From: Jan Kara <jack@suse.cz>
To: Theodore Ts'o <tytso@mit.edu>
Cc: Jan Kara <jack@suse.cz>, Zhang Yi <yi.zhang@huawei.com>,
linux-ext4@vger.kernel.org, adilger.kernel@dilger.ca,
yi.zhang@huaweicloud.com, yukuai3@huawei.com
Subject: Re: [RFC PATCH] ext4: dio take shared inode lock when overwriting preallocated blocks
Date: Thu, 15 Dec 2022 09:48:50 +0100 [thread overview]
Message-ID: <20221215084850.abze2sz2imwcoma5@quack3> (raw)
In-Reply-To: <Y5obcGLDZuw/NWOh@mit.edu>
On Wed 14-12-22 13:52:32, Theodore Ts'o wrote:
> On Wed, Dec 14, 2022 at 06:01:25PM +0100, Jan Kara wrote:
> >
> > Besides some naming nits (see below) I think this should work. But I have
> > to say I'm a bit uneasy about this because we will now be changing block
> > mapping from unwritten to written only with shared i_rwsem. OTOH that
> > happens during writeback as well so we should be fine and the gain is very
> > nice.
>
> Hmm.... when I was looking potential impacts of the change what
> ext4_overwrite_io() would do, I looked at the current user of that
> function in ext4_dio_write_checks().
>
> /*
> * Determine whether the IO operation will overwrite allocated
> * and initialized blocks.
> * We need exclusive i_rwsem for changing security info
> * in file_modified().
> */
> if (*ilock_shared && (!IS_NOSEC(inode) || *extend ||
> !ext4_overwrite_io(inode, offset, count))) {
> if (iocb->ki_flags & IOCB_NOWAIT) {
> ret = -EAGAIN;
> goto out;
> }
> inode_unlock_shared(inode);
> *ilock_shared = false;
> inode_lock(inode);
> goto restart;
> }
>
> ret = file_modified(file);
> if (ret < 0)
> goto out;
>
> What is confusing me is the comment, "We need exclusive i_rwsem for
> changing security info in file_modified().". But then we end up
> calling file_modified() unconditionally, regardless of whether we've
> transitioned from a shared lock to an exclusive lock.
>
> So file_modified() can get called either with or without the inode
> locked r/w. I realize that this patch doesn't change this
> inconsistency, but it appears either the comment is wrong, or the code
> is wrong.
Maybe the comment needs rephrasing but it seems correct. file_modified()
does multiple things. It updates timestamps - these are fine with shared
i_rwsem - and is calls into __file_remove_privs() to remove SUID bits etc.
Now if __file_remove_privs() is going to modify the inode, we need i_rwsem
exclusively. And we determine whether __file_remove_privs() will do
anything by checking !IS_NOSEC(inode) in the condition above. So the
sentence you're confused about speaks about this part of the condition.
Honza
--
Jan Kara <jack@suse.com>
SUSE Labs, CR
next prev parent reply other threads:[~2022-12-15 8:49 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-12-03 10:39 [RFC PATCH] ext4: dio take shared inode lock when overwriting preallocated blocks Zhang Yi
2022-12-14 13:44 ` Zhang Yi
2022-12-14 17:01 ` Jan Kara
2022-12-14 18:52 ` Theodore Ts'o
2022-12-15 8:41 ` Zhang Yi
2022-12-15 8:49 ` Zhang Yi
2022-12-15 8:48 ` Jan Kara [this message]
2022-12-15 8:24 ` Zhang Yi
2022-12-15 9:00 ` Jan Kara
2022-12-15 9:21 ` Zhang Yi
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20221215084850.abze2sz2imwcoma5@quack3 \
--to=jack@suse.cz \
--cc=adilger.kernel@dilger.ca \
--cc=linux-ext4@vger.kernel.org \
--cc=tytso@mit.edu \
--cc=yi.zhang@huawei.com \
--cc=yi.zhang@huaweicloud.com \
--cc=yukuai3@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox