Prasad N
0 siblings, 0 replies; 3+ messages in thread
From: Shyam Prasad N @ 2025-06-19 10:15 UTC (permalink / raw)
To: linux-cifs, smfrench, bharathsm.hsk, meetakshisetiyaoss, pc,
henrique.carvalho, ematsumiya
Cc: Shyam Prasad N
On Thu, Jun 19, 2025 at 3:43 PM <nspmangalore@gmail.com> wrote:
>
> From: Shyam Prasad N <sprasad@microsoft.com>
>
> Today we can have multiple processes calling open_cached_dir
> and other workers freeing the cached dir all in parallel.
> Although small sections of this code is locked to protect
> individual fields, there can be races between these threads
> which can be hard to debug.
>
> This patch serializes all initialization and cleanup of
> the cfid struct and the associated resources: dentry and
> the server handle.
>
> Signed-off-by: Shyam Prasad N <sprasad@microsoft.com>
> ---
> fs/smb/client/cached_dir.c | 16 ++++++++++++++++
> fs/smb/client/cached_dir.h | 1 +
> 2 files changed, 17 insertions(+)
>
> diff --git a/fs/smb/client/cached_dir.c b/fs/smb/client/cached_dir.c
> index 9b5bbb7b6e4b..9c9a348062d3 100644
> --- a/fs/smb/client/cached_dir.c
> +++ b/fs/smb/client/cached_dir.c
> @@ -199,6 +199,12 @@ int open_cached_dir(unsigned int xid, struct cifs_tcon *tcon,
> return -ENOENT;
> }
>
> + /*
> + * the following is a critical section. We need to make sure that the
> + * callers are serialized per-cfid
> + */
> + mutex_lock(&cfid->cfid_mutex);
> +
> /*
> * check again that the cfid is valid (with mutex held this time).
> * Return cached fid if it is valid (has a lease and has a time).
> @@ -209,11 +215,13 @@ int open_cached_dir(unsigned int xid, struct cifs_tcon *tcon,
> spin_lock(&cfid->fid_lock);
> if (cfid->has_lease && cfid->time) {
> spin_unlock(&cfid->fid_lock);
> + mutex_unlock(&cfid->cfid_mutex);
> *ret_cfid = cfid;
> kfree(utf16_path);
> return 0;
> } else if (!cfid->has_lease) {
> spin_unlock(&cfid->fid_lock);
> + mutex_unlock(&cfid->cfid_mutex);
> /* drop the ref that we have */
> kref_put(&cfid->refcount, smb2_close_cached_fid);
> kfree(utf16_path);
> @@ -413,12 +421,15 @@ int open_cached_dir(unsigned int xid, struct cifs_tcon *tcon,
> }
> spin_unlock(&cfid->fid_lock);
> spin_unlock(&cfids->cfid_list_lock);
> + mutex_unlock(&cfid->cfid_mutex);
>
> kref_put(&cfid->refcount, smb2_close_cached_fid);
> } else {
> + mutex_unlock(&cfid->cfid_mutex);
> *ret_cfid = cfid;
> atomic_inc(&tcon->num_remote_opens);
> }
> +
> kfree(utf16_path);
>
> if (is_replayable_error(rc) &&
> @@ -462,6 +473,9 @@ smb2_close_cached_fid(struct kref *ref)
> refcount);
> int rc;
>
> + /* make sure not to race with server open */
> + mutex_lock(&cfid->cfid_mutex);
> +
> spin_lock(&cfid->cfids->cfid_list_lock);
> if (cfid->on_list) {
> list_del(&cfid->entry);
> @@ -482,6 +496,7 @@ smb2_close_cached_fid(struct kref *ref)
> if (rc) /* should we retry on -EBUSY or -EAGAIN? */
> cifs_dbg(VFS, "close cached dir rc %d\n", rc);
> }
> + mutex_unlock(&cfid->cfid_mutex);
>
> free_cached_dir(cfid);
> }
> @@ -696,6 +711,7 @@ static struct cached_fid *init_cached_dir(const char *path)
> INIT_LIST_HEAD(&cfid->entry);
> INIT_LIST_HEAD(&cfid->dirents.entries);
> mutex_init(&cfid->dirents.de_mutex);
> + mutex_init(&cfid->cfid_mutex);
> spin_lock_init(&cfid->fid_lock);
> kref_init(&cfid->refcount);
> return cfid;
> diff --git a/fs/smb/client/cached_dir.h b/fs/smb/client/cached_dir.h
> index bc8a812ff95f..b6642b65c752 100644
> --- a/fs/smb/client/cached_dir.h
> +++ b/fs/smb/client/cached_dir.h
> @@ -42,6 +42,7 @@ struct cached_fid {
> struct kref refcount;
> struct cifs_fid fid;
> spinlock_t fid_lock;
> + struct mutex cfid_mutex;
> struct cifs_tcon *tcon;
> struct dentry *dentry;
> struct work_struct put_work;
> --
> 2.43.0
>
Hi Steve,
This is an updated version of the patch with an additional fix of an
issue that I found during testing. cfid_mutex was held while rolling
back the cache in failure of open_cached_dir.
Please add a CC stable on this one as well.
--
Regards,
Shyam
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2025-06-19 10:16 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-06-19 10:12 [PATCH 4/6] cifs: serialize initialization and cleanup of cfid nspmangalore
2025-06-19 10:15 ` Shyam Prasad N
-- strict thread matches above, loose matches on Subject: below --
2025-06-13 14:56 [PATCH 2/6] cifs: protect cfid accesses with fid_lock nspmangalore
2025-06-13 14:56 ` [PATCH 4/6] cifs: serialize initialization and cleanup of cfid nspmangalore
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox