* [for-linus][PATCH 0/2] eventfs: Fixes for v6.7-rc2
@ 2023-11-20 23:15 Steven Rostedt
2023-11-20 23:15 ` [for-linus][PATCH 1/2] eventfs: Remove expectation that ei->is_freed means ei->dentry == NULL Steven Rostedt
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: Steven Rostedt @ 2023-11-20 23:15 UTC (permalink / raw)
To: linux-kernel; +Cc: Masami Hiramatsu, Mark Rutland, Andrew Morton
A couple of fixes to eventfs:
- With the usage of simple_recursive_remove() recommended by Al Viro,
the code should not be calling "d_invalidate()" itself. Doing so
is causing crashes. The code was calling d_invalidate() on the race
of trying to look up a file while the parent was being deleted.
This was detected, and the added dentry was having d_invalidate() called
on it, but the deletion of the directory was also calling d_invalidate()
on that same dentry.
- A fix to not free the eventfs_inode (ei) until the last dput() was called
on its ei->dentry made the ei->dentry exist even after it was marked
for free by setting the ei->is_freed. But code elsewhere still was
checking if ei->dentry was NULL if ei->is_freed is set and would
trigger WARN_ON if that was the case. That's no longer true and there
should not be any warnings when it is true.
Steven Rostedt (Google) (2):
eventfs: Remove expectation that ei->is_freed means ei->dentry == NULL
eventfs: Do not invalidate dentry in create_file/dir_dentry()
----
fs/tracefs/event_inode.c | 41 ++++++++++++++++++-----------------------
1 file changed, 18 insertions(+), 23 deletions(-)
^ permalink raw reply [flat|nested] 4+ messages in thread
* [for-linus][PATCH 1/2] eventfs: Remove expectation that ei->is_freed means ei->dentry == NULL
2023-11-20 23:15 [for-linus][PATCH 0/2] eventfs: Fixes for v6.7-rc2 Steven Rostedt
@ 2023-11-20 23:15 ` Steven Rostedt
2023-11-20 23:15 ` [for-linus][PATCH 2/2] eventfs: Do not invalidate dentry in create_file/dir_dentry() Steven Rostedt
2023-11-20 23:50 ` [for-linus][PATCH 0/2] eventfs: Fixes for v6.7-rc2 Steven Rostedt
2 siblings, 0 replies; 4+ messages in thread
From: Steven Rostedt @ 2023-11-20 23:15 UTC (permalink / raw)
To: linux-kernel; +Cc: Masami Hiramatsu, Mark Rutland, Andrew Morton
From: "Steven Rostedt (Google)" <rostedt@goodmis.org>
The logic to free the eventfs_inode (ei) use to set is_freed and clear the
"dentry" field under the eventfs_mutex. But that changed when a race was
found where the ei->dentry needed to be cleared when the last dput() was
called on it. But there was still logic that checked if ei->dentry was not
NULL and is_freed is set, and would warn if it was.
But since that situation was changed and the ei->dentry isn't cleared
until the last dput() is called on it while the ei->is_freed is set, do
not test for that condition anymore, and change the comments to reflect
that.
Fixes: 020010fbfa20 ("eventfs: Delete eventfs_inode when the last dentry is freed")
Reported-by: Mark Rutland <mark.rutland@arm.com>
Signed-off-by: Steven Rostedt (Google) <rostedt@goodmis.org>
---
fs/tracefs/event_inode.c | 22 ++++++++++++----------
1 file changed, 12 insertions(+), 10 deletions(-)
diff --git a/fs/tracefs/event_inode.c b/fs/tracefs/event_inode.c
index f8a594a50ae6..f239b2b507a4 100644
--- a/fs/tracefs/event_inode.c
+++ b/fs/tracefs/event_inode.c
@@ -27,16 +27,16 @@
/*
* eventfs_mutex protects the eventfs_inode (ei) dentry. Any access
* to the ei->dentry must be done under this mutex and after checking
- * if ei->is_freed is not set. The ei->dentry is released under the
- * mutex at the same time ei->is_freed is set. If ei->is_freed is set
- * then the ei->dentry is invalid.
+ * if ei->is_freed is not set. When ei->is_freed is set, the dentry
+ * is on its way to being freed after the last dput() is made on it.
*/
static DEFINE_MUTEX(eventfs_mutex);
/*
* The eventfs_inode (ei) itself is protected by SRCU. It is released from
* its parent's list and will have is_freed set (under eventfs_mutex).
- * After the SRCU grace period is over, the ei may be freed.
+ * After the SRCU grace period is over and the last dput() is called
+ * the ei is freed.
*/
DEFINE_STATIC_SRCU(eventfs_srcu);
@@ -365,12 +365,14 @@ create_file_dentry(struct eventfs_inode *ei, int idx,
* created the dentry for this e_dentry. In which case
* use that one.
*
- * Note, with the mutex held, the e_dentry cannot have content
- * and the ei->is_freed be true at the same time.
+ * If ei->is_freed is set, the e_dentry is currently on its
+ * way to being freed, don't return it. If e_dentry is NULL
+ * it means it was already freed.
*/
- dentry = *e_dentry;
- if (WARN_ON_ONCE(dentry && ei->is_freed))
+ if (ei->is_freed)
dentry = NULL;
+ else
+ dentry = *e_dentry;
/* The lookup does not need to up the dentry refcount */
if (dentry && !lookup)
dget(dentry);
@@ -473,8 +475,8 @@ create_dir_dentry(struct eventfs_inode *pei, struct eventfs_inode *ei,
* created the dentry for this e_dentry. In which case
* use that one.
*
- * Note, with the mutex held, the e_dentry cannot have content
- * and the ei->is_freed be true at the same time.
+ * If ei->is_freed is set, the e_dentry is currently on its
+ * way to being freed.
*/
dentry = ei->dentry;
if (dentry && !lookup)
--
2.42.0
^ permalink raw reply related [flat|nested] 4+ messages in thread
* [for-linus][PATCH 2/2] eventfs: Do not invalidate dentry in create_file/dir_dentry()
2023-11-20 23:15 [for-linus][PATCH 0/2] eventfs: Fixes for v6.7-rc2 Steven Rostedt
2023-11-20 23:15 ` [for-linus][PATCH 1/2] eventfs: Remove expectation that ei->is_freed means ei->dentry == NULL Steven Rostedt
@ 2023-11-20 23:15 ` Steven Rostedt
2023-11-20 23:50 ` [for-linus][PATCH 0/2] eventfs: Fixes for v6.7-rc2 Steven Rostedt
2 siblings, 0 replies; 4+ messages in thread
From: Steven Rostedt @ 2023-11-20 23:15 UTC (permalink / raw)
To: linux-kernel
Cc: Masami Hiramatsu, Mark Rutland, Andrew Morton, Naresh Kamboju,
Linux Kernel Functional Testing
From: "Steven Rostedt (Google)" <rostedt@goodmis.org>
With the call to simple_recursive_removal() on the entire eventfs sub
system when the directory is removed, it performs the d_invalidate on all
the dentries when it is removed. There's no need to do clean ups when a
dentry is being created while the directory is being deleted.
As dentries are cleaned up by the simpler_recursive_removal(), trying to
do d_invalidate() in these functions will cause the dentry to be
invalidated twice, and crash the kernel.
Link: https://lore.kernel.org/all/20231116123016.140576-1-naresh.kamboju@linaro.org/
Fixes: 407c6726ca71 ("eventfs: Use simple_recursive_removal() to clean up dentries")
Reported-by: Mark Rutland <mark.rutland@arm.com>
Reported-by: Naresh Kamboju <naresh.kamboju@linaro.org>
Reported-by: Linux Kernel Functional Testing <lkft@linaro.org>
Signed-off-by: Steven Rostedt (Google) <rostedt@goodmis.org>
---
fs/tracefs/event_inode.c | 19 ++++++-------------
1 file changed, 6 insertions(+), 13 deletions(-)
diff --git a/fs/tracefs/event_inode.c b/fs/tracefs/event_inode.c
index f239b2b507a4..3eb6c622a74d 100644
--- a/fs/tracefs/event_inode.c
+++ b/fs/tracefs/event_inode.c
@@ -326,7 +326,6 @@ create_file_dentry(struct eventfs_inode *ei, int idx,
struct eventfs_attr *attr = NULL;
struct dentry **e_dentry = &ei->d_children[idx];
struct dentry *dentry;
- bool invalidate = false;
mutex_lock(&eventfs_mutex);
if (ei->is_freed) {
@@ -389,17 +388,14 @@ create_file_dentry(struct eventfs_inode *ei, int idx,
* Otherwise it means two dentries exist with the same name.
*/
WARN_ON_ONCE(!ei->is_freed);
- invalidate = true;
+ dentry = NULL;
}
mutex_unlock(&eventfs_mutex);
- if (invalidate)
- d_invalidate(dentry);
-
- if (lookup || invalidate)
+ if (lookup)
dput(dentry);
- return invalidate ? NULL : dentry;
+ return dentry;
}
/**
@@ -439,7 +435,6 @@ static struct dentry *
create_dir_dentry(struct eventfs_inode *pei, struct eventfs_inode *ei,
struct dentry *parent, bool lookup)
{
- bool invalidate = false;
struct dentry *dentry = NULL;
mutex_lock(&eventfs_mutex);
@@ -495,16 +490,14 @@ create_dir_dentry(struct eventfs_inode *pei, struct eventfs_inode *ei,
* Otherwise it means two dentries exist with the same name.
*/
WARN_ON_ONCE(!ei->is_freed);
- invalidate = true;
+ dentry = NULL;
}
mutex_unlock(&eventfs_mutex);
- if (invalidate)
- d_invalidate(dentry);
- if (lookup || invalidate)
+ if (lookup)
dput(dentry);
- return invalidate ? NULL : dentry;
+ return dentry;
}
/**
--
2.42.0
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [for-linus][PATCH 0/2] eventfs: Fixes for v6.7-rc2
2023-11-20 23:15 [for-linus][PATCH 0/2] eventfs: Fixes for v6.7-rc2 Steven Rostedt
2023-11-20 23:15 ` [for-linus][PATCH 1/2] eventfs: Remove expectation that ei->is_freed means ei->dentry == NULL Steven Rostedt
2023-11-20 23:15 ` [for-linus][PATCH 2/2] eventfs: Do not invalidate dentry in create_file/dir_dentry() Steven Rostedt
@ 2023-11-20 23:50 ` Steven Rostedt
2 siblings, 0 replies; 4+ messages in thread
From: Steven Rostedt @ 2023-11-20 23:50 UTC (permalink / raw)
To: linux-kernel; +Cc: Masami Hiramatsu, Mark Rutland, Andrew Morton
On Mon, 20 Nov 2023 18:15:53 -0500
Steven Rostedt <rostedt@goodmis.org> wrote:
> A couple of fixes to eventfs:
>
> - With the usage of simple_recursive_remove() recommended by Al Viro,
> the code should not be calling "d_invalidate()" itself. Doing so
> is causing crashes. The code was calling d_invalidate() on the race
> of trying to look up a file while the parent was being deleted.
> This was detected, and the added dentry was having d_invalidate() called
> on it, but the deletion of the directory was also calling d_invalidate()
> on that same dentry.
>
> - A fix to not free the eventfs_inode (ei) until the last dput() was called
> on its ei->dentry made the ei->dentry exist even after it was marked
> for free by setting the ei->is_freed. But code elsewhere still was
> checking if ei->dentry was NULL if ei->is_freed is set and would
> trigger WARN_ON if that was the case. That's no longer true and there
> should not be any warnings when it is true.
>
> Steven Rostedt (Google) (2):
> eventfs: Remove expectation that ei->is_freed means ei->dentry == NULL
> eventfs: Do not invalidate dentry in create_file/dir_dentry()
>
> ----
> fs/tracefs/event_inode.c | 41 ++++++++++++++++++-----------------------
> 1 file changed, 18 insertions(+), 23 deletions(-)
Oops, used the "for-linus" script when this was suppose to be just a normal
"PATCH" script :-p
-- Steve
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2023-11-20 23:50 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-11-20 23:15 [for-linus][PATCH 0/2] eventfs: Fixes for v6.7-rc2 Steven Rostedt
2023-11-20 23:15 ` [for-linus][PATCH 1/2] eventfs: Remove expectation that ei->is_freed means ei->dentry == NULL Steven Rostedt
2023-11-20 23:15 ` [for-linus][PATCH 2/2] eventfs: Do not invalidate dentry in create_file/dir_dentry() Steven Rostedt
2023-11-20 23:50 ` [for-linus][PATCH 0/2] eventfs: Fixes for v6.7-rc2 Steven Rostedt
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).