From: Jan Kara <jack@suse.cz>
To: Al Viro <viro@ZenIV.linux.org.uk>
Cc: dchinner@redhat.com, LKML <linux-kernel@vger.kernel.org>,
linux-fsdevel@vger.kernel.org, Jan Kara <jack@suse.cz>
Subject: [PATCH 16/27] fs: Protect write paths by sb_start_write - sb_end_write
Date: Mon, 16 Apr 2012 18:13:54 +0200 [thread overview]
Message-ID: <1334592845-22862-17-git-send-email-jack@suse.cz> (raw)
In-Reply-To: <1334592845-22862-1-git-send-email-jack@suse.cz>
There are several entry points which dirty pages in a filesystem. mmap
(handled by block_page_mkwrite()), buffered write (handled by
__generic_file_aio_write()), splice write (generic_file_splice_write),
truncate, and fallocate (these can dirty last partial page - handled inside
each filesystem separately). Protect these places with sb_start_write() and
sb_end_write().
->page_mkwrite() calls are particularly complex since they are called with
mmap_sem held and thus we cannot use standard sb_start_write() due to lock
ordering constraints. We solve the problem by using a special freeze protection
sb_start_pagefault() which ranks below mmap_sem.
BugLink: https://bugs.launchpad.net/bugs/897421
Tested-by: Kamal Mostafa <kamal@canonical.com>
Tested-by: Peter M. Petrakis <peter.petrakis@canonical.com>
Tested-by: Dann Frazier <dann.frazier@canonical.com>
Tested-by: Massimo Morana <massimo.morana@canonical.com>
Signed-off-by: Jan Kara <jack@suse.cz>
---
fs/buffer.c | 22 ++++------------------
fs/open.c | 7 ++++++-
fs/splice.c | 3 +++
mm/filemap.c | 12 ++++++++++--
mm/filemap_xip.c | 5 +++--
5 files changed, 26 insertions(+), 23 deletions(-)
diff --git a/fs/buffer.c b/fs/buffer.c
index b8a2386..0331d4a 100644
--- a/fs/buffer.c
+++ b/fs/buffer.c
@@ -2301,8 +2301,8 @@ EXPORT_SYMBOL(block_commit_write);
* beyond EOF, then the page is guaranteed safe against truncation until we
* unlock the page.
*
- * Direct callers of this function should call vfs_check_frozen() so that page
- * fault does not busyloop until the fs is thawed.
+ * Direct callers of this function should protect against filesystem freezing
+ * using sb_start_write() - sb_end_write() functions.
*/
int __block_page_mkwrite(struct vm_area_struct *vma, struct vm_fault *vmf,
get_block_t get_block)
@@ -2340,18 +2340,7 @@ int __block_page_mkwrite(struct vm_area_struct *vma, struct vm_fault *vmf,
if (unlikely(ret < 0))
goto out_unlock;
- /*
- * Freezing in progress? We check after the page is marked dirty and
- * with page lock held so if the test here fails, we are sure freezing
- * code will wait during syncing until the page fault is done - at that
- * point page will be dirty and unlocked so freezing code will write it
- * and writeprotect it again.
- */
set_page_dirty(page);
- if (inode->i_sb->s_frozen != SB_UNFROZEN) {
- ret = -EAGAIN;
- goto out_unlock;
- }
wait_on_page_writeback(page);
return 0;
out_unlock:
@@ -2366,12 +2355,9 @@ int block_page_mkwrite(struct vm_area_struct *vma, struct vm_fault *vmf,
int ret;
struct super_block *sb = vma->vm_file->f_path.dentry->d_inode->i_sb;
- /*
- * This check is racy but catches the common case. The check in
- * __block_page_mkwrite() is reliable.
- */
- vfs_check_frozen(sb, SB_FREEZE_WRITE);
+ sb_start_pagefault(sb);
ret = __block_page_mkwrite(vma, vmf, get_block);
+ sb_end_pagefault(sb);
return block_page_mkwrite_return(ret);
}
EXPORT_SYMBOL(block_page_mkwrite);
diff --git a/fs/open.c b/fs/open.c
index 06afb5b..e3181a4 100644
--- a/fs/open.c
+++ b/fs/open.c
@@ -164,11 +164,13 @@ static long do_sys_ftruncate(unsigned int fd, loff_t length, int small)
if (IS_APPEND(inode))
goto out_putf;
+ sb_start_write(inode->i_sb);
error = locks_verify_truncate(inode, file, length);
if (!error)
error = security_path_truncate(&file->f_path);
if (!error)
error = do_truncate(dentry, length, ATTR_MTIME|ATTR_CTIME, file);
+ sb_end_write(inode->i_sb);
out_putf:
fput(file);
out:
@@ -266,7 +268,10 @@ int do_fallocate(struct file *file, int mode, loff_t offset, loff_t len)
if (!file->f_op->fallocate)
return -EOPNOTSUPP;
- return file->f_op->fallocate(file, mode, offset, len);
+ sb_start_write(inode->i_sb);
+ ret = file->f_op->fallocate(file, mode, offset, len);
+ sb_end_write(inode->i_sb);
+ return ret;
}
SYSCALL_DEFINE(fallocate)(int fd, int mode, loff_t offset, loff_t len)
diff --git a/fs/splice.c b/fs/splice.c
index f847684..e06da17 100644
--- a/fs/splice.c
+++ b/fs/splice.c
@@ -992,6 +992,8 @@ generic_file_splice_write(struct pipe_inode_info *pipe, struct file *out,
};
ssize_t ret;
+ sb_start_write(inode->i_sb);
+
pipe_lock(pipe);
splice_from_pipe_begin(&sd);
@@ -1028,6 +1030,7 @@ generic_file_splice_write(struct pipe_inode_info *pipe, struct file *out,
*ppos += ret;
balance_dirty_pages_ratelimited_nr(mapping, nr_pages);
}
+ sb_end_write(inode->i_sb);
return ret;
}
diff --git a/mm/filemap.c b/mm/filemap.c
index aec7356..689ffdb 100644
--- a/mm/filemap.c
+++ b/mm/filemap.c
@@ -1757,6 +1757,7 @@ int filemap_page_mkwrite(struct vm_area_struct *vma, struct vm_fault *vmf)
struct inode *inode = vma->vm_file->f_path.dentry->d_inode;
int ret = VM_FAULT_LOCKED;
+ sb_start_pagefault(inode->i_sb);
file_update_time(vma->vm_file);
lock_page(page);
if (page->mapping != inode->i_mapping) {
@@ -1764,7 +1765,14 @@ int filemap_page_mkwrite(struct vm_area_struct *vma, struct vm_fault *vmf)
ret = VM_FAULT_NOPAGE;
goto out;
}
+ /*
+ * We mark the page dirty already here so that when freeze is in
+ * progress, we are guaranteed that writeback during freezing will
+ * see the dirty page and writeprotect it again.
+ */
+ set_page_dirty(page);
out:
+ sb_end_pagefault(inode->i_sb);
return ret;
}
EXPORT_SYMBOL(filemap_page_mkwrite);
@@ -2530,8 +2538,6 @@ ssize_t __generic_file_aio_write(struct kiocb *iocb, const struct iovec *iov,
count = ocount;
pos = *ppos;
- vfs_check_frozen(inode->i_sb, SB_FREEZE_WRITE);
-
/* We can write back this queue in page reclaim */
current->backing_dev_info = mapping->backing_dev_info;
written = 0;
@@ -2628,6 +2634,7 @@ ssize_t generic_file_aio_write(struct kiocb *iocb, const struct iovec *iov,
BUG_ON(iocb->ki_pos != pos);
+ sb_start_write(inode->i_sb);
mutex_lock(&inode->i_mutex);
blk_start_plug(&plug);
ret = __generic_file_aio_write(iocb, iov, nr_segs, &iocb->ki_pos);
@@ -2641,6 +2648,7 @@ ssize_t generic_file_aio_write(struct kiocb *iocb, const struct iovec *iov,
ret = err;
}
blk_finish_plug(&plug);
+ sb_end_write(inode->i_sb);
return ret;
}
EXPORT_SYMBOL(generic_file_aio_write);
diff --git a/mm/filemap_xip.c b/mm/filemap_xip.c
index 591dba6..b051f0d 100644
--- a/mm/filemap_xip.c
+++ b/mm/filemap_xip.c
@@ -402,6 +402,8 @@ xip_file_write(struct file *filp, const char __user *buf, size_t len,
loff_t pos;
ssize_t ret;
+ sb_start_write(inode->i_sb);
+
mutex_lock(&inode->i_mutex);
if (!access_ok(VERIFY_READ, buf, len)) {
@@ -412,8 +414,6 @@ xip_file_write(struct file *filp, const char __user *buf, size_t len,
pos = *ppos;
count = len;
- vfs_check_frozen(inode->i_sb, SB_FREEZE_WRITE);
-
/* We can write back this queue in page reclaim */
current->backing_dev_info = mapping->backing_dev_info;
@@ -435,6 +435,7 @@ xip_file_write(struct file *filp, const char __user *buf, size_t len,
current->backing_dev_info = NULL;
out_up:
mutex_unlock(&inode->i_mutex);
+ sb_end_write(inode->i_sb);
return ret;
}
EXPORT_SYMBOL_GPL(xip_file_write);
--
1.7.1
next prev parent reply other threads:[~2012-04-16 16:13 UTC|newest]
Thread overview: 42+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-04-16 16:13 [PATCH 00/19 v5] Fix filesystem freezing deadlocks Jan Kara
2012-04-16 16:13 ` [PATCH 01/27] fb_defio: Push file_update_time() into fb_deferred_io_mkwrite() Jan Kara
2012-04-16 16:13 ` [PATCH 02/27] fs: Push file_update_time() into __block_page_mkwrite() Jan Kara
2012-04-16 16:13 ` [PATCH 03/27] ceph: Push file_update_time() into ceph_page_mkwrite() Jan Kara
2012-04-16 16:13 ` [PATCH 04/27] 9p: Push file_update_time() into v9fs_vm_page_mkwrite() Jan Kara
2012-04-16 16:13 ` [PATCH 05/27] gfs2: Push file_update_time() into gfs2_page_mkwrite() Jan Kara
2012-04-16 16:13 ` [PATCH 06/27] sysfs: Push file_update_time() into bin_page_mkwrite() Jan Kara
2012-04-16 16:13 ` [PATCH 07/27] mm: Update file times from fault path only if .page_mkwrite is not set Jan Kara
2012-04-16 16:13 ` [PATCH 08/27] mm: Make default vm_ops provide ->page_mkwrite handler Jan Kara
2012-04-16 16:13 ` [PATCH 09/27] fs: Push mnt_want_write() outside of i_mutex Jan Kara
2012-04-17 2:18 ` Joel Becker
2012-04-17 7:43 ` Jan Kara
2012-04-16 16:13 ` [PATCH 10/27] fat: " Jan Kara
2012-04-16 16:13 ` [PATCH 11/27] btrfs: " Jan Kara
2012-04-16 16:13 ` [PATCH 12/27] nfsd: " Jan Kara
2012-04-16 18:25 ` J. Bruce Fields
2012-04-17 8:17 ` Jan Kara
2012-04-16 16:13 ` [PATCH 13/27] fs: Improve filesystem freezing handling Jan Kara
2012-04-16 16:13 ` [PATCH 14/27] fs: Add freezing handling to mnt_want_write() / mnt_drop_write() Jan Kara
2012-04-16 16:13 ` [PATCH 15/27] fs: Skip atime update on frozen filesystem Jan Kara
2012-04-16 16:13 ` Jan Kara [this message]
2012-04-16 16:13 ` [PATCH 17/27] ext4: Convert to new freezing mechanism Jan Kara
2012-04-16 16:13 ` [PATCH 18/27] xfs: Convert to new freezing code Jan Kara
2012-04-16 16:13 ` [PATCH 19/27] ocfs2: Convert to new freezing mechanism Jan Kara
2012-04-17 2:19 ` Joel Becker
2012-04-17 7:44 ` Jan Kara
2012-04-16 16:13 ` [PATCH 20/27] gfs2: " Jan Kara
2012-04-16 16:14 ` [PATCH 22/27] ntfs: " Jan Kara
2012-04-16 16:14 ` [PATCH 23/27] nilfs2: " Jan Kara
2012-04-16 16:14 ` [PATCH 24/27] btrfs: " Jan Kara
2012-04-16 16:14 ` [PATCH 25/27] fs: Remove old " Jan Kara
2012-04-16 16:14 ` [PATCH 26/27] fs: Refuse to freeze filesystem with open but unlinked files Jan Kara
2012-04-16 16:14 ` [PATCH 27/27] Documentation: Correct s_umount state for freeze_fs/unfreeze_fs Jan Kara
[not found] ` <1334592845-22862-1-git-send-email-jack-AlSwsSmVLrQ@public.gmane.org>
2012-04-16 16:13 ` [PATCH 21/27] fuse: Convert to new freezing mechanism Jan Kara
2012-04-16 16:16 ` [PATCH 00/19 v5] Fix filesystem freezing deadlocks Jan Kara
2012-04-16 22:02 ` Andreas Dilger
2012-04-17 0:43 ` Dave Chinner
2012-04-17 5:10 ` Andreas Dilger
2012-04-18 0:46 ` Chris Samuel
2012-04-17 9:32 ` Jan Kara
[not found] ` <20120417093246.GD7198-+0h/O2h83AeN3ZZ/Hiejyg@public.gmane.org>
2012-04-17 19:34 ` Joel Becker
-- strict thread matches above, loose matches on Subject: below --
2012-06-01 22:30 [PATCH 00/27 v6] " Jan Kara
2012-06-01 22:30 ` [PATCH 16/27] fs: Protect write paths by sb_start_write - sb_end_write Jan Kara
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1334592845-22862-17-git-send-email-jack@suse.cz \
--to=jack@suse.cz \
--cc=dchinner@redhat.com \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=viro@ZenIV.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).