Linux-CIFS Archive on lore.kernel.org
 help / color / Atom feed
* [PATCH] smb3: fix unmount hang in open_shroot
@ 2019-09-12 23:10 Steve French
  2019-09-13 11:34 ` Aurélien Aptel
  0 siblings, 1 reply; 4+ messages in thread
From: Steve French @ 2019-09-12 23:10 UTC (permalink / raw)
  To: CIFS; +Cc: Pavel Shilovsky, Aurélien Aptel

[-- Attachment #1: Type: text/plain, Size: 1915 bytes --]

smb3: fix unmount hang in open_shroot

An earlier patch "CIFS: fix deadlock in cached root handling"
did not completely address the deadlock in open_shroot. This
patch addresses the deadlock.

In testing the recent patch:
  smb3: improve handling of share deleted (and share recreated)
we were able to reproduce the open_shroot deadlock to one
of the target servers in unmount in a delete share scenario.

Fixes: 7e5a70ad88b1e ("CIFS: fix deadlock in cached root handling")

Suggested-by: Pavel Shilovsky <pshilov@microsoft.com>
Reviewed-by: Pavel Shilovsky <pshilov@microsoft.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
CC: Aurelien Aptel <aaptel@suse.com>
CC: Stable <stable@vger.kernel.org>
---
 fs/cifs/smb2ops.c | 17 +++++++++--------
 1 file changed, 9 insertions(+), 8 deletions(-)

diff --git a/fs/cifs/smb2ops.c b/fs/cifs/smb2ops.c
index 3672ce0bfbaf..150327ebb2b4 100644
--- a/fs/cifs/smb2ops.c
+++ b/fs/cifs/smb2ops.c
@@ -658,6 +658,15 @@ int open_shroot(unsigned int xid, struct
cifs_tcon *tcon, struct cifs_fid *pfid)
  return 0;
  }

+ /*
+ * We do not hold the lock for the open because in case
+ * SMB2_open needs to reconnect, it will end up calling
+ * cifs_mark_open_files_invalid() which takes the lock again
+ * thus causing a deadlock
+ */
+
+ mutex_unlock(&tcon->crfid.fid_mutex);
+
  if (smb3_encryption_required(tcon))
  flags |= CIFS_TRANSFORM_REQ;

@@ -696,14 +705,6 @@ int open_shroot(unsigned int xid, struct
cifs_tcon *tcon, struct cifs_fid *pfid)

  smb2_set_related(&rqst[1]);

- /*
- * We do not hold the lock for the open because in case
- * SMB2_open needs to reconnect, it will end up calling
- * cifs_mark_open_files_invalid() which takes the lock again
- * thus causing a deadlock
- */
-
- mutex_unlock(&tcon->crfid.fid_mutex);
  rc = compound_send_recv(xid, ses, flags, 2, rqst,
  resp_buftype, rsp_iov);
  mutex_lock(&tcon->crfid.fid_mutex);

--
Thanks,

Steve

[-- Attachment #2: 0001-smb3-fix-unmount-hang-in-open_shroot.patch --]
[-- Type: text/x-patch, Size: 2097 bytes --]

From 1f16bb0483a133882dc2f405dfcc26daa30b9117 Mon Sep 17 00:00:00 2001
From: Steve French <stfrench@microsoft.com>
Date: Thu, 12 Sep 2019 17:52:54 -0500
Subject: [PATCH] smb3: fix unmount hang in open_shroot

An earlier patch "CIFS: fix deadlock in cached root handling"
did not completely address the deadlock in open_shroot. This
patch addresses the deadlock.

In testing the recent patch:
  smb3: improve handling of share deleted (and share recreated)
we were able to reproduce the open_shroot deadlock to one
of the target servers in unmount in a delete share scenario.

Fixes: 7e5a70ad88b1e ("CIFS: fix deadlock in cached root handling")

Suggested-by: Pavel Shilovsky <pshilov@microsoft.com>
Reviewed-by: Pavel Shilovsky <pshilov@microsoft.com>
Signed-off-by: Steve French <stfrench@microsoft.com>
CC: Aurelien Aptel <aaptel@suse.com>
CC: Stable <stable@vger.kernel.org>
---
 fs/cifs/smb2ops.c | 17 +++++++++--------
 1 file changed, 9 insertions(+), 8 deletions(-)

diff --git a/fs/cifs/smb2ops.c b/fs/cifs/smb2ops.c
index 3672ce0bfbaf..150327ebb2b4 100644
--- a/fs/cifs/smb2ops.c
+++ b/fs/cifs/smb2ops.c
@@ -658,6 +658,15 @@ int open_shroot(unsigned int xid, struct cifs_tcon *tcon, struct cifs_fid *pfid)
 		return 0;
 	}
 
+	/*
+	 * We do not hold the lock for the open because in case
+	 * SMB2_open needs to reconnect, it will end up calling
+	 * cifs_mark_open_files_invalid() which takes the lock again
+	 * thus causing a deadlock
+	 */
+
+	mutex_unlock(&tcon->crfid.fid_mutex);
+
 	if (smb3_encryption_required(tcon))
 		flags |= CIFS_TRANSFORM_REQ;
 
@@ -696,14 +705,6 @@ int open_shroot(unsigned int xid, struct cifs_tcon *tcon, struct cifs_fid *pfid)
 
 	smb2_set_related(&rqst[1]);
 
-	/*
-	 * We do not hold the lock for the open because in case
-	 * SMB2_open needs to reconnect, it will end up calling
-	 * cifs_mark_open_files_invalid() which takes the lock again
-	 * thus causing a deadlock
-	 */
-
-	mutex_unlock(&tcon->crfid.fid_mutex);
 	rc = compound_send_recv(xid, ses, flags, 2, rqst,
 				resp_buftype, rsp_iov);
 	mutex_lock(&tcon->crfid.fid_mutex);
-- 
2.20.1


^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH] smb3: fix unmount hang in open_shroot
  2019-09-12 23:10 [PATCH] smb3: fix unmount hang in open_shroot Steve French
@ 2019-09-13 11:34 ` Aurélien Aptel
  2019-09-13 14:36   ` Aurélien Aptel
  0 siblings, 1 reply; 4+ messages in thread
From: Aurélien Aptel @ 2019-09-13 11:34 UTC (permalink / raw)
  To: Steve French, CIFS; +Cc: Pavel Shilovsky

"Steve French" <smfrench@gmail.com> writes:
> + /*
> + * We do not hold the lock for the open because in case
> + * SMB2_open needs to reconnect, it will end up calling
> + * cifs_mark_open_files_invalid() which takes the lock again
> + * thus causing a deadlock
> + */
> +
> + mutex_unlock(&tcon->crfid.fid_mutex);
> +

Good catch. Since the compounding changes it is SMB2_open_init() that is
triggering the reconnect -> mark_open_files_invalid() code path so it
looks good to me. Might be worth updating the comment to
s/SMB2_open/SMB2_open_init/ before you commit.

Reviewed-by: Aurelien Aptel <aaptel@suse.com>

Cheers,
-- 
Aurélien Aptel / SUSE Labs Samba Team
GPG: 1839 CB5F 9F5B FB9B AA97  8C99 03C8 A49B 521B D5D3
SUSE Software Solutions Germany GmbH, Maxfeldstr. 5, 90409 Nürnberg, DE
GF: Felix Imendörffer, Mary Higgins, Sri Rasiah HRB 247165 (AG München)

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH] smb3: fix unmount hang in open_shroot
  2019-09-13 11:34 ` Aurélien Aptel
@ 2019-09-13 14:36   ` Aurélien Aptel
  2019-09-13 16:35     ` Pavel Shilovsky
  0 siblings, 1 reply; 4+ messages in thread
From: Aurélien Aptel @ 2019-09-13 14:36 UTC (permalink / raw)
  To: Steve French, CIFS; +Cc: Pavel Shilovsky

Aurélien Aptel  <aaptel@suse.com> writes:
> Good catch. Since the compounding changes it is SMB2_open_init() that is
> triggering the reconnect -> mark_open_files_invalid() code path so it
> looks good to me. Might be worth updating the comment to
> s/SMB2_open/SMB2_open_init/ before you commit.

Ah it seems you also need to make SMB2_open_init exit via the oshr_free
label otherwise you the mutex gets unlocked twice (see Dan Carpenter
automatic test email). This smatch tool is pretty nice...

Cheers
-- 
Aurélien Aptel / SUSE Labs Samba Team
GPG: 1839 CB5F 9F5B FB9B AA97  8C99 03C8 A49B 521B D5D3
SUSE Software Solutions Germany GmbH, Maxfeldstr. 5, 90409 Nürnberg, DE
GF: Felix Imendörffer, Mary Higgins, Sri Rasiah HRB 247165 (AG München)

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH] smb3: fix unmount hang in open_shroot
  2019-09-13 14:36   ` Aurélien Aptel
@ 2019-09-13 16:35     ` Pavel Shilovsky
  0 siblings, 0 replies; 4+ messages in thread
From: Pavel Shilovsky @ 2019-09-13 16:35 UTC (permalink / raw)
  To: Aurélien Aptel; +Cc: Steve French, CIFS

Agree. Both SMB2_open_init and SMB2_query_info_init should exit
through oshr_free to avoid double unlock.
--
Best regards,
Pavel Shilovsky

пт, 13 сент. 2019 г. в 07:36, Aurélien Aptel <aaptel@suse.com>:
>
> Aurélien Aptel  <aaptel@suse.com> writes:
> > Good catch. Since the compounding changes it is SMB2_open_init() that is
> > triggering the reconnect -> mark_open_files_invalid() code path so it
> > looks good to me. Might be worth updating the comment to
> > s/SMB2_open/SMB2_open_init/ before you commit.
>
> Ah it seems you also need to make SMB2_open_init exit via the oshr_free
> label otherwise you the mutex gets unlocked twice (see Dan Carpenter
> automatic test email). This smatch tool is pretty nice...
>
> Cheers
> --
> Aurélien Aptel / SUSE Labs Samba Team
> GPG: 1839 CB5F 9F5B FB9B AA97  8C99 03C8 A49B 521B D5D3
> SUSE Software Solutions Germany GmbH, Maxfeldstr. 5, 90409 Nürnberg, DE
> GF: Felix Imendörffer, Mary Higgins, Sri Rasiah HRB 247165 (AG München)

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, back to index

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-09-12 23:10 [PATCH] smb3: fix unmount hang in open_shroot Steve French
2019-09-13 11:34 ` Aurélien Aptel
2019-09-13 14:36   ` Aurélien Aptel
2019-09-13 16:35     ` Pavel Shilovsky

Linux-CIFS Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/linux-cifs/0 linux-cifs/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-cifs linux-cifs/ https://lore.kernel.org/linux-cifs \
		linux-cifs@vger.kernel.org
	public-inbox-index linux-cifs

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.linux-cifs


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git