diff options
| author | Jan Kara <jack@suse.cz> | 2010-09-15 11:38:58 -0400 |
|---|---|---|
| committer | Jan Kara <jack@suse.cz> | 2011-01-12 13:14:55 -0500 |
| commit | f00c9e44ad1a9660fe8cd3ca15b6cd9497172eab (patch) | |
| tree | cbb47ae0d8aba9d8b3c44714b000156715cdf969 /fs/quota | |
| parent | 4162cf64973df51fc885825bc9ca4d055891c49f (diff) | |
quota: Fix deadlock during path resolution
As Al Viro pointed out path resolution during Q_QUOTAON calls to quotactl
is prone to deadlocks. We hold s_umount semaphore for reading during the
path resolution and resolution itself may need to acquire the semaphore
for writing when e. g. autofs mountpoint is passed.
Solve the problem by performing the resolution before we get hold of the
superblock (and thus s_umount semaphore). The whole thing is complicated
by the fact that some filesystems (OCFS2) ignore the path argument. So to
distinguish between filesystem which want the path and which do not we
introduce new .quota_on_meta callback which does not get the path. OCFS2
then uses this callback instead of old .quota_on.
CC: Al Viro <viro@ZenIV.linux.org.uk>
CC: Christoph Hellwig <hch@lst.de>
CC: Ted Ts'o <tytso@mit.edu>
CC: Joel Becker <joel.becker@oracle.com>
Signed-off-by: Jan Kara <jack@suse.cz>
Diffstat (limited to 'fs/quota')
| -rw-r--r-- | fs/quota/dquot.c | 18 | ||||
| -rw-r--r-- | fs/quota/quota.c | 41 |
2 files changed, 29 insertions, 30 deletions
diff --git a/fs/quota/dquot.c b/fs/quota/dquot.c index 84becd3e4772..a2a622e079f0 100644 --- a/fs/quota/dquot.c +++ b/fs/quota/dquot.c | |||
| @@ -2189,8 +2189,8 @@ int dquot_resume(struct super_block *sb, int type) | |||
| 2189 | } | 2189 | } |
| 2190 | EXPORT_SYMBOL(dquot_resume); | 2190 | EXPORT_SYMBOL(dquot_resume); |
| 2191 | 2191 | ||
| 2192 | int dquot_quota_on_path(struct super_block *sb, int type, int format_id, | 2192 | int dquot_quota_on(struct super_block *sb, int type, int format_id, |
| 2193 | struct path *path) | 2193 | struct path *path) |
| 2194 | { | 2194 | { |
| 2195 | int error = security_quota_on(path->dentry); | 2195 | int error = security_quota_on(path->dentry); |
| 2196 | if (error) | 2196 | if (error) |
| @@ -2204,20 +2204,6 @@ int dquot_quota_on_path(struct super_block *sb, int type, int format_id, | |||
| 2204 | DQUOT_LIMITS_ENABLED); | 2204 | DQUOT_LIMITS_ENABLED); |
| 2205 | return error; | 2205 | return error; |
| 2206 | } | 2206 | } |
| 2207 | EXPORT_SYMBOL(dquot_quota_on_path); | ||
| 2208 | |||
| 2209 | int dquot_quota_on(struct super_block *sb, int type, int format_id, char *name) | ||
| 2210 | { | ||
| 2211 | struct path path; | ||
| 2212 | int error; | ||
| 2213 | |||
| 2214 | error = kern_path(name, LOOKUP_FOLLOW, &path); | ||
| 2215 | if (!error) { | ||
| 2216 | error = dquot_quota_on_path(sb, type, format_id, &path); | ||
| 2217 | path_put(&path); | ||
| 2218 | } | ||
| 2219 | return error; | ||
| 2220 | } | ||
| 2221 | EXPORT_SYMBOL(dquot_quota_on); | 2207 | EXPORT_SYMBOL(dquot_quota_on); |
| 2222 | 2208 | ||
| 2223 | /* | 2209 | /* |
diff --git a/fs/quota/quota.c b/fs/quota/quota.c index b299961e1edb..b34bdb25490c 100644 --- a/fs/quota/quota.c +++ b/fs/quota/quota.c | |||
| @@ -64,18 +64,15 @@ static int quota_sync_all(int type) | |||
| 64 | } | 64 | } |
| 65 | 65 | ||
| 66 | static int quota_quotaon(struct super_block *sb, int type, int cmd, qid_t id, | 66 | static int quota_quotaon(struct super_block *sb, int type, int cmd, qid_t id, |
| 67 | void __user *addr) | 67 | struct path *path) |
| 68 | { | 68 | { |
| 69 | char *pathname; | 69 | if (!sb->s_qcop->quota_on && !sb->s_qcop->quota_on_meta) |
| 70 | int ret = -ENOSYS; | 70 | return -ENOSYS; |
| 71 | 71 | if (sb->s_qcop->quota_on_meta) | |
| 72 | pathname = getname(addr); | 72 | return sb->s_qcop->quota_on_meta(sb, type, id); |
| 73 | if (IS_ERR(pathname)) | 73 | if (IS_ERR(path)) |
| 74 | return PTR_ERR(pathname); | 74 | return PTR_ERR(path); |
| 75 | if (sb->s_qcop->quota_on) | 75 | return sb->s_qcop->quota_on(sb, type, id, path); |
| 76 | ret = sb->s_qcop->quota_on(sb, type, id, pathname); | ||
| 77 | putname(pathname); | ||
| 78 | return ret; | ||
| 79 | } | 76 | } |
| 80 | 77 | ||
| 81 | static int quota_getfmt(struct super_block *sb, int type, void __user *addr) | 78 | static int quota_getfmt(struct super_block *sb, int type, void __user *addr) |
| @@ -241,7 +238,7 @@ static int quota_getxquota(struct super_block *sb, int type, qid_t id, | |||
| 241 | 238 | ||
| 242 | /* Copy parameters and call proper function */ | 239 | /* Copy parameters and call proper function */ |
| 243 | static int do_quotactl(struct super_block *sb, int type, int cmd, qid_t id, | 240 | static int do_quotactl(struct super_block *sb, int type, int cmd, qid_t id, |
| 244 | void __user *addr) | 241 | void __user *addr, struct path *path) |
| 245 | { | 242 | { |
| 246 | int ret; | 243 | int ret; |
| 247 | 244 | ||
| @@ -256,7 +253,7 @@ static int do_quotactl(struct super_block *sb, int type, int cmd, qid_t id, | |||
| 256 | 253 | ||
| 257 | switch (cmd) { | 254 | switch (cmd) { |
| 258 | case Q_QUOTAON: | 255 | case Q_QUOTAON: |
| 259 | return quota_quotaon(sb, type, cmd, id, addr); | 256 | return quota_quotaon(sb, type, cmd, id, path); |
| 260 | case Q_QUOTAOFF: | 257 | case Q_QUOTAOFF: |
| 261 | if (!sb->s_qcop->quota_off) | 258 | if (!sb->s_qcop->quota_off) |
| 262 | return -ENOSYS; | 259 | return -ENOSYS; |
| @@ -335,6 +332,7 @@ SYSCALL_DEFINE4(quotactl, unsigned int, cmd, const char __user *, special, | |||
| 335 | { | 332 | { |
| 336 | uint cmds, type; | 333 | uint cmds, type; |
| 337 | struct super_block *sb = NULL; | 334 | struct super_block *sb = NULL; |
| 335 | struct path path, *pathp = NULL; | ||
| 338 | int ret; | 336 | int ret; |
| 339 | 337 | ||
| 340 | cmds = cmd >> SUBCMDSHIFT; | 338 | cmds = cmd >> SUBCMDSHIFT; |
| @@ -351,12 +349,27 @@ SYSCALL_DEFINE4(quotactl, unsigned int, cmd, const char __user *, special, | |||
| 351 | return -ENODEV; | 349 | return -ENODEV; |
| 352 | } | 350 | } |
| 353 | 351 | ||
| 352 | /* | ||
| 353 | * Path for quotaon has to be resolved before grabbing superblock | ||
| 354 | * because that gets s_umount sem which is also possibly needed by path | ||
| 355 | * resolution (think about autofs) and thus deadlocks could arise. | ||
| 356 | */ | ||
| 357 | if (cmds == Q_QUOTAON) { | ||
| 358 | ret = user_path_at(AT_FDCWD, addr, LOOKUP_FOLLOW, &path); | ||
| 359 | if (ret) | ||
| 360 | pathp = ERR_PTR(ret); | ||
| 361 | else | ||
| 362 | pathp = &path; | ||
| 363 | } | ||
| 364 | |||
| 354 | sb = quotactl_block(special); | 365 | sb = quotactl_block(special); |
| 355 | if (IS_ERR(sb)) | 366 | if (IS_ERR(sb)) |
| 356 | return PTR_ERR(sb); | 367 | return PTR_ERR(sb); |
| 357 | 368 | ||
| 358 | ret = do_quotactl(sb, type, cmds, id, addr); | 369 | ret = do_quotactl(sb, type, cmds, id, addr, pathp); |
| 359 | 370 | ||
| 360 | drop_super(sb); | 371 | drop_super(sb); |
| 372 | if (pathp && !IS_ERR(pathp)) | ||
| 373 | path_put(pathp); | ||
| 361 | return ret; | 374 | return ret; |
| 362 | } | 375 | } |