From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=jIX+=AZ=kvack.org=owner-linux-mm@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.0 required=3.0 tests=BAYES_00,
	FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM,HEADER_FROM_DIFFERENT_DOMAINS,
	MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS autolearn=no autolearn_force=no
	version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 6D011C433E0
	for <linux-mm@archiver.kernel.org>; Tue, 14 Jul 2020 05:32:26 +0000 (UTC)
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by mail.kernel.org (Postfix) with ESMTP id C0ECE221E7
	for <linux-mm@archiver.kernel.org>; Tue, 14 Jul 2020 05:32:25 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org C0ECE221E7
Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=sina.com
Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix)
	id 318C58D0005; Tue, 14 Jul 2020 01:32:25 -0400 (EDT)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 2C72F8D0001; Tue, 14 Jul 2020 01:32:25 -0400 (EDT)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 1B6C18D0005; Tue, 14 Jul 2020 01:32:25 -0400 (EDT)
X-Delivered-To: linux-mm@kvack.org
Received: from forelay.hostedemail.com (smtprelay0040.hostedemail.com [216.40.44.40])
	by kanga.kvack.org (Postfix) with ESMTP id 06FE08D0001
	for <linux-mm@kvack.org>; Tue, 14 Jul 2020 01:32:25 -0400 (EDT)
Received: from smtpin27.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251])
	by forelay03.hostedemail.com (Postfix) with ESMTP id A8B0C8248D7C
	for <linux-mm@kvack.org>; Tue, 14 Jul 2020 05:32:24 +0000 (UTC)
X-FDA: 77035561008.27.grain35_12135e026eee
Received: from filter.hostedemail.com (10.5.16.251.rfc1918.com [10.5.16.251])
	by smtpin27.hostedemail.com (Postfix) with ESMTP id 7B4FC3D663
	for <linux-mm@kvack.org>; Tue, 14 Jul 2020 05:32:24 +0000 (UTC)
X-HE-Tag: grain35_12135e026eee
X-Filterd-Recvd-Size: 3650
Received: from mail3-165.sinamail.sina.com.cn (mail3-165.sinamail.sina.com.cn [202.108.3.165])
	by imf46.hostedemail.com (Postfix) with SMTP
	for <linux-mm@kvack.org>; Tue, 14 Jul 2020 05:32:22 +0000 (UTC)
Received: from unknown (HELO localhost.localdomain)([123.123.24.222])
	by sina.com with ESMTP
	id 5F0D4360000359F9; Tue, 14 Jul 2020 13:32:18 +0800 (CST)
X-Sender: hdanton@sina.com
X-Auth-ID: hdanton@sina.com
X-SMAIL-MID: 700190629108
From: Hillf Danton <hdanton@sina.com>
To: Eric Biggers <ebiggers@kernel.org>
Cc: Hillf Danton <hdanton@sina.com>,
	syzbot <syzbot+7a0d9d0b26efefe61780@syzkaller.appspotmail.com>,
	akpm@linux-foundation.org,
	arve@android.com,
	christian@brauner.io,
	devel@driverdev.osuosl.org,
	gregkh@linuxfoundation.org,
	hughd@google.com,
	joel@joelfernandes.org,
	linux-kernel@vger.kernel.org,
	linux-mm@kvack.org,
	maco@android.com,
	syzkaller-bugs@googlegroups.com,
	tkjos@android.com,
	Markus Elfring <Markus.Elfring@web.de>
Subject: Re: possible deadlock in shmem_fallocate (4)
Date: Tue, 14 Jul 2020 13:32:05 +0800
Message-Id: <20200714053205.15240-1-hdanton@sina.com>
In-Reply-To: <20200714034111.GD1696@sol.localdomain>
References: <0000000000000b5f9d059aa2037f@google.com> <20200714033252.8748-1-hdanton@sina.com>
MIME-Version: 1.0
X-Rspamd-Queue-Id: 7B4FC3D663
X-Spamd-Result: default: False [0.00 / 100.00]
X-Rspamd-Server: rspam02
Content-Transfer-Encoding: quoted-printable
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>


On Mon, 13 Jul 2020 20:41:11 -0700 Eric Biggers wrote:
> On Tue, Jul 14, 2020 at 11:32:52AM +0800, Hillf Danton wrote:
> >=20
> > Add FALLOC_FL_NOBLOCK and on the shmem side try to lock inode upon th=
e
> > new flag. And the overall upside is to keep the current gfp either in
> > the khugepaged context or not.
> >=20
> > --- a/include/uapi/linux/falloc.h
> > +++ b/include/uapi/linux/falloc.h
> > @@ -77,4 +77,6 @@
> >   */
> >  #define FALLOC_FL_UNSHARE_RANGE		0x40
> > =20
> > +#define FALLOC_FL_NOBLOCK		0x80
> > +
>=20
> You can't add a new UAPI flag to fix a kernel-internal problem like thi=
s.

Sounds fair, see below.

What the report indicates is a missing PF_MEMALLOC_NOFS and it's
checked on the ashmem side and added as an exception before going
to filesystem. On shmem side, no more than a best effort is paid
on the inteded exception.

--- a/drivers/staging/android/ashmem.c
+++ b/drivers/staging/android/ashmem.c
@@ -437,6 +437,7 @@ static unsigned long
 ashmem_shrink_scan(struct shrinker *shrink, struct shrink_control *sc)
 {
 	unsigned long freed =3D 0;
+	bool nofs;
=20
 	/* We might recurse into filesystem code, so bail out if necessary */
 	if (!(sc->gfp_mask & __GFP_FS))
@@ -445,6 +446,11 @@ ashmem_shrink_scan(struct shrinker *shri
 	if (!mutex_trylock(&ashmem_mutex))
 		return -1;
=20
+	/* enter filesystem with caution: nonblock on locking */
+	nofs =3D current->flags & PF_MEMALLOC_NOFS;
+	if (!nofs)
+		current->flags |=3D PF_MEMALLOC_NOFS;
+
 	while (!list_empty(&ashmem_lru_list)) {
 		struct ashmem_range *range =3D
 			list_first_entry(&ashmem_lru_list, typeof(*range), lru);
@@ -472,6 +478,8 @@ ashmem_shrink_scan(struct shrinker *shri
 	}
 	mutex_unlock(&ashmem_mutex);
 out:
+	if (!nofs)
+		current->flags &=3D ~PF_MEMALLOC_NOFS;
 	return freed;
 }
=20
--- a/mm/shmem.c
+++ b/mm/shmem.c
@@ -2728,7 +2728,12 @@ static long shmem_fallocate(struct file
 	if (mode & ~(FALLOC_FL_KEEP_SIZE | FALLOC_FL_PUNCH_HOLE))
 		return -EOPNOTSUPP;
=20
-	inode_lock(inode);
+	if (current->flags & PF_MEMALLOC_NOFS) {
+		/* this exception needs a best effort and no more */
+		if (!inode_trylock(inode))
+			return -EBUSY;
+	} else
+		inode_lock(inode);
=20
 	if (mode & FALLOC_FL_PUNCH_HOLE) {
 		struct address_space *mapping =3D file->f_mapping;