From: Jan Kara <jack@suse.cz>
To: <linux-fsdevel@vger.kernel.org>
Cc: Christoph Hellwig <hch@infradead.org>,
Amir Goldstein <amir73il@gmail.com>,
Dave Chinner <david@fromorbit.com>, Ted Tso <tytso@mit.edu>,
Jan Kara <jack@suse.cz>, Jeff Layton <jlayton@kernel.org>,
ceph-devel@vger.kernel.org
Subject: [PATCH 11/12] ceph: Fix race between hole punch and page fault
Date: Fri, 23 Apr 2021 19:29:40 +0200 [thread overview]
Message-ID: <20210423173018.23133-11-jack@suse.cz> (raw)
In-Reply-To: <20210423171010.12-1-jack@suse.cz>
Ceph has a following race between hole punching and page fault:
CPU1 CPU2
ceph_fallocate()
...
ceph_zero_pagecache_range()
ceph_filemap_fault()
faults in page in the range being
punched
ceph_zero_objects()
And now we have a page in punched range with invalid data. Fix the
problem by using mapping->invalidate_lock similarly to other
filesystems. Note that using invalidate_lock also fixes a similar race
wrt ->readpage().
CC: Jeff Layton <jlayton@kernel.org>
CC: ceph-devel@vger.kernel.org
Signed-off-by: Jan Kara <jack@suse.cz>
---
fs/ceph/addr.c | 9 ++++++---
fs/ceph/file.c | 2 ++
2 files changed, 8 insertions(+), 3 deletions(-)
diff --git a/fs/ceph/addr.c b/fs/ceph/addr.c
index 26e66436f005..4f45e9754b5a 100644
--- a/fs/ceph/addr.c
+++ b/fs/ceph/addr.c
@@ -1519,9 +1519,11 @@ static vm_fault_t ceph_filemap_fault(struct vm_fault *vmf)
ret = VM_FAULT_SIGBUS;
} else {
struct address_space *mapping = inode->i_mapping;
- struct page *page = find_or_create_page(mapping, 0,
- mapping_gfp_constraint(mapping,
- ~__GFP_FS));
+ struct page *page;
+
+ down_read(&mapping->invalidate_lock);
+ page = find_or_create_page(mapping, 0,
+ mapping_gfp_constraint(mapping, ~__GFP_FS));
if (!page) {
ret = VM_FAULT_OOM;
goto out_inline;
@@ -1542,6 +1544,7 @@ static vm_fault_t ceph_filemap_fault(struct vm_fault *vmf)
vmf->page = page;
ret = VM_FAULT_MAJOR | VM_FAULT_LOCKED;
out_inline:
+ up_read(&mapping->invalidate_lock);
dout("filemap_fault %p %llu~%zd read inline data ret %x\n",
inode, off, (size_t)PAGE_SIZE, ret);
}
diff --git a/fs/ceph/file.c b/fs/ceph/file.c
index 209535d5b8d3..40fee8ff5cf9 100644
--- a/fs/ceph/file.c
+++ b/fs/ceph/file.c
@@ -2087,6 +2087,7 @@ static long ceph_fallocate(struct file *file, int mode,
if (ret < 0)
goto unlock;
+ down_write(&inode->i_mapping->invalidate_lock);
ceph_zero_pagecache_range(inode, offset, length);
ret = ceph_zero_objects(inode, offset, length);
@@ -2099,6 +2100,7 @@ static long ceph_fallocate(struct file *file, int mode,
if (dirty)
__mark_inode_dirty(inode, dirty);
}
+ up_write(&inode->i_mapping->invalidate_lock);
ceph_put_cap_refs(ci, got);
unlock:
--
2.26.2
next prev parent reply other threads:[~2021-04-23 17:30 UTC|newest]
Thread overview: 40+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-04-23 17:29 [PATCH 0/12 v4] fs: Hole punch vs page cache filling races Jan Kara
2021-04-23 17:29 ` [PATCH 01/12] mm: Fix comments mentioning i_mutex Jan Kara
2021-04-23 17:29 ` [PATCH 02/12] mm: Protect operations adding pages to page cache with invalidate_lock Jan Kara
2021-04-23 18:30 ` Matthew Wilcox
2021-04-23 18:30 ` [f2fs-dev] " Matthew Wilcox
2021-04-23 23:04 ` Dave Chinner
2021-04-23 23:04 ` [f2fs-dev] " Dave Chinner
2021-04-26 15:46 ` Jan Kara
2021-04-26 15:46 ` [f2fs-dev] " Jan Kara
2021-04-23 17:29 ` [PATCH 03/12] ext4: Convert to use mapping->invalidate_lock Jan Kara
2021-04-23 17:29 ` [PATCH 04/12] ext2: Convert to using invalidate_lock Jan Kara
2021-04-23 17:29 ` [PATCH 05/12] xfs: Convert to use invalidate_lock Jan Kara
2021-04-23 22:39 ` Dave Chinner
2021-04-23 17:29 ` [PATCH 06/12] zonefs: Convert to using invalidate_lock Jan Kara
2021-04-26 6:40 ` Damien Le Moal
2021-04-26 16:24 ` Jan Kara
2021-04-23 17:29 ` [PATCH 07/12] f2fs: " Jan Kara
2021-04-23 19:15 ` kernel test robot
2021-04-23 19:15 ` kernel test robot
2021-04-23 20:05 ` kernel test robot
2021-04-23 20:05 ` kernel test robot
2021-04-23 17:29 ` [PATCH 08/12] fuse: " Jan Kara
2021-04-23 17:29 ` [PATCH 09/12] shmem: " Jan Kara
2021-04-29 4:12 ` Hugh Dickins
2021-04-29 4:12 ` Hugh Dickins
2021-04-29 9:30 ` Jan Kara
2021-04-23 17:29 ` [PATCH 10/12] shmem: Use invalidate_lock to protect fallocate Jan Kara
2021-04-23 19:27 ` kernel test robot
2021-04-23 19:27 ` kernel test robot
2021-04-29 3:24 ` Hugh Dickins
2021-04-29 3:24 ` Hugh Dickins
2021-04-29 9:20 ` Jan Kara
2021-04-23 17:29 ` Jan Kara [this message]
2021-04-23 17:29 ` [PATCH 12/12] cifs: Fix race between hole punch and page fault Jan Kara
2021-04-23 22:07 ` [PATCH 0/12 v4] fs: Hole punch vs page cache filling races Dave Chinner
2021-04-23 22:07 ` [f2fs-dev] " Dave Chinner
2021-04-23 23:51 ` Matthew Wilcox
2021-04-23 23:51 ` [f2fs-dev] " Matthew Wilcox
2021-04-24 6:11 ` Christoph Hellwig
2021-04-24 6:11 ` [f2fs-dev] " Christoph Hellwig
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210423173018.23133-11-jack@suse.cz \
--to=jack@suse.cz \
--cc=amir73il@gmail.com \
--cc=ceph-devel@vger.kernel.org \
--cc=david@fromorbit.com \
--cc=hch@infradead.org \
--cc=jlayton@kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.