From: Tetsuo Handa <penguin-kernel@i-love.sakura.ne.jp>
To: Christoph Hellwig <hch@lst.de>, Jens Axboe <axboe@kernel.dk>
Cc: linux-block@vger.kernel.org
Subject: Re: loop cleanups
Date: Tue, 22 Jun 2021 20:15:27 +0900 [thread overview]
Message-ID: <48fc3b1d-37b2-3f1f-3b2d-63a5711491bd@i-love.sakura.ne.jp> (raw)
In-Reply-To: <20210621101547.3764003-1-hch@lst.de>
On 2021/06/21 19:15, Christoph Hellwig wrote:
> Hi Jens,
>
> this series contains a bunch of cleanups for the loop driver,
> mostly related to probing and the control device.
>
Please fold
diff --git a/drivers/block/loop.c b/drivers/block/loop.c
index a4a5466b998f..6c10400d4d38 100644
--- a/drivers/block/loop.c
+++ b/drivers/block/loop.c
@@ -2163,8 +2163,9 @@ static int loop_add(int i)
disk->queue = lo->lo_queue;
sprintf(disk->disk_name, "loop%d", i);
add_disk(disk);
+ err = lo->lo_number;
mutex_unlock(&loop_ctl_mutex);
- return lo->lo_number;
+ return err;
out_free_queue:
blk_cleanup_queue(lo->lo_queue);
@@ -2253,8 +2254,9 @@ static int loop_control_get_free(int idx)
mutex_unlock(&loop_ctl_mutex);
return loop_add(-1);
found:
+ ret = lo->lo_number;
mutex_unlock(&loop_ctl_mutex);
- return lo->lo_number;
+ return ret;
}
static long loop_control_ioctl(struct file *file, unsigned int cmd,
into this series, for "mutex_unlock(&loop_ctl_mutex)" allows loop_control_remove()
to call "kfree(lo)" before "return lo->lo_number" is evaluated.
By the way, how can we fix a regression introduced by commit 6cc8e7430801fa23
("loop: scale loop device by introducing per device lock") ?
Conditionally holding global lock like below untested diff?
drivers/block/loop.c | 67 +++++++++++++++++++++++++++++++++++++++++----------
1 file changed, 55 insertions(+), 12 deletions(-)
diff --git a/drivers/block/loop.c b/drivers/block/loop.c
index a4a5466b998f..f755ef82ee51 100644
--- a/drivers/block/loop.c
+++ b/drivers/block/loop.c
@@ -86,6 +86,7 @@
static DEFINE_IDR(loop_index_idr);
static DEFINE_MUTEX(loop_ctl_mutex);
+static DEFINE_MUTEX(loop_configure_mutex);
static int max_part;
static int part_shift;
@@ -680,9 +681,12 @@ static int loop_validate_file(struct file *file, struct block_device *bdev)
return -EBADF;
l = I_BDEV(f->f_mapping->host)->bd_disk->private_data;
- if (l->lo_state != Lo_bound) {
+ /*
+ * loop_configure_mutex protects us from observing
+ * l->lo_state == Lo_bound but l->lo_backing_file == NULL.
+ */
+ if (l->lo_state != Lo_bound)
return -EINVAL;
- }
f = l->lo_backing_file;
}
if (!S_ISREG(inode->i_mode) && !S_ISBLK(inode->i_mode))
@@ -704,10 +708,26 @@ static int loop_change_fd(struct loop_device *lo, struct block_device *bdev,
struct file *file = NULL, *old_file;
int error;
bool partscan;
+ bool need_global_lock;
+ file = fget(arg);
+ if (!file)
+ return -EBADF;
+ need_global_lock = is_loop_device(file);
+ if (need_global_lock) {
+ error = mutex_lock_killable(&loop_configure_mutex);
+ if (error) {
+ fput(file);
+ return error;
+ }
+ }
error = mutex_lock_killable(&lo->lo_mutex);
- if (error)
+ if (error) {
+ if (need_global_lock)
+ mutex_unlock(&loop_configure_mutex);
+ fput(file);
return error;
+ }
error = -ENXIO;
if (lo->lo_state != Lo_bound)
goto out_err;
@@ -717,11 +737,6 @@ static int loop_change_fd(struct loop_device *lo, struct block_device *bdev,
if (!(lo->lo_flags & LO_FLAGS_READ_ONLY))
goto out_err;
- error = -EBADF;
- file = fget(arg);
- if (!file)
- goto out_err;
-
error = loop_validate_file(file, bdev);
if (error)
goto out_err;
@@ -745,6 +760,8 @@ static int loop_change_fd(struct loop_device *lo, struct block_device *bdev,
blk_mq_unfreeze_queue(lo->lo_queue);
partscan = lo->lo_flags & LO_FLAGS_PARTSCAN;
mutex_unlock(&lo->lo_mutex);
+ if (need_global_lock)
+ mutex_unlock(&loop_configure_mutex);
/*
* We must drop file reference outside of lo_mutex as dropping
* the file ref can take bd_mutex which creates circular locking
@@ -757,8 +774,9 @@ static int loop_change_fd(struct loop_device *lo, struct block_device *bdev,
out_err:
mutex_unlock(&lo->lo_mutex);
- if (file)
- fput(file);
+ if (need_global_lock)
+ mutex_unlock(&loop_configure_mutex);
+ fput(file);
return error;
}
@@ -1074,6 +1092,7 @@ static int loop_configure(struct loop_device *lo, fmode_t mode,
loff_t size;
bool partscan;
unsigned short bsize;
+ bool need_global_lock;
/* This is safe, since we have a reference from open(). */
__module_get(THIS_MODULE);
@@ -1093,9 +1112,18 @@ static int loop_configure(struct loop_device *lo, fmode_t mode,
goto out_putf;
}
+ need_global_lock = is_loop_device(file);
+ if (need_global_lock) {
+ error = mutex_lock_killable(&loop_configure_mutex);
+ if (error)
+ goto out_bdev;
+ }
error = mutex_lock_killable(&lo->lo_mutex);
- if (error)
+ if (error) {
+ if (need_global_lock)
+ mutex_unlock(&loop_configure_mutex);
goto out_bdev;
+ }
error = -EBUSY;
if (lo->lo_state != Lo_unbound)
@@ -1173,6 +1201,8 @@ static int loop_configure(struct loop_device *lo, fmode_t mode,
*/
bdgrab(bdev);
mutex_unlock(&lo->lo_mutex);
+ if (need_global_lock)
+ mutex_unlock(&loop_configure_mutex);
if (partscan)
loop_reread_partitions(lo, bdev);
if (!(mode & FMODE_EXCL))
@@ -1181,6 +1211,8 @@ static int loop_configure(struct loop_device *lo, fmode_t mode,
out_unlock:
mutex_unlock(&lo->lo_mutex);
+ if (need_global_lock)
+ mutex_unlock(&loop_configure_mutex);
out_bdev:
if (!(mode & FMODE_EXCL))
bd_abort_claiming(bdev, loop_configure);
@@ -1309,11 +1341,17 @@ static int loop_clr_fd(struct loop_device *lo)
{
int err;
- err = mutex_lock_killable(&lo->lo_mutex);
+ err = mutex_lock_killable(&loop_configure_mutex);
if (err)
return err;
+ err = mutex_lock_killable(&lo->lo_mutex);
+ if (err) {
+ mutex_unlock(&loop_configure_mutex);
+ return err;
+ }
if (lo->lo_state != Lo_bound) {
mutex_unlock(&lo->lo_mutex);
+ mutex_unlock(&loop_configure_mutex);
return -ENXIO;
}
/*
@@ -1329,10 +1367,12 @@ static int loop_clr_fd(struct loop_device *lo)
if (atomic_read(&lo->lo_refcnt) > 1) {
lo->lo_flags |= LO_FLAGS_AUTOCLEAR;
mutex_unlock(&lo->lo_mutex);
+ mutex_unlock(&loop_configure_mutex);
return 0;
}
lo->lo_state = Lo_rundown;
mutex_unlock(&lo->lo_mutex);
+ mutex_unlock(&loop_configure_mutex);
return __loop_clr_fd(lo, false);
}
@@ -1897,6 +1937,7 @@ static void lo_release(struct gendisk *disk, fmode_t mode)
{
struct loop_device *lo = disk->private_data;
+ mutex_lock(&loop_configure_mutex);
mutex_lock(&lo->lo_mutex);
if (atomic_dec_return(&lo->lo_refcnt))
goto out_unlock;
@@ -1906,6 +1947,7 @@ static void lo_release(struct gendisk *disk, fmode_t mode)
goto out_unlock;
lo->lo_state = Lo_rundown;
mutex_unlock(&lo->lo_mutex);
+ mutex_unlock(&loop_configure_mutex);
/*
* In autoclear mode, stop the loop thread
* and remove configuration after last close.
@@ -1923,6 +1965,7 @@ static void lo_release(struct gendisk *disk, fmode_t mode)
out_unlock:
mutex_unlock(&lo->lo_mutex);
+ mutex_unlock(&loop_configure_mutex);
}
static const struct block_device_operations lo_fops = {
next prev parent reply other threads:[~2021-06-22 11:15 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-06-21 10:15 loop cleanups Christoph Hellwig
2021-06-21 10:15 ` [PATCH 1/9] loop: reorder loop_exit Christoph Hellwig
2021-06-21 20:04 ` Chaitanya Kulkarni
2021-06-21 10:15 ` [PATCH 2/9] loop: reduce loop_ctl_mutex coverage in loop_exit Christoph Hellwig
2021-06-21 20:07 ` Chaitanya Kulkarni
2021-06-21 10:15 ` [PATCH 3/9] loop: remove the l argument to loop_add Christoph Hellwig
2021-06-21 20:09 ` Chaitanya Kulkarni
2021-06-21 10:15 ` [PATCH 4/9] loop: don't call loop_lookup before adding a loop device Christoph Hellwig
2021-06-21 10:15 ` [PATCH 5/9] loop: split loop_control_ioctl Christoph Hellwig
2021-06-21 20:14 ` Chaitanya Kulkarni
2021-06-21 10:15 ` [PATCH 6/9] loop: move loop_ctl_mutex locking into loop_add Christoph Hellwig
2021-06-21 20:16 ` Chaitanya Kulkarni
2021-06-21 10:15 ` [PATCH 7/9] loop: don't allow deleting an unspecified loop device Christoph Hellwig
2021-06-21 10:15 ` [PATCH 8/9] loop: split loop_lookup Christoph Hellwig
2021-06-21 10:15 ` [PATCH 9/9] loop: rewrite loop_exit using idr_for_each_entry Christoph Hellwig
2021-06-21 20:20 ` Chaitanya Kulkarni
2021-06-22 11:15 ` Tetsuo Handa [this message]
2021-06-23 14:41 ` loop cleanups Christoph Hellwig
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=48fc3b1d-37b2-3f1f-3b2d-63a5711491bd@i-love.sakura.ne.jp \
--to=penguin-kernel@i-love.sakura.ne.jp \
--cc=axboe@kernel.dk \
--cc=hch@lst.de \
--cc=linux-block@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).