From: James Simmons <jsimmons@infradead.org>
To: lustre-devel@lists.lustre.org
Subject: [lustre-devel] [PATCH 15/18] lustre: llite: don't hold inode_lock for security notify
Date: Wed, 1 Jul 2020 20:04:55 -0400 [thread overview]
Message-ID: <1593648298-10571-16-git-send-email-jsimmons@infradead.org> (raw)
In-Reply-To: <1593648298-10571-1-git-send-email-jsimmons@infradead.org>
From: Alexander Boyko <alexander.boyko@hpe.com>
With selinux enabled client has a dead lock which leads to
client eviction from MDS.
1 thread 2 thread
do file open do stat
inode_lock(parend dir)
got LDLM_PR(parent dir)
enqueue LDLM_CW(parent dir) waits on inode_lock to notify security
waits
timeout on enqueue
and client eviction because client didn't cancel a LDLM_PR lock
security_inode_notifysecctx()->selinux_inode_notifysecctx()->
selinux_inode_setsecurity()
The call of selinux_inode_setsecurity doesn't need to hold
inode_lock.
Fixes: f4d3cf7642 ("lustre: llite: set sec ctx on client's inode at create time")
Cray-bug-id: LUS-8924
WC-bug-id: https://jira.whamcloud.com/browse/LU-13617
Lustre-commit: f87359b51f61a ("LU-13617 llite: don't hold inode_lock for security notify")
Signed-off-by: Alexander Boyko <alexander.boyko@hpe.com>
Reviewed-on: https://review.whamcloud.com/38792
Reviewed-by: Sebastien Buisson <sbuisson@ddn.com>
Reviewed-by: Andrew Perepechko <andrew.perepechko@hpe.com>
Reviewed-by: Oleg Drokin <green@whamcloud.com>
Signed-off-by: James Simmons <jsimmons@infradead.org>
---
fs/lustre/llite/dir.c | 6 ++++--
fs/lustre/llite/namei.c | 18 ++++++++++++------
2 files changed, 16 insertions(+), 8 deletions(-)
diff --git a/fs/lustre/llite/dir.c b/fs/lustre/llite/dir.c
index 463c5d7..e3305f7 100644
--- a/fs/lustre/llite/dir.c
+++ b/fs/lustre/llite/dir.c
@@ -489,11 +489,13 @@ static int ll_dir_setdirstripe(struct dentry *dparent, struct lmv_user_md *lump,
dentry.d_inode = inode;
if (sbi->ll_flags & LL_SBI_FILE_SECCTX) {
- inode_lock(inode);
+ /* no need to protect selinux_inode_setsecurity() by
+ * inode_lock. Taking it would lead to a client deadlock
+ * LU-13617
+ */
err = security_inode_notifysecctx(inode,
op_data->op_file_secctx,
op_data->op_file_secctx_size);
- inode_unlock(inode);
} else {
err = ll_inode_init_security(&dentry, inode, parent);
}
diff --git a/fs/lustre/llite/namei.c b/fs/lustre/llite/namei.c
index 2353a8f..251d6be 100644
--- a/fs/lustre/llite/namei.c
+++ b/fs/lustre/llite/namei.c
@@ -659,10 +659,12 @@ static int ll_lookup_it_finish(struct ptlrpc_request *request,
}
if (secctx && secctxlen != 0) {
- inode_lock(inode);
+ /* no need to protect selinux_inode_setsecurity() by
+ * inode_lock. Taking it would lead to a client deadlock
+ * LU-13617
+ */
rc = security_inode_notifysecctx(inode, secctx,
secctxlen);
- inode_unlock(inode);
if (rc)
CWARN("cannot set security context for " DFID ": rc = %d\n",
PFID(ll_inode2fid(inode)), rc);
@@ -1198,13 +1200,15 @@ static int ll_create_it(struct inode *dir, struct dentry *dentry,
return PTR_ERR(inode);
if ((ll_i2sbi(inode)->ll_flags & LL_SBI_FILE_SECCTX) && secctx) {
- inode_lock(inode);
/* must be done before d_instantiate, because it calls
* security_d_instantiate, which means a getxattr if security
* context is not set yet
*/
+ /* no need to protect selinux_inode_setsecurity() by
+ * inode_lock. Taking it would lead to a client deadlock
+ * LU-13617
+ */
rc = security_inode_notifysecctx(inode, secctx, secctxlen);
- inode_unlock(inode);
if (rc)
return rc;
}
@@ -1370,15 +1374,17 @@ static int ll_new_node(struct inode *dir, struct dentry *dentry,
goto err_exit;
if (sbi->ll_flags & LL_SBI_FILE_SECCTX) {
- inode_lock(inode);
/* must be done before d_instantiate, because it calls
* security_d_instantiate, which means a getxattr if security
* context is not set yet
*/
+ /* no need to protect selinux_inode_setsecurity() by
+ * inode_lock. Taking it would lead to a client deadlock
+ * LU-13617
+ */
err = security_inode_notifysecctx(inode,
op_data->op_file_secctx,
op_data->op_file_secctx_size);
- inode_unlock(inode);
if (err)
goto err_exit;
}
--
1.8.3.1
next prev parent reply other threads:[~2020-07-02 0:04 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-07-02 0:04 [lustre-devel] [PATCH 00/18] Port of OpenSFS landing as of July 1, 2020 James Simmons
2020-07-02 0:04 ` [lustre-devel] [PATCH 01/18] lnet: restore an maximal fragments count James Simmons
2020-07-02 0:04 ` [lustre-devel] [PATCH 02/18] lnet: o2ib: fix page mapping error James Simmons
2020-07-02 0:04 ` [lustre-devel] [PATCH 03/18] lustre: sec: encryption for write path James Simmons
2020-07-02 0:04 ` [lustre-devel] [PATCH 04/18] lustre: sec: decryption for read path James Simmons
2020-07-02 0:04 ` [lustre-devel] [PATCH 05/18] lustre: sec: deal with encrypted object size James Simmons
2020-07-02 0:04 ` [lustre-devel] [PATCH 06/18] lustre: sec: support truncate for encrypted files James Simmons
2020-07-02 0:04 ` [lustre-devel] [PATCH 07/18] lustre: ptlrpc: limit rate of lock replays James Simmons
2020-07-02 0:04 ` [lustre-devel] [PATCH 08/18] lustre: mdc: chlg device could be used after free James Simmons
2020-07-02 0:04 ` [lustre-devel] [PATCH 09/18] lustre: llite: bind kthread thread to accepted node set James Simmons
2020-07-02 0:04 ` [lustre-devel] [PATCH 10/18] lustre: lov: use lov_pattern_support() to verify lmm James Simmons
2020-07-02 0:04 ` [lustre-devel] [PATCH 11/18] lustre: llite: truncate deadlock with DoM files James Simmons
2020-07-02 0:04 ` [lustre-devel] [PATCH 12/18] lnet: Skip health and resends for single rail configs James Simmons
2020-07-02 0:04 ` [lustre-devel] [PATCH 13/18] lustre: sec: ioctls to handle encryption policies James Simmons
2020-07-02 0:04 ` [lustre-devel] [PATCH 14/18] lnet: define new network driver ptl4lnd James Simmons
2020-07-02 0:04 ` James Simmons [this message]
2020-07-02 0:04 ` [lustre-devel] [PATCH 16/18] lustre: mdt: don't fetch LOOKUP lock for remote object James Simmons
2020-07-02 0:04 ` [lustre-devel] [PATCH 17/18] lustre: obd: add new LPROCFS_TYPE_* James Simmons
2020-07-02 0:04 ` [lustre-devel] [PATCH 18/18] lnet: handle undefined parameters James Simmons
2020-07-02 4:47 ` [lustre-devel] [PATCH 00/18] Port of OpenSFS landing as of July 1, 2020 NeilBrown
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1593648298-10571-16-git-send-email-jsimmons@infradead.org \
--to=jsimmons@infradead.org \
--cc=lustre-devel@lists.lustre.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).